Jump to content


Photo

Hijacked Browser & Other Issues


  • This topic is locked This topic is locked
14 replies to this topic

#1 cappri

cappri

    Member

  • Full Member
  • Pip
  • 16 posts

Posted 10 June 2007 - 10:51 PM

For the past few weeks my web browsers (Mozilla & IE, latest versions) have lost certain functionalities.

Whenever I receive e-mails or try to visit sites like J. Crew and Anthropologie, my browser either fails to display the images on the page or the entire page itself. Instead, it automatically redirects to other pages, some URLs being:

thumbdom.net
hotproductz.com
freeloadmp3.com
ThisPageIsNotAvailable.com
Eromans.com
SheMaleShow.net

etc

Also, my browser/computer can no longer play .wmv videos from the internet

Finally, though I'm not sure if this arises from a mal/spyware problem, but I've noticed that my System Restore never successfully completes whenever I try to restore it to an earlier checkpoint. It always says that it cannot restore to its previous configuration. Is this a Windows difficulty and could this somehow be linked to a virus/malware?

Norton has detected a low/medium risk threat
Ewido/AVG has detected a high risk threat: Trojan.DNSChanger.ih

I followed the instructions in the FAQ. I ran Ad-Aware, Spybot, Ewido, HijackThis, and plan to run one or two more of the recommended online scanners while I wait for a reply.

Here are my Ewido and HijackThis logs:

**This is actually a cut down log, because the original (which I can send if needed) was about 20mb and 10 million characters (2000+ pages in Word) and had alot of redundant lines...w/ a digit or 2 between similar lines.
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 9:22:52 PM 6/10/2007

+ Scan result:

:mozilla.203:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.247realmedia : Cleaned.
:mozilla.212:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.247realmedia : Cleaned.
:mozilla.231:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.247realmedia : Cleaned.
:mozilla.6:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.10:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.179:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.181:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.190:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.205:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.210:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.364:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.373:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.392:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.8:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.9:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT\01158985.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.70:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.80:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.90:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT\01158331.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.20:C:\RECYCLER\NPROTECT\01158332.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.30:C:\RECYCLER\NPROTECT\01158311.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.45:C:\RECYCLER\NPROTECT\01158747.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.50:C:\RECYCLER\NPROTECT\01158747.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.60:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.78:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.80:C:\RECYCLER\NPROTECT\01158985.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.9:C:\RECYCLER\NPROTECT\01158331.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT\01158925.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.20:C:\RECYCLER\NPROTECT\01158303.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.32:C:\RECYCLER\NPROTECT\01156452.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.40:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.48:C:\RECYCLER\NPROTECT\01154745.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.51:C:\RECYCLER\NPROTECT\01158747.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.61:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.6:C:\RECYCLER\NPROTECT\01158358.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.7:C:\RECYCLER\NPROTECT\01158352.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT\01156983.MOZ -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.120:C:\RECYCLER\NPROTECT\01158834.MOZ -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.137:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.140:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.577:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.141:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Burstnet : Cleaned.
:mozilla.150:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Burstnet : Cleaned.
:mozilla.170:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Burstnet : Cleaned.
:mozilla.664:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.69:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.70:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.299:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.300:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.310:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.327:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.330:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.11:C:\RECYCLER\NPROTECT\01158331.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.20:C:\RECYCLER\NPROTECT\01157017.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.31:C:\RECYCLER\NPROTECT\01158365.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.40:C:\RECYCLER\NPROTECT\01158303.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.50:C:\RECYCLER\NPROTECT\01158617.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.60:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.74:C:\RECYCLER\NPROTECT\01158831.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.7:C:\RECYCLER\NPROTECT\01156219.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.80:C:\RECYCLER\NPROTECT\01158884.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.94:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT\01158617.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.117:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.117:C:\RECYCLER\NPROTECT\01158747.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.118:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.120:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.130:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.140:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.150:C:\RECYCLER\NPROTECT\01156983.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.160:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.16:C:\RECYCLER\NPROTECT\01158800.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.170:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.180:C:\RECYCLER\NPROTECT\01157002.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.181:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.193:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.200:C:\RECYCLER\NPROTECT\01158985.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.221:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\01158819.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.31:C:\RECYCLER\NPROTECT\01158848.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.372:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.380:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.390:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.400:C:\RECYCLER\NPROTECT\01156409.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.401:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.40:C:\RECYCLER\NPROTECT\01158884.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.410:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.41:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.56:C:\RECYCLER\NPROTECT\01156216.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.60:C:\RECYCLER\NPROTECT\01156983.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.71:C:\RECYCLER\NPROTECT\01158770.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.80:C:\RECYCLER\NPROTECT\01158831.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.91:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.120:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.141:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.183:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.192:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.211:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.214:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.678:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.227:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.230:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.240:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.255:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.262:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.216:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.270:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.280:C:\RECYCLER\NPROTECT\01156409.MOZ -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.295:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.243:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.252:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.271:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.176:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Netflame : Cleaned.
:mozilla.180:C:\RECYCLER\NPROTECT\01158770.MOZ -> TrackingCookie.Netflame : Cleaned.
:mozilla.190:C:\RECYCLER\NPROTECT\01158884.MOZ -> TrackingCookie.Netflame : Cleaned.
:mozilla.204:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Netflame : Cleaned.
:mozilla.452:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.121:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Overture : Cleaned.
:mozilla.131:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Overture : Cleaned.
:mozilla.150:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Overture : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.21:C:\RECYCLER\NPROTECT\01158770.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.35:C:\RECYCLER\NPROTECT\01158782.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.43:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.50:C:\RECYCLER\NPROTECT\01158867.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.69:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.701:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.71:C:\RECYCLER\NPROTECT\01159105.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.95:C:\RECYCLER\NPROTECT\01159138.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.29:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.30:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.356:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.360:C:\RECYCLER\NPROTECT\01158617.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.370:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.384:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.390:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT\01158867.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.126:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.130:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.373:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.91:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.104:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.397:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.66:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.70:C:\RECYCLER\NPROTECT\01156983.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.80:C:\RECYCLER\NPROTECT\01158795.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.90:C:\RECYCLER\NPROTECT\01158867.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.159:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.160:C:\RECYCLER\NPROTECT\01158617.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.170:C:\RECYCLER\NPROTECT\01156427.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.187:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.190:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.409:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.410:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.206:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.207:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.208:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.209:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.210:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.220:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.234:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.240:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.25:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.447:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.451:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Kathleen Li\Cookies\kathleen li@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.140:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.150:C:\RECYCLER\NPROTECT\01154745.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.160:C:\RECYCLER\NPROTECT\01158848.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.170:C:\RECYCLER\NPROTECT\01159105.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.178:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.458:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.460:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Kathleen Li\Cookies\kathleen li@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.491:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.59:C:\RECYCLER\NPROTECT\01154668.MOZ -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.60:C:\RECYCLER\NPROTECT\01156219.MOZ -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.70:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.81:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.13:C:\RECYCLER\NPROTECT\01158891.MOZ -> TrackingCookie.Webtrends : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\01159136.MOZ -> TrackingCookie.Webtrends : Cleaned.
:mozilla.44:C:\RECYCLER\NPROTECT\01159138.MOZ -> TrackingCookie.Webtrends : Cleaned.
:mozilla.619:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.7:C:\RECYCLER\NPROTECT\01158925.MOZ -> TrackingCookie.Webtrends : Cleaned.
:mozilla.383:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.392:C:\RECYCLER\NPROTECT\01158821.MOZ -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.411:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.296:C:\RECYCLER\NPROTECT\01158608.MOZ -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.300:C:\RECYCLER\NPROTECT\01158623.MOZ -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.310:C:\RECYCLER\NPROTECT\01154700.MOZ -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.324:C:\RECYCLER\NPROTECT\01159126.MOZ -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.561:C:\Documents and Settings\Kathleen Li\Application Data\Mozilla\Firefox\Profiles\urf9ooay.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
[232] VM_00DE0000 -> Trojan.DNSChanger.ih : Cleaned with backup (quarantined).
[256] VM_00CC0000 -> Trojan.DNSChanger.ih : Cleaned with backup (quarantined).
[796] VM_00A30000 -> Trojan.DNSChanger.ih : Cleaned with backup (quarantined).


::Report end
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:26:42 PM, on 6/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\USBMonit.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Kathleen Li\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [AppMon Utility] C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe @@@Start
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\system32\USBMonit.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1153333258947
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F24F002-6749-4FCB-A2ED-5D9E92394F3F}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{314AD573-BD2E-454D-BAB9-5B9F7378D9E4}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B825E89-8A7C-4CFB-9EC4-D426B3C4B2FE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9F661B3-6040-4EDB-96F5-B292F9C7E214}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF4EDCF0-1E48-4AFA-9BC2-BDC3E8
E5F434}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F24F002-6749-4FCB-A2ED-5D9E92394F3F}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 17156 bytes

Edited by cappri, 10 June 2007 - 11:19 PM.


#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 13 June 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#3 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,093 posts

Posted 18 June 2007 - 10:45 AM

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download FixWareout from this site:
http://downloads.sub.../Fixwareout.exe

Save it to your desktop and run it. Click Next, then Install, then make sure "Run fixit" is checked and click Finish. The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

When your system reboots, follow the prompts. Afterwards, HijackThis will launch. Please click Scan, and check the following items:

O17 - HKLM\System\CCS\Services\Tcpip\..\{2F24F002-6749-4FCB-A2ED-5D9E92394F3F}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{314AD573-BD2E-454D-BAB9-5B9F7378D9E4}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B825E89-8A7C-4CFB-9EC4-D426B3C4B2FE}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9F661B3-6040-4EDB-96F5-B292F9C7E214}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF4EDCF0-1E48-4AFA-9BC2-BDC3E8
E5F434}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F24F002-6749-4FCB-A2ED-5D9E92394F3F}: NameServer = 85.255.115.35,85.255.112.122
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.35 85.255.112.122


Click Fix Checked. Close HijackThis, and click OK to proceed.

At the end of the fix, you need to restart your computer again.

Note:

If you have problems with your internet connection after this fix, try this.
Please go to Start -> Control Panel, and choose Network Connections. Then right click on your default connection, usually Local Area Connection or Dial-up Connection if you are using Dial-up, and left click on properties. Double-click on the Internet Protocol (TCP/IP) item and select the radio button that says Obtain DNS servers automatically. Click OK twice, and restart your computer.


If the O17 remains or you still have difficulties in getting to a site, Flush the DSN.
Go start > run type cmd and hit OK
type
ipconfig /flushdns <-- (The space between g and / is needed)

Then hit Enter, type Exit, hit Enter

Finally, please post the contents of the logfile C:\fixwareout\report.txt, along with a new HijackThis log.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,093 posts

Posted 29 June 2007 - 08:02 AM

Due to the lack of feedback this Topic is closed.

[Reopened]

Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,317 posts

Posted 14 August 2007 - 01:26 AM

Reopened at request of topic owner.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#6 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,093 posts

Posted 14 August 2007 - 07:41 AM

cappri

I'm listening. Submit a fresh HijackThis log and let me know what problem remains.

Before you do submit your log, update HijackThis.

Please do the following to download and install the latest version of HijackThis v2.0.2:

CLICK HERE to download the HijackThis Installer:
  • Save HJTInstall.exe to your desktop.
  • Double-click on HJTInstall.exe to run the program.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis.
  • Accept the license agreement by clicking the "I Accept" button.
  • Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
  • Click "Save log" to save the log file and then the log will open in Notepad.
  • Click on "Edit -> Select All" then click on "Edit -> Copy" to copy the entire contents of the log.
  • Come back here to this thread and paste the log in your next reply.
  • Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.
Delete the older version once you have successfully downloaded and installed the latest version.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#7 cappri

cappri

    Member

  • Full Member
  • Pip
  • 16 posts

Posted 15 August 2007 - 10:03 PM

Hello,

Thank you so much for your rapid response!

I stumbled upon my thread while I was searching for solutions to my old problem.
Whenever I ran AVG 7.5 (Ewido), a Trojan.DNSChanger.ih would always show up, no matter how many scans I ran. I googled it and through some other solutions I cleaned the registry NameServer and Dhcp entries. I also ran the Fixit.exe that you provided, as well as HJT as you requested.

Though I can now view sites that were once hijacked (i.e. Jcrew.com, anthropologie.com), I'm still not sure that my computer is virus free.
Also, I'm still having problems viewing .wmv files from the web.
My computer also has trouble ending some processes, even when I specifically go into the task manager and try to shut them down there. When these processes hang, my computer takes a very long time to shut down.

»»»»»Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdety.exe"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.115.35 85.255.112.122" <Value cleared.


»»»»» Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
....
»»»»» Misc files.
....
»»»»» Checking for older varients.
....
»»»»» Other
C:\WINDOWS\Temp\kdety.ren 63454 08/04/2004

»»»»» Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\\Program Files\\Apoint\\Apoint.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"SonyPowerCfg"="C:\\Program Files\\Sony\\VAIO Power Management\\SPMgr.exe"
"IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe"
"ISBMgr.exe"="C:\\Program Files\\Sony\\ISB Utility\\ISBMgr.exe"
"VAIO Update 2"="\"C:\\Program Files\\Sony\\VAIO Update 2\\VAIOUpdt.exe\" /Stationary"
"AppMon Utility"="C:\\Program Files\\Sony\\AppMonUtil\\AppMonUtility.exe @@@Start"
"Switcher.exe"="C:\\Program Files\\Sony\\Wireless Switch Setting Utility\\Switcher.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"VAIOCameraUtility"="\"C:\\Program Files\\Sony\\VAIO Camera Utility\\VCUServe.exe\""
"VAIO Recovery"="C:\\WINDOWS\\Sonysys\\VAIO Recovery\\PartSeal.exe"
"DeadAIM"="rundll32.exe \"C:\\PROGRA~1\\AIM\\\\DeadAIM.ocm\",ExportedCheckODLs"
"Microsoft Works Update Detection"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"PartSeal"="C:\\WINDOWS\\Sonysys\\VAIO Recovery\\PartSeal.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
"Gene USB Monitor"="C:\\WINDOWS\\system32\\USBMonit.exe"
"Symantec PIF AlertEng"="\"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PIFSvc.exe\" /a /m \"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\AlertEng.dll\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"googletalk"="\"C:\\Program Files\\Google\\Google Talk\\googletalk.exe\" /autostart"
....
Hosts file was reset, If you use a custom hosts file please replace it
»»»»» End report »»»»»




Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 5:34:06 PM, on 8/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\USBMonit.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Kathleen Li\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [AppMon Utility] C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe @@@Start
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\system32\USBMonit.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1153333258947
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 16020 bytes


Thank you!!!

Edited by cappri, 15 August 2007 - 10:05 PM.


#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,093 posts

Posted 16 August 2007 - 07:49 AM

Hi,

Nothing suspicious was found on your log. I can only suggest that you get the latest Java version.

Updating Java
  • Download the latest version of Java Runtime Environment (JRE) 6u2.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    - Examples of older versions in Add or Remove Programs:
    • Java 2 Runtime Environment, SE v1.4.2
    • J2SE Runtime Environment 5.0
    • J2SE Runtime Environment 5.0 Update 6
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions. <- important.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u2-windows-i586-p.exe to install the newest version.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#9 cappri

cappri

    Member

  • Full Member
  • Pip
  • 16 posts

Posted 17 August 2007 - 04:14 PM

Hi, thank you for your response.

Thank you for the suggestion to upgrade Java. I would, except my college has asked us not to quite yet because their systems have yet to be upgraded to be compatible with Java 6.

It's also great to hear that my HJT log didn't show any problems, but when I ran AVG 7.5 last night, it still produced the Trojan.DNSChanger.ih virus. Does that mean that something is still left on my computer? Since when i fixed those registry entries, I went in manually and simply deleted those values from the registry fields.

I'm posting the log here. Actually, it's an extremely abbreviated version, because my AVG log keeps on showing hundreds of Tracking Cookie results that are a digit or two off. Does this indicate a problem, at all?


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:25:42 PM 8/17/2007

+ Scan result:



:mozilla.105:C:\RECYCLER\NPROTECT058556.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT057934.MOZ -> TrackingCookie.Addynamix : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT057851.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT057995.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT055719.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT055738.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT055741.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT055743.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT055745.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT055833.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT056105.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT056295.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT056321.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT056325.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.11:C:\RECYCLER\NPROTECT055712.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.11:C:\RECYCLER\NPROTECT055719.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.11:C:\RECYCLER\NPROTECT055741.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.11:C:\RECYCLER\NPROTECT055743.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.11:C:\RECYCLER\NPROTECT056105.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.11:C:\RECYCLER\NPROTECT056321.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.11:C:\RECYCLER\NPROTECT056325.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.12:C:\RECYCLER\NPROTECT055712.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.12:C:\RECYCLER\NPROTECT055743.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.12:C:\RECYCLER\NPROTECT055838.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.12:C:\RECYCLER\NPROTECT055859.MOZ -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT055712.MOZ -> TrackingCookie.Atdmt : Error during cleaning.
:mozilla.10:C:\RECYCLER\NPROTECT056781.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT056826.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT056834.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT058432.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.11:C:\RECYCLER\NPROTECT055745.MOZ -> TrackingCookie.Atdmt : Error during cleaning.
:mozilla.11:C:\RECYCLER\NPROTECT055833.MOZ -> TrackingCookie.Atdmt : Error during cleaning.
:mozilla.106:C:\RECYCLER\NPROTECT058525.MOZ -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT058516.MOZ -> TrackingCookie.Burstnet : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT058519.MOZ -> TrackingCookie.Burstnet : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT058478.MOZ -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.13:C:\RECYCLER\NPROTECT058532.MOZ -> TrackingCookie.Cnn : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT056614.MOZ -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT056632.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.12:C:\RECYCLER\NPROTECT058580.MOZ -> TrackingCookie.Esomniture : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT058556.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT058430.MOZ -> TrackingCookie.Liveperson : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT058430.MOZ -> TrackingCookie.Overture : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT056445.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.28:C:\RECYCLER\NPROTECT055712.MOZ -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.28:C:\RECYCLER\NPROTECT055719.MOZ -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.28:C:\RECYCLER\NPROTECT055738.MOZ -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.28:C:\RECYCLER\NPROTECT055741.MOZ -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.28:C:\RECYCLER\NPROTECT055743.MOZ -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.28:C:\RECYCLER\NPROTECT055745.MOZ -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.28:C:\RECYCLER\NPROTECT055833.MOZ -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.100:C:\RECYCLER\NPROTECT058532.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT057957.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.41:C:\RECYCLER\NPROTECT056053.MOZ -> TrackingCookie.Questionmarket : Error during cleaning.
:mozilla.41:C:\RECYCLER\NPROTECT056094.MOZ -> TrackingCookie.Questionmarket : Error during cleaning.
:mozilla.41:C:\RECYCLER\NPROTECT056097.MOZ -> TrackingCookie.Questionmarket : Error during cleaning.
:mozilla.43:C:\RECYCLER\NPROTECT056975.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.43:C:\RECYCLER\NPROTECT056991.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT058580.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT058546.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT058525.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.109:C:\RECYCLER\NPROTECT058525.MOZ -> TrackingCookie.Statcounter : Cleaned.
:mozilla.10:C:\RECYCLER\NPROTECT058703.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT057995.MOZ -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT058478.MOZ -> TrackingCookie.Valueclick : Cleaned.
:mozilla.100:C:\RECYCLER\NPROTECT058701.MOZ -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.41:C:\RECYCLER\NPROTECT055712.MOZ -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.41:C:\RECYCLER\NPROTECT055719.MOZ -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.41:C:\RECYCLER\NPROTECT055738.MOZ -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.41:C:\RECYCLER\NPROTECT055741.MOZ -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.41:C:\RECYCLER\NPROTECT055743.MOZ -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.100:C:\RECYCLER\NPROTECT057934.MOZ -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{084D6A12-E789-4DC9-9269-43F141BC0A1F}\RP350\A0064372.exe -> Trojan.DNSChanger.ih : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\kdety.ren -> Trojan.DNSChanger.ih : Cleaned with backup (quarantined).


Thanks very much!

Edited by cappri, 17 August 2007 - 04:34 PM.


#10 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,093 posts

Posted 18 August 2007 - 08:05 AM

Clean yor Domains setttings.

Download: DelDomains.inf
http://mvps.org/winh.../DelDomains.inf
Right-click on the deldomains.inf file and select 'Install'.

Let me know if the problem persists.

p.s.
Your Java version is prone to the Vundo infections. Tell the I.T. department.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#11 cappri

cappri

    Member

  • Full Member
  • Pip
  • 16 posts

Posted 20 August 2007 - 09:44 PM

Thank you for your reply and the advice about Java and clearing my domains.

I did as you said I should, and I am no longer getting the various IE popups that used to appear.

However, my AVG 7.5 and Spybot S&D are still picking up many tracking cookies. AVG 7.5 frequently picks up 3,000+ of them. I know Tracking Cookies are not as direly threatening as many other issues, but is there any way to clean them out?

Thank you again!

#12 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,093 posts

Posted 21 August 2007 - 07:48 AM

This is a andy tool.

Download ATF Cleaner by Atribune from here http://www.atribune....tent/view/25/1/ and save it to your Desktop.
Follow the instructions for the browser you use.

Read the instructions about the cookies. Delete what you do not need.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
*Prefetch (Windows XP) only.
Java Cache


The rest are optional - if you want to remove the lot, check "Select All".
Finally click Empty Selected. When you get the "Done Cleaning" message, click OK.

If you use the Firefox or Opera browsers, you can use this program as a quick way to tidy those up as well.

When you have finished, click on the Exit button in the Main menu.

For Technical Support, double-click the e-mail address located at the bottom of each menu.

* The purpose of Prefetch folder is to increase the speed at which you can access the programs that you use on your PC. Unfortunately, Windows doesn't differentiate between a program you use every day and one you use every blue moon, which means that it may be prefetching a lot of stuff that you rarely use, adding to your startup time.
You may find that the first time you boot up after cleaning out this folder, your PC takes longer to get into gear - the second, and subsequent, boots should be quicker.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#13 cappri

cappri

    Member

  • Full Member
  • Pip
  • 16 posts

Posted 26 August 2007 - 09:18 PM

Hi,

So I used the ATF Cleaner, but it seems more like a temporary cleaner than a permanent remover of the Tracking Cookies. When I run the cleaner, it definitely decreases the number of Tracking Cookies that show up, but when I use my browser again, more Tracking Cookie traces are found.

Is there a way to permanently remove the Tracking Cookie traces? Or is the presence of Tracking Cookies when I run AVG 7.5 not a big problem?

Thank you,

#14 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,093 posts

Posted 27 August 2007 - 07:11 AM

Tracking cookies are not a problem.

I use this hosts file to limit them.

http://www.mvps.org/...p2002/hosts.htm

Replace the one in this folder.
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#15 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,093 posts

Posted 08 September 2007 - 09:04 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button