• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
afhopie44

Dr Watson Postmortem debugger

14 posts in this topic

Does anyone know what the heck this thing is?? Whenever I try to go to my documents, then go to my pictures and click on a picture.. I get an error message that says, "Dr Watson Postmorten Debugger has encountered an error and needs to close." And then I can send error report. But my computer freezes up and I have to restart it every time this happens. It used to happen to my computer a long time ago but then it stopped. Well now its back and its driving me crazy!!

 

My computer also just randomly freezes sometimes. And I have to restart it. It happens more often whenever I have a bunch of tabs/websites open at one time.

 

I did a scan using AVG and it said no threats were found.

 

 

 

I use mozilla firefox with popup blocker. I rarely use Internet explorer, only if a program requires that I use IE.

 

I have antivirus software:

AVG

Adaware

Spybot search & destroy

 

 

Can someone help me figure out whats going on?

 

Ewido Report:

__________________________________________________

ewido anti-spyware online scanner

http://www.ewido.net

__________________________________________________

 

 

Name: TrackingCookie.Revsci

Path: C:\Documents and Settings\Owner\Cookies\owner@revsci[1].txt

Risk: Medium

 

Name: TrackingCookie.Netflame

Path: :mozilla.8:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Netflame

Path: :mozilla.9:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Webtrendslive

Path: :mozilla.12:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: :mozilla.29:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: :mozilla.31:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: :mozilla.32:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.58:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.59:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.60:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.61:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.62:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.63:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.64:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.65:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.66:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.67:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Atdmt

Path: :mozilla.74:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Clickhype

Path: :mozilla.77:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: :mozilla.81:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: :mozilla.82:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: :mozilla.85:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Trafficmp

Path: :mozilla.86:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Trafficmp

Path: :mozilla.87:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Trafficmp

Path: :mozilla.88:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Trafficmp

Path: :mozilla.89:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Trafficmp

Path: :mozilla.90:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Trafficmp

Path: :mozilla.91:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Trafficmp

Path: :mozilla.92:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Trafficmp

Path: :mozilla.93:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: :mozilla.94:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: :mozilla.96:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: :mozilla.97:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: :mozilla.98:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: :mozilla.99:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: :mozilla.100:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: :mozilla.101:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.121:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.122:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.123:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.124:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.125:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Ru4

Path: :mozilla.126:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Ru4

Path: :mozilla.127:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Ru4

Path: :mozilla.128:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.155:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.156:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.157:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.158:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.159:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.160:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.161:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.162:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.163:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.164:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.165:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Realmedia

Path: :mozilla.166:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Imrworldwide

Path: :mozilla.237:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Imrworldwide

Path: :mozilla.238:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: :mozilla.242:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: :mozilla.243:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: :mozilla.244:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: :mozilla.245:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: :mozilla.246:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: :mozilla.247:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: :mozilla.248:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: :mozilla.249:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Questionmarket

Path: :mozilla.261:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Questionmarket

Path: :mozilla.262:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Questionmarket

Path: :mozilla.263:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Questionmarket

Path: :mozilla.264:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.304:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.305:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.306:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.307:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Pointroll

Path: :mozilla.309:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Pointroll

Path: :mozilla.310:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Pointroll

Path: :mozilla.311:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Pointroll

Path: :mozilla.312:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Pointroll

Path: :mozilla.313:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Pointroll

Path: :mozilla.314:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Pointroll

Path: :mozilla.315:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.316:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.317:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.331:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.332:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.333:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.334:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.335:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tribalfusion

Path: :mozilla.336:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.342:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.343:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.344:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.345:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.346:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.347:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.348:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.349:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.350:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.351:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Casalemedia

Path: :mozilla.352:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.353:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Euroclick

Path: :mozilla.359:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Euroclick

Path: :mozilla.360:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Euroclick

Path: :mozilla.361:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Euroclick

Path: :mozilla.362:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Euroclick

Path: :mozilla.363:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Euroclick

Path: :mozilla.364:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.380:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.381:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.382:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.383:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.384:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.385:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Revsci

Path: :mozilla.391:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Revsci

Path: :mozilla.392:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Revsci

Path: :mozilla.393:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Revsci

Path: :mozilla.394:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Revsci

Path: :mozilla.395:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Revsci

Path: :mozilla.396:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Revsci

Path: :mozilla.397:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tacoda

Path: :mozilla.401:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tacoda

Path: :mozilla.402:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tacoda

Path: :mozilla.403:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tacoda

Path: :mozilla.404:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tacoda

Path: :mozilla.405:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: :mozilla.406:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Overture

Path: :mozilla.459:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Overture

Path: :mozilla.460:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Overture

Path: :mozilla.461:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Overture

Path: :mozilla.462:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.473:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.474:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.475:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.476:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.477:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.478:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.479:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.480:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.481:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.482:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.483:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.484:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.485:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.486:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.487:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.488:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.489:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.490:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.491:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.492:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.493:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.494:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.495:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.496:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.497:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.498:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.499:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.500:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.501:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.502:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.503:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.504:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.505:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.506:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.507:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.508:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.509:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.510:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.511:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.512:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.513:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.514:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.515:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.516:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.517:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Zedo

Path: :mozilla.527:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Zedo

Path: :mozilla.528:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Zedo

Path: :mozilla.529:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Zedo

Path: :mozilla.530:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Paypal

Path: :mozilla.547:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Coremetrics

Path: :mozilla.610:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Coremetrics

Path: :mozilla.611:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.625:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.626:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.627:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.628:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.629:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.630:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.631:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.632:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.633:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.634:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.635:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Specificclick

Path: :mozilla.636:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.647:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Esomniture

Path: :mozilla.652:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.653:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.654:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.655:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.656:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.657:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.658:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.659:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.660:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.661:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.662:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.663:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Aavalue

Path: :mozilla.664:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: :mozilla.758:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.775:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstnet

Path: :mozilla.782:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstnet

Path: :mozilla.783:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstnet

Path: :mozilla.784:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstnet

Path: :mozilla.785:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstbeacon

Path: :mozilla.842:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Com

Path: :mozilla.849:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cookies.txt

Risk: Medium

 

 

 

Hijack This LOG:

Logfile of HijackThis v1.99.1

Scan saved at 12:22:14 PM, on 7/7/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\WINDOWS\system32\PSIService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\MI3AA1~1\wcescomm.exe

C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe

C:\Program Files\Common Files\Mobipocket Shared\webcomp.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Program Files\MySurvey Messenger\MySurveyMessenger.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Skyscape\SmartUpdate.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Owner\Desktop\ewido_micro(2).exe

C:\PROGRA~1\Grisoft\AVG7\avgwb.dat

C:\Documents and Settings\Owner\Desktop\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"

O4 - HKCU\..\Run: [Mobipocket Web Companion] C:\Program Files\Common Files\Mobipocket Shared\webcomp.exe -m

O4 - HKCU\..\Run: [win01] C:\DOCUME~1\Owner\APPLIC~1\GRAMSE~1\Meta Eq Cake.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: MySurvey Messenger.lnk = C:\Program Files\MySurvey Messenger\MySurveyMessenger.exe

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Skyscape smARTupdate.lnk = C:\Program Files\Common Files\Skyscape\SmartUpdate.exe

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1173150955453

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

 

EDIT:

On July 11, .. I got an error message when I went into my pictures.

This is a screen cap of the message

 

http://img264.imageshack.us/img264/1080/erroruk8.jpg

 

I Just ran my ad aware, and avg programs yesterday to check for viruses/spyware and nothing came up.

Edited by afhopie44

Share this post


Link to post
Share on other sites

Sorry forgot to add that I am using a Dell computer, with Windows XP operating system.

 

Kapersky scan log:

KASPERSKY ONLINE SCANNER REPORT

Saturday, July 07, 2007 6:51:59 PM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.93.0

Kaspersky Anti-Virus database last update: 7/07/2007

Kaspersky Anti-Virus database records: 359481

Scan Settings

Scan using the following antivirus database extended

Scan Archives true

Scan Mail Bases true

Scan Target My Computer

A:\

C:\

D:\

E:\

Scan Statistics

Total number of scanned objects 53700

Number of viruses found 0

Number of infected objects 0

Number of suspicious objects 0

Duration of the scan process 01:35:49

 

Infected Object Name Virus Name Last Action

C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-03052007-191309.log Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Owner\Application Data\$_hpcst$.hpc Object is locked skipped

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\cert8.db Object is locked skipped

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\formhistory.dat Object is locked skipped

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\history.dat Object is locked skipped

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\key3.db Object is locked skipped

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\parent.lock Object is locked skipped

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\search.sqlite Object is locked skipped

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\urlclassifier2.sqlite Object is locked skipped

C:\Documents and Settings\Owner\Application Data\Webroot\Spy Sweeper\Logs\SpySweeperLog.txt Object is locked skipped

C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{BB1C0069-9CB1-4FF8-98AC-6D03844408D0} Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\Cache\_CACHE_001_ Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\Cache\_CACHE_002_ Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\Cache\_CACHE_003_ Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\1gm94aje.default\Cache\_CACHE_MAP_ Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007070720070708\index.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Temp\WCESLog.log Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Common Files\Mobipocket Shared\error_log.txt Object is locked skipped

C:\Program Files\Common Files\Skyscape\smARTupdate.log Object is locked skipped

C:\Program Files\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.me Object is locked skipped

C:\Program Files\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.mm Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{52C4FFCD-C0ED-448E-A3AD-7DCA578FBF73}\RP200\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped

C:\WINDOWS\system32\config\OSession.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

 

 

 

 

 

Bit Defender Scan log:

BitDefender Online Scanner

 

 

 

 

 

 

 

Scan report generated at: Sat, Jul 07, 2007 - 15:48:51

 

 

 

 

 

 

 

 

 

Scan path: A:\;C:\;D:\;E:\;

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Statistics

 

Time

 

 

01:23:58

 

Files

 

 

199960

 

Folders

 

 

5825

 

Boot Sectors

 

 

2

 

Archives

 

 

1996

 

Packed Files

 

 

8799

 

 

 

 

 

 

 

Results

 

Identified Viruses

 

 

0

 

Infected Files

 

 

0

 

Suspect Files

 

 

0

 

Warnings

 

 

0

 

Disinfected

 

 

0

 

Deleted Files

 

 

0

 

 

 

 

 

 

 

Engines Info

 

Virus Definitions

 

 

637601

 

Engine build

 

 

AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

 

Scan plugins

 

 

14

 

Archive plugins

 

 

38

 

Unpack plugins

 

 

6

 

E-mail plugins

 

 

6

 

System plugins

 

 

1

 

 

 

 

 

 

 

Scan Settings

 

First Action

 

 

Disinfect

 

Second Action

 

 

Delete

 

Heuristics

 

 

Yes

 

Enable Warnings

 

 

Yes

 

Scanned Extensions

 

 

*;

 

Exclude Extensions

 

 

 

 

Scan Emails

 

 

Yes

 

Scan Archives

 

 

Yes

 

Scan Packed

 

 

Yes

 

Scan Files

 

 

Yes

 

Scan Boot

 

 

Yes

 

 

 

 

 

 

 

 

Scanned File

 

 

Status

 

No virus found.

Edited by afhopie44

Share this post


Link to post
Share on other sites

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

 

Thank you for your patience.

 

[this is an automated reply]

Share this post


Link to post
Share on other sites

Hello,

 

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

 

Please change the location of HijackThis.exe.

Create a new folder in your C: Drive

Name it C:\HJT or HijackThis and move the HijackThis.exe file in it.

It's best for this tool NOT TO be located in your Desktop or in a TEMP folder.

This way you can undo any changes if something goes wrong and will prevent the tool placing shortcuts on your Desktop.

 

=*=

 

Find out if you have Netpumper or Bitgrabber or BitRoll installed? If so, uninstall them via start > Settings> Control Panel > add/remove programs. This because they are bundled with the malware you are dealing with (swizzor aka lop).

Also look if next are present in software > add/remove programs and uninstall them:

 

CiD Help / CiD Manager

Download Plugin for Internet Explorer

Zone Media

 

In case, during uninstall, when asked for the uninstall Verification, please enter the numbers that will appear in the window

 

Then reboot. Important!

 

=*=

 

Disable SpySweeper:

You have SpySweeper installed. While this is a great program, we need to temporarily disable (not uninstall) the program because it might stop our fix.

 

If you have Spy Sweeper version 4:

  • Open SpySweeper, Click Options over on the left, then Program options
  • Uncheck load at windows startup.
  • Over to the left, Click shields and Uncheck all there.
  • Uncheck home page shield.
  • Uncheck automatically restore default without notification .
  • Close SpySweeper.
  • Reboot your machine for the changes to take effect before running HJT.

 

If you have SpySweeper version 5:

 

To disable SpySweeper Shields

  • Open SpySweeper, Click Shield Settings on the right
     
    (or Shields on the left, depending what screen you're on).
  • Click Internet Explorer and uncheck all items.
  • Click Windows System and uncheck all items.
  • Click Hosts File and uncheck all items.
  • Click Startup Programs and uncheck all items.
  • Close SpySweeper.
  • Reboot you computer, and ensure Spy Sweeper is disabled.

After all of the fixes are complete it is very important that you enable SpySweeper again.

 

Disable Microsoft Windows Defender:

We need to disable your Microsoft Windows Defender Real-time Protection as it may interfere with the fixes that we need to make.

  • Open Microsoft Windows Defender. Click Start, Programs, Windows Defender
  • Click on Tools, General Settings.
  • Under Real-time protection options, unselect the Turn on real-time protection check box
  • Click Save

After all of the fixes are complete it is very important that you enable Real-time Protection again.

 

Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

 

O4 - HKLM\..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe

O4 - HKCU\..\Run: [win01] C:\DOCUME~1\Owner\APPLIC~1\GRAMSE~1\Meta Eq Cake.exe

 

Click on Fix Checked when finished and exit HijackThis.

 

Delete these folders in bold if found.

C:\Program Files\NetRatingsNetSight\

C:\DOCUME~1\Owner\APPLIC~1\GRAMSE~1\

 

Restart the compter normally.

 

After reboot enable the security programs.

 

Then,

 

* Download Deljob.exe and save it on your desktop.

Doubleclick Deljob.exe.

 

A log, (logit.txt) should open afterwards. This log will be present on your desktop

Post the contents of the logfile in your next reply together with a new Hijackthis log.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this Topic is closed.

 

[Reopened]

 

Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites

afhopie44 I'm listening.

 

Please post a fresh HijackThis log and let me know what problem persists.

 

Before you do, please do the following to download and install the latest version of HijackThis v2.0.2:

 

CLICK HERE to download the HijackThis Installer:

  1. Save HJTInstall.exe to your desktop.
  2. Double-click on HJTInstall.exe to run the program.
  3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
  4. Accept the license agreement by clicking the "I Accept" button.
  5. Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
  6. Click "Save log" to save the log file and then the log will open in Notepad.
  7. Click on "Edit -> Select All" then click on "Edit -> Copy" to copy the entire contents of the log.
  8. Come back here to this thread and paste the log in your next reply.
  9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

Delete the older version once you have successfully downloaded and installed the latest version.

Share this post


Link to post
Share on other sites

Here is the Hijack this log:

Logfile of HijackThis v1.99.1

Scan saved at 7:50:40 PM, on 8/1/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\WINDOWS\system32\PSIService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\MI3AA1~1\wcescomm.exe

C:\Program Files\Common Files\Mobipocket Shared\webcomp.exe

C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Common Files\Skyscape\SmartUpdate.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Owner\Desktop\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"

O4 - HKCU\..\Run: [Mobipocket Web Companion] C:\Program Files\Common Files\Mobipocket Shared\webcomp.exe -m

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Skyscape smARTupdate.lnk = C:\Program Files\Common Files\Skyscape\SmartUpdate.exe

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1173150955453

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

 

And also .... Logfile results:

--------------------------------------------------------

File(s) moved to C:\deljob

 

A99216E991998F41.job

--------------------------------------------------------

Files remaining after cleaning

 

AppleSoftwareUpdate.job

MP Scheduled Scan.job

--------------------------------------------------------

App data folders

 

Volume in drive C has no label.

Volume Serial Number is E441-05FA

 

Directory of C:\Documents and Settings\Owner\Application Data

 

07/06/2007 11:26 PM <DIR> .

07/06/2007 11:26 PM <DIR> ..

03/25/2007 10:15 PM <DIR> acccore

04/08/2007 09:51 AM <DIR> Adobe

03/18/2007 02:46 PM <DIR> Ahead

04/03/2007 09:41 PM <DIR> APPLEC~1 Apple Computer

08/01/2007 08:00 AM <DIR> AVG7

07/24/2007 10:38 AM <DIR> Azureus

05/23/2007 10:52 AM <DIR> BITDOW~1 BitDownload

07/30/2007 12:59 PM <DIR> Corel

06/09/2007 03:43 PM <DIR> GRAMSE~1 Gram Send

03/05/2007 03:03 PM <DIR> GTek

03/29/2007 04:01 PM <DIR> Help

03/05/2007 12:21 PM <DIR> IDENTI~1 Identities

03/05/2007 04:03 PM <DIR> Lavasoft

03/06/2007 07:00 PM <DIR> MACROM~1 Macromedia

04/04/2007 10:18 PM <DIR> MEDIAP~1 Media Player Classic

06/09/2007 02:37 PM <DIR> MICROS~1 Microsoft

05/05/2007 02:33 PM <DIR> MOBIPO~1 Mobipocket Reader

04/23/2007 05:00 PM <DIR> MOVENE~1 Move Networks

03/26/2007 07:41 PM <DIR> Mozilla

03/07/2007 10:32 AM <DIR> MSNINS~1 MSNInstaller

03/10/2007 12:16 PM <DIR> Opera

03/14/2007 05:05 PM <DIR> Real

03/06/2007 04:18 PM <DIR> Sun

06/07/2007 07:21 PM <DIR> VIEWPO~1 Viewpoint

03/13/2007 03:17 PM <DIR> Vso

07/06/2007 11:26 PM <DIR> Webroot

06/25/2007 06:40 PM <DIR> WinRAR

0 File(s) 0 bytes

29 Dir(s) 9,626,066,944 bytes free

Volume in drive C has no label.

Volume Serial Number is E441-05FA

 

Directory of C:\Documents and Settings\All Users\Application Data

 

07/07/2007 02:25 PM <DIR> .

07/07/2007 02:25 PM <DIR> ..

06/10/2007 07:20 PM <DIR> Adobe

03/09/2007 10:33 PM <DIR> ADOBES~1 Adobe Systems

03/13/2007 03:13 PM <DIR> Ahead

06/02/2007 08:51 AM <DIR> AOL

06/02/2007 08:50 AM <DIR> AOLDOW~1 AOL Downloads

03/25/2007 10:12 PM <DIR> AOLOCP~1 AOL OCP

03/12/2007 06:09 PM <DIR> APPLEC~1 Apple Computer

06/09/2007 02:56 PM <DIR> avg7

04/06/2007 09:17 AM <DIR> Corel

06/09/2007 02:40 PM <DIR> Grisoft

06/09/2007 03:43 PM <DIR> ISOMOR~1 IsoMorePopPile

07/07/2007 02:25 PM <DIR> KASPER~1 Kaspersky Lab

03/26/2007 04:25 PM <DIR> Kodak

03/22/2007 06:17 PM <DIR> MICROS~1 Microsoft

07/11/2007 03:12 AM <DIR> MICROS~2 Microsoft Help

04/04/2007 06:17 PM <DIR> OFFICE~1 Office Genuine Advantage

03/13/2007 02:37 PM <DIR> Real

03/05/2007 07:40 PM <DIR> SPYBOT~1 Spybot - Search & Destroy

06/02/2007 08:51 AM <DIR> VIEWPO~1 Viewpoint

03/05/2007 03:38 PM <DIR> WINDOW~1 Windows Genuine Advantage

0 File(s) 0 bytes

22 Dir(s) 9,626,066,944 bytes free

--------------------------------------------------------

Share this post


Link to post
Share on other sites

This is the only think I see that needs to be done.

 

Download: Microsoft Task Scheduler Command Line Utility from http://mvps.org/winhelp2002/jt.zip

 

Unzip and copy jt.exe to your C:\Windows folder.

 

Open Notepad, copy and paste the text below and "Save As" KillJobs.bat

In the "Save as type" select: All Files

 

@echo off

jt /sd A99216E991998F41.job

Copy KillJobs.bat to your C:\Windows folder.

Double-click on "KillJobs.bat"

(when prompted, allow the file to run)

If you need help on "How to Make a .Bat File"

See: http://www.nellie2.co.uk/file.htm.

 

Install this new version HijackThis v2.0.2: as requested on my previous post.

 

Submit a fresh HijackThis and let me know if you have any problems.

Share this post


Link to post
Share on other sites

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\MI3AA1~1\wcescomm.exe

C:\Program Files\Common Files\Mobipocket Shared\webcomp.exe

C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Common Files\Skyscape\SmartUpdate.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\notepad.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"

O4 - HKCU\..\Run: [Mobipocket Web Companion] C:\Program Files\Common Files\Mobipocket Shared\webcomp.exe -m

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Skyscape smARTupdate.lnk = C:\Program Files\Common Files\Skyscape\SmartUpdate.exe

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1173150955453

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

 

--

End of file - 8661 bytes

Share this post


Link to post
Share on other sites

Please run HijackThis again submit a fresh HijackThis log for my review.

Share this post


Link to post
Share on other sites

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 8:28:11 PM, on 8/15/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\WINDOWS\system32\PSIService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\MI3AA1~1\wcescomm.exe

C:\Program Files\Common Files\Mobipocket Shared\webcomp.exe

C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Common Files\Skyscape\SmartUpdate.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"

O4 - HKCU\..\Run: [Mobipocket Web Companion] C:\Program Files\Common Files\Mobipocket Shared\webcomp.exe -m

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Skyscape smARTupdate.lnk = C:\Program Files\Common Files\Skyscape\SmartUpdate.exe

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1173150955453

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

 

--

End of file - 8592 bytes

Share this post


Link to post
Share on other sites

Glad we could help. :)

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0