Jump to content


Photo

Need help getting rid of Trojans - Duplicate Deleted...


  • This topic is locked This topic is locked
19 replies to this topic

#1 Chrispringle

Chrispringle

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 22 April 2007 - 11:57 AM

Edit: Duplicate Topic deleted... Please stick to 1 Topic per computer...

Hi i accidentally downloaded a file that looked safe but when i ran AVG on it it come up with 4 Trojans.
There names are;

Trojan horse Downloader.Small.58.K
Trojan horse Downloader.Small.29.E
Trojan horse Generic3.UUB
Trojan Horse Collected.11.B

I don't know if AVG has fixed the problem, im guessing it hasn't because i keep getting pop-ups so any help you could give me would be greatly appreciated.

Chris Pringle

Please read our Forum FAQ in order to find out what info we need (HijackThislog) so we can help you. [color=#990000]

Edited by Budfred, 24 April 2007 - 10:55 PM.


#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,521 posts

Posted 25 April 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#3 Chrispringle

Chrispringle

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 29 April 2007 - 02:21 PM

ok this is my hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 9:33:50 PM, on 4/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Compaq_Owner\My Documents\chris\download\Logs\HijackThis.exe

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\ptuxdvvp.dll",setvm
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\iioxwmlr.dll",realset
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZNfox000
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai...cat-no-eula.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1154820196015
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165070148765
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload....Plugin10USA.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Unknown owner - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe" -k runservice (file missing)
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#4 Chrispringle

Chrispringle

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 29 April 2007 - 02:22 PM

this is my KASPERSKY ONLINE SCANNER REPORT


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, April 28, 2007 9:31:44 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 29/04/2007
Kaspersky Anti-Virus database records: 288876
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
K:\

Scan Statistics:
Total number of scanned objects: 144135
Number of viruses found: 3
Number of infected objects: 3
Number of suspicious objects: 0
Duration of the scan process: 03:16:07

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12102006-215506.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Pure Networks\Network Magic\Log\logfile.nmapp_exe.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Pure Networks\Network Magic\Log\logfile.nmsrvc_exe.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0DC80899.exe Infected: Trojan-Downloader.Win32.Small.dag skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6BFD4CA7.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\73B471FA.exe Infected: Trojan-Dropper.Win32.VB.nn skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\bittorrent.log Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\61632650-f913\plex-zoo.2.exp.rar Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\01-The Red Hot Chili Peppers (1984)\01-True Men Don't Kill Coyotes.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\01-The Red Hot Chili Peppers (1984)\02-Baby Appeal.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\03-The Uplift Mofo Party Plan (1987)\09-No Chump Love Sucker.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\03-The Uplift Mofo Party Plan (1987)\11-Love Trilogy.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\04-Mother's Milk (1989)\01-Good time boys.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\04-Mother's Milk (1989)\11-Punk rock classic.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\05-Blood, Sugar, Sex, Magik (1991)\05-Suck My Kiss.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\05-Blood, Sugar, Sex, Magik (1991)\08-The Righteous & The Wicked.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\05-Blood, Sugar, Sex, Magik (1991)\09-Give It away.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\05-Blood, Sugar, Sex, Magik (1991)\10-Blood, Sugar, Sex, Magik.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\05-Blood, Sugar, Sex, Magik (1991)\16-Sir Psycho Sexy.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\06-What Hits (1992)\01-Show Me Your Soul.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\07-Out In L.A (1994)\02-Hollywood (Africa) (Extended Dance Mix).mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\07-Out In L.A (1994)\05-Castles Made Of Sand (Live).mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\07-Out In L.A (1994)\12-Nevermind (Demo Version).mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\08-One Hot Minute (1995)\01-Warped.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\08-One Hot Minute (1995)\02-Aeroplane.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\08-One Hot Minute (1995)\06-Pea.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\08-One Hot Minute (1995)\08-Walkabout.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\08-One Hot Minute (1995)\09-Tearjerker.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\08-One Hot Minute (1995)\10-One Hot Minute.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\08-One Hot Minute (1995)\11-Falling Into Grace.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\09-Californication (1999)\05-Get On Top.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\09-Californication (1999)\07-Easily.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\09-Californication (1999)\09-Emmit Remmus.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\12-By The Way (2002)\03-This Is The Place.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\12-By The Way (2002)\AlbumArt_{DDF58FBA-E42B-4DA0-B920-222F1B1BBC1B}_Small.jpg Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\13-Stadium Arcadium(2006)\103-red_hot_chili_peppers-charlie.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\13-Stadium Arcadium(2006)\105-red_hot_chili_peppers-hump_de_bump.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\13-Stadium Arcadium(2006)\107-red_hot_chili_peppers-slow_cheetah.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\13-Stadium Arcadium(2006)\208-red_hot_chili_peppers-make_you_feel_better.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\13-Stadium Arcadium(2006)\210-red_hot_chili_peppers-so_much_i.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\13-Stadium Arcadium(2006)\213-red_hot_chili_peppers-turn_it_again.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\13-Stadium Arcadium(2006)\214-red_hot_chili_peppers-death_of_a_martian.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\Alternative Collection\01-By The Way-Red Hot Chili Peppers.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\Alternative Collection\06-Desed-Red Hot Chili Peppers.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\8d0bfcb5-b686\Alternative Collection\09-Backwoods-Red Hot Chili Peppers.mp3 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\a6e7a088-5dee\rld-ztmm.r10 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\a6e7a088-5dee\rld-ztmm.r11 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\a6e7a088-5dee\rld-ztmm.r13 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\a6e7a088-5dee\rld-ztmm.r14 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\a6e7a088-5dee\rld-ztmm.r15 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\a6e7a088-5dee\rld-ztmm.r16 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\a6e7a088-5dee\rld-ztmm.r18 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\a6e7a088-5dee\rld-ztmm.r19 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent\incomplete\a6e7a088-5dee\rld-ztmm.r38 Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cert8.db Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\history.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\key3.db Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\parent.lock Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{A7C473CD-183C-40B4-9BD5-B84D1B6374F4} Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Compaq_Owner\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
C:\System Volume Information\catalog.wci\00010004.ci Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP365\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\POPINTHESTUDY.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\ZLT072ed.TMP Object is locked skipped
C:\WINDOWS\Temp\ZLT072f0.TMP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

#5 Chrispringle

Chrispringle

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 29 April 2007 - 02:22 PM

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:54:39 AM 4/29/2007

+ Scan result:



C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP365\A0175686.dll -> Adware.Minibug : No action taken.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP365\A0175805.dll -> Adware.Virtumonde : No action taken.
:mozilla.413:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.414:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.415:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.416:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.417:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.418:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.419:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.420:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.421:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.422:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.423:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.424:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.425:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.426:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.427:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.428:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.429:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.430:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.431:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.432:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.433:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.434:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.435:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.436:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.437:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.439:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.440:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.441:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.442:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.443:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.444:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.445:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.446:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.447:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.448:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.449:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.450:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.451:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.452:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.453:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.454:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.455:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.456:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.457:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.458:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.459:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.460:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.461:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.462:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.463:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.494:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.334:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.336:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.338:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.345:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.181:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.182:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.183:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.184:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.185:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.186:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.187:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.24:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.28:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.29:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.30:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.31:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.132:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.102:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.199:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.200:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.201:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.202:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.203:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.204:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.205:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.206:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.207:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.208:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.347:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Clickhype : No action taken.
:mozilla.303:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.228:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.14:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.22:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.23:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.25:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.26:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.27:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.15:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.16:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.17:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.18:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.19:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.20:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.21:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.236:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.222:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.223:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.224:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.248:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.249:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.250:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.259:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.260:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.480:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.492:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@ehg-hollywoodmedia.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@ehg-kasperskylab.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@ehg-pcsecurityshield.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.465:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.466:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.213:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.214:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.219:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Netflame : No action taken.
:mozilla.505:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Paypal : No action taken.
:mozilla.162:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.163:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.164:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.165:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.166:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.167:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.159:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.160:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.161:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.168:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.169:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.170:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.171:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.172:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.173:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.174:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.175:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.176:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.177:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.178:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.179:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.180:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.469:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.470:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.472:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.473:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.474:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.475:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.476:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.478:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.115:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.116:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.117:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.118:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.119:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.120:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.121:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.122:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.123:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.124:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.125:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.126:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.127:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.128:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.129:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.130:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.131:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.348:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.349:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.350:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.351:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.352:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.353:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.354:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.506:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.507:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.508:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.509:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.510:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.511:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.261:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.262:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.263:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.264:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.265:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.266:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.267:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.268:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.269:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.270:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.329:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.33:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.34:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.35:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.36:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.37:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.38:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.39:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.40:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.41:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.42:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@trafficmp[1].txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.32:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.235:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.57:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.58:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.59:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.60:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.61:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.62:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.63:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.64:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.65:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.299:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.301:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.302:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.304:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.307:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.309:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\u6vpidv5.default\cookies.txt -> TrackingCookie.Zedo : No action taken.


::Report end

#6 Mieke

Mieke

    HJT Helper

  • Retired Staff - Helper
  • PipPipPipPip
  • 265 posts

Posted 30 April 2007 - 05:25 AM

Hello Chrispringle,
We are currently studying your log and will be back to you as soon as possible. Thank you for your patience. :rolleyes:

#7 Mieke

Mieke

    HJT Helper

  • Retired Staff - Helper
  • PipPipPipPip
  • 265 posts

Posted 30 April 2007 - 06:49 PM

Hi Chrispringle :)

* Please copy and paste this post into Notepad or print it out. It's a lot easier than trying to remember everything.

* We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make.

Open Windows Defender.
Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.

After all of the fixes are complete it is very important that you enable Real-time Protection again.


* Please download ComboFix by sUBs and save it to your desktop:

NOTE: In the event you already have ComboFix, this is a new version that I need you to download.

Do not run it yet.


* Please download CCleaner and save it to your desktop.
Run the installer, and uncheck the option to install Yahoo toolbar (unless you want Yahoo toolbar).
Once installed, run CCleaner, click the Windows [tab]
Select the following:
Posted Image
Next: click Options click the Settings tab
Uncheck: "Only delete files older than 48 hrs.", click Ok
Then click Run Cleaner (bottom right) then Exit

* Double-click ComboFix.exe and follow the prompts.
When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

* Please post the contents of the log from ComboFix + a new log from HijackThis in your next reply.

Mieke. :D

#8 Chrispringle

Chrispringle

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 01 May 2007 - 05:21 PM

ok this is my combo fix report

"Compaq_Owner" - 07-05-01 17:52:48 Service Pack 2
ComboFix 07-04-25.4V - Running from: "C:\Documents and Settings\Compaq_Owner\Desktop\"


(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\nsweccsk.dll
C:\WINDOWS\system32\rfmghsvb.dll
C:\WINDOWS\system32\ihhkj.bak1
C:\WINDOWS\system32\ihhkj.bak2
C:\WINDOWS\system32\ihhkj.ini
C:\WINDOWS\system32\jkhhi.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\COMPAQ~1\Desktop\internet.lnk
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\qoobox\purity\C\Program Files\Common Files\FNTS~1
C:\qoobox\purity\C\WINDOWS\ICROSO~1.NET
C:\qoobox\purity\C\WINDOWS\ICROSO~1.NET\ICROSO~1.NET


((((((((((((((((((((((((((((((( Files Created from 2007-04-01 to 2007-05-01 ))))))))))))))))))))))))))))))))))


2007-05-01 17:50 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
2007-05-01 17:40 <DIR> d-------- C:\Program Files\Yahoo!
2007-05-01 17:40 <DIR> d-------- C:\Program Files\CCleaner
2007-04-30 21:49 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2007-04-30 17:54 <DIR> d-------- C:\Program Files\Alcohol Soft
2007-04-30 16:44 <DIR> d-------- C:\Program Files\DAEMON Tools
2007-04-30 16:29 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-04-28 18:00 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-04-28 18:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
2007-04-28 08:30 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-26 12:32 132,660 --a------ C:\WINDOWS\system32\iioxwmlr.dll
2007-04-25 09:54 28,672 --a------ C:\WINDOWS\system32\f3PSSavr.scr
2007-04-25 09:54 <DIR> d-------- C:\Program Files\MyWebSearch
2007-04-25 09:54 <DIR> d-------- C:\Program Files\FunWebProducts
2007-04-23 16:37 <DIR> d-------- C:\WINDOWS\pss
2007-04-21 20:54 <DIR> d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\GetRightToGo
2007-04-21 12:49 <DIR> d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\MailFrontier
2007-04-15 18:00 <DIR> d-------- C:\DOCUME~1\COMPAQ~1\AbiSuite
2007-04-15 17:58 <DIR> d-------- C:\Program Files\AbiSuite2
2007-04-13 19:57 <DIR> d-------- C:\Program Files\BitTorrent_DNA
2007-04-13 19:57 <DIR> d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\DNA


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-05-01 08:03 -------- d-------- C:\Program Files\world of warcraft
2007-04-30 21:53 -------- d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\microsoft games
2007-04-30 21:49 -------- d--h----- C:\Program Files\installshield installation information
2007-04-30 16:33 -------- d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\skype
2007-04-27 18:24 -------- d-------- C:\Program Files\zoom
2007-04-27 18:21 -------- d-------- C:\Program Files\bfg
2007-04-25 10:52 -------- d-------- C:\Program Files\msn messenger
2007-04-23 16:37 3649 --a------ C:\WINDOWS\viassary-hp.reg
2007-04-20 07:53 17722 --a------ C:\DOCUME~1\COMPAQ~1\APPLIC~1\wklnhst.dat
2007-04-15 20:12 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-04-13 20:01 -------- d-------- C:\Program Files\bittorrent
2007-04-11 17:37 -------- d-------- C:\Program Files\championship manager 2006
2007-04-11 16:51 -------- d-------- C:\Program Files\limewire
2007-03-26 17:04 -------- d-------- C:\Program Files\quicktime
2007-03-24 08:23 -------- d-------- C:\Program Files\itunes
2007-03-24 08:23 -------- d-------- C:\Program Files\ipod
2007-03-20 22:03 -------- d--h----- C:\DOCUME~1\COMPAQ~1\APPLIC~1\move networks
2007-03-18 20:34 -------- d-------- C:\Program Files\total video player
2007-03-17 09:43 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-12 20:05 -------- d-------- C:\Program Files\hp
2007-03-12 20:04 -------- d-------- C:\Program Files\hewlett-packard
2007-03-09 00:02 75512 --a------ C:\WINDOWS\zllsputility.exe
2007-03-09 00:01 1087216 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-03-08 11:36 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 11:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 11:36 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 09:47 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-04 19:43 -------- d--h----- C:\DOCUME~1\COMPAQ~1\APPLIC~1\ijji
2007-02-17 02:57 127034 -r------- C:\WINDOWS\bwunin-8.1.1.50-8876480sl.exe
2007-02-05 16:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
{53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar4.dll
{AAAE832A-5FFF-4661-9C8F-369692D1DCB9} C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
{D651AFF4-9590-424d-BD1E-8E33E090DFB3} C:\WINDOWS\system32\kpgidhcw.dll [x]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
@=""
"PCDrProfiler"=""
"HPBootOp"="\"C:\\Program Files\\Hewlett-Packard\\HP Boot Optimizer\\HPBootOp.exe\" /run"
"OM_Monitor"="C:\\Program Files\\OLYMPUS\\OLYMPUS Master\\FirstStart.exe"
"nmapp"="\"C:\\Program Files\\Pure Networks\\Network Magic\\nmapp.exe\" -autorun -nosplash"
"pccguide.exe"="\"C:\\Program Files\\Trend Micro\\Internet Security 2007\\pccguide.exe\""
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"LogitechCommunicationsManager"="\"C:\\Program Files\\Common Files\\Logitech\\LComMgr\\Communications_Helper.exe\""
"LVCOMSX"="\"C:\\Program Files\\Common Files\\Logitech\\LComMgr\\LVComSX.exe\""
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"InfoData"="rundll32.exe \"C:\\WINDOWS\\system32\\iioxwmlr.dll\",realset"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"OM_Monitor"="C:\\Program Files\\OLYMPUS\\OLYMPUS Master\\Monitor.exe -NoStart"
"SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifdayv

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
"MyWebSearch Email Plugin"="C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\mwsoemon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LogitechQuickCamRibbon"="\"C:\\Program Files\\Logitech\\QuickCam10\\QuickCam10.exe\" /hide"
"LogitechVideo[inspector]"="C:\\Program Files\\Logitech\\Video\\InstallHelper.exe /inspect"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Compaq Connections.lnk"
"backup"="C:\\WINDOWS\\pss\\Compaq Connections.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\COMPAQ~1\\5577497\\Program\\COMPAQ~1.EXE -startup"
"item"="Compaq Connections"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk"
"backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe "
"item"="HP Digital Imaging Monitor"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Logitech Desktop Messenger.lnk"
"backup"="C:\\WINDOWS\\pss\\Logitech Desktop Messenger.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Logitech\\DESKTO~1\\8876480\\Program\\LOGITE~1.EXE -startup"
"item"="Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="bittorrent"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
"command"="C:\\WINDOWS\\system32\\ctfmon.exe"
"hkey"="HKCU"
"inimapping"="0"
"item"="CTFMON.EXE"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
"command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"hkey"="HKLM"
"inimapping"="0"
"item"="HP Software Update"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
"command"="%systemroot%\\system32\\dumprep 0 -k"
"hkey"="HKLM"
"inimapping"="0"
"item"="KernelFaultCheck"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
"command"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
"hkey"="HKCU"
"inimapping"="0"
"item"="LDM"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"hkey"="HKLM"
"inimapping"="0"
"item"="QuickTime Task"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"command"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"hkey"="HKLM"
"inimapping"="0"
"item"="SunJavaUpdateSched"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"hkey"="HKLM"
"inimapping"="0"
"item"="TkBellExe"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{290daaa4-3acc-11db-920a-001731114230}]
Shell\AutoRun\command J:\setupSNK.exe


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-01 18:03:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@cpvfeed[2].txt 4096 bytes

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 1


********************************************************************

Completion time: 07-05-01 18:16:10 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 07-05-01 18:16

#9 Chrispringle

Chrispringle

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 01 May 2007 - 05:26 PM

this is my hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 6:25:29 PM, on 5/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Compaq_Owner\My Documents\chris\download\Logs\HijackThis.exe
c:\windows\system\hpsysdrv.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\kpgidhcw.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\iioxwmlr.dll",realset
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZNfox000
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai...cat-no-eula.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1154820196015
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165070148765
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload....Plugin10USA.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll
O20 - Winlogon Notify: iifdayv - iifdayv.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Unknown owner - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe" -k runservice (file missing)
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#10 Indrid_Cold

Indrid_Cold

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 7,070 posts

Posted 03 May 2007 - 02:39 PM

You have not been forgotten Chrispringle. Just a bit overscheduled and we will have a reply for you soon.
Hope is not a method.

If I have helped in some way, please consider donating to SpywareInfo's crusade against Malware See Here

Member of ASAP since 2004 Alliance of Security Analysis Professionals
Member of UNITE since 2006 United Network of Instructors and Trained Eliminators

Fight back Malware Complaints

#11 Mieke

Mieke

    HJT Helper

  • Retired Staff - Helper
  • PipPipPipPip
  • 265 posts

Posted 05 May 2007 - 12:41 PM

* Good work Chrispringle :) ,
you did the steps very well! The main infection is gone by now, but we still need to deal with the other issues.

* Please copy and paste this post into Notepad or print it out again.

* I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:
1) Run Spybot-S&D
2) Go to the Mode menu, and make sure "Advanced Mode" is selected
3) On the left hand side, choose Tools -> Resident
4) Uncheck "Resident TeaTimer" and OK any prompts
You can reenable TeaTimer once your system is clean.


* Go to Start - Control Panel - Software - Add or Remove Programs and uninstall (if present):

Yazzle by Oin
Purityscan by Oin
Snowballwars by Oin
Cowabanga by OIN
Or everything similair with OIN

If you can't find anything with OIN in the list, then please download and run this uninstaller.



* You have an optional program that I strongly suggest you to remove.
You are running MyWebSearch (or MyBar). This is not technically malware, but it is thought to be bad by many experts and it will bring malware with it. There are safer alternatives available such as the Google toolbar (wich you already have). I recommend that you remove it.
If you decide to remove the program you have to uninstall it:
- Go to Start - Control Panel - Software - Add or Remove Programs and uninstall MyWebSearch

* Please run HijackThis, hit "Scan" and check all items I suggest that you fix (if present):

O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\kpgidhcw.dll (file missing)
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\iioxwmlr.dll",realset
O20 - Winlogon Notify: iifdayv - iifdayv.dll (file missing)


Next part are the optional entries that I Highly recommend you to fix!
If you decide to remove the optional program, put a check next to the following entries as well:
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZNfox000


Please, close all open windows and browsers except HijackThis and click the 'Fix checked' button. Close HijackThis.

* Please Reboot the computer. (Important!)

* Delete the following file and folder (if still present):

This file:


C:\WINDOWS\system32\iioxwmlr.dll

If you uninstalled MyWebSearch remove next folder also:

This folder:

C:\Program Files\MyWebSearch

* Empty your recycle bin.

* Your Java is outdated. Updating Java

* Go to Start > Control Panel double-click on the Software icon > add/remove programs.
* Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
It should have next icon next to it: IPB Image
Select it and click Remove.
* Then Download and install the newest version from here:
http://java.sun.com/...loads/index.jsp


* I notice you are running 2 Antivirus programs in resident mode. (AVG Antivirus and PC-Cilin 2002) This is NOT a good idea since they can conflict with each other. Because PC-Cilin 2002 is a part of your Trend Micro Internet Security 2007, I would recommend that you disable AVG's real time protection and then use it for periodic scans.

* I also notice you are running 2 Software Firewalls, (ZoneAlarm firewall and Trend Micro Personal Firewall) This is not a good idea. You should never run more than one software firewall as they can conflict. Because Trend Micro Personal Firewall is a part of your Trend Micro Internet Security 2007, I would recommend that you uninstall ZoneAlarm.

* Please post a fresh log from HijackThis. Please let me know if you have any problems during the fix and how the computer is running now.

Good Luck.

#12 Chrispringle

Chrispringle

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 05 May 2007 - 03:21 PM

i don't actually have Trend Micro Internet Security 2007, running o n my computer, i installed there 30 day free trail and when i went to uninstall it it left around 10 things in the program files and won't uninstall completely. Any advice on that matter would be a great help

thank you

#13 Chrispringle

Chrispringle

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 05 May 2007 - 03:22 PM

Logfile of HijackThis v1.99.1
Scan saved at 4:21:36 PM, on 5/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Compaq_Owner\My Documents\chris\download\Logs\HijackThis.exe

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai...cat-no-eula.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1154820196015
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165070148765
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload....Plugin10USA.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Unknown owner - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe" -k runservice (file missing)
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#14 Indrid_Cold

Indrid_Cold

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 7,070 posts

Posted 05 May 2007 - 05:48 PM

May we please have some feedback on how your computer is now running?
Hope is not a method.

If I have helped in some way, please consider donating to SpywareInfo's crusade against Malware See Here

Member of ASAP since 2004 Alliance of Security Analysis Professionals
Member of UNITE since 2006 United Network of Instructors and Trained Eliminators

Fight back Malware Complaints

#15 Chrispringle

Chrispringle

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 05 May 2007 - 07:56 PM

as far as i can tell it is working perfectly thank you very much :)
oh course my mum hasn't touched it yet so who knows lol
thank you again

#16 Mieke

Mieke

    HJT Helper

  • Retired Staff - Helper
  • PipPipPipPip
  • 265 posts

Posted 06 May 2007 - 05:28 PM

Hi Chrispringle :wave:

Can you please post a fresh log from HijackThis? :)

Thank you in advance. Mieke.

#17 Chrispringle

Chrispringle

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 06 May 2007 - 06:04 PM

Logfile of HijackThis v1.99.1
Scan saved at 7:02:59 PM, on 5/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Compaq_Owner\My Documents\chris\download\Logs\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai...cat-no-eula.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1154820196015
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165070148765
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload....Plugin10USA.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Unknown owner - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe" -k runservice (file missing)
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#18 Indrid_Cold

Indrid_Cold

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 7,070 posts

Posted 07 May 2007 - 06:54 PM

Thank you for the log Chrispringle. We will have a reply for you soon.
Hope is not a method.

If I have helped in some way, please consider donating to SpywareInfo's crusade against Malware See Here

Member of ASAP since 2004 Alliance of Security Analysis Professionals
Member of UNITE since 2006 United Network of Instructors and Trained Eliminators

Fight back Malware Complaints

#19 Mieke

Mieke

    HJT Helper

  • Retired Staff - Helper
  • PipPipPipPip
  • 265 posts

Posted 09 May 2007 - 02:19 AM

Hi Chrispingle, thank you for your patience. :D

* Please make a backup from your Registry:
  • Click Start - Run and type the following in bold: regedit, press your Enter Key.
  • Now you will see the Registry Editor.
  • With the cursor on 'My Computer' in regedit, right-click and select Export.
  • Save the file as saved.reg and then exit from Regedit.
* Please create a new Restore Point:
  • Click Start > Programs > Accessories > System Tools and click System Restore.
  • Choose the radio button marked Create a Restore Point on the first screen then click Next. Give the Restore Point a name, then click Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then click Start > Run and type the following in bold: Cleanmgr
  • Click OK.
  • Click the More Options Tab.
  • Click Clean Up in the System Restore section to remove all previous restore points except the newly created one.
* Please try one of the following solutions to remove PC-cillin Internet Security:

1. Click Start and then select Trend Micro PC-cillin Internet Security 2007 > Click Uninstall Trend Micro PC-cillin Internet Security.

2. Click Start - Control Panel - Software - Add or Remove Programs and uninstall:

Trend Micro PC-cillin Internet Security 2007

3. Click Start - Run and type the following in bold: [b]msiexec.exe /X{BB4B6355-D38A-492C-873B-A1B2CF6C3832}
.
Click "OK". Click OK again when asked to confirm your decision.

* Please restart your computer and post a fresh log with HijackThis in your next reply. Please let me know if you have got problems during the removing process.

Mieke. :)

#20 Mieke

Mieke

    HJT Helper

  • Retired Staff - Helper
  • PipPipPipPip
  • 265 posts

Posted 01 June 2007 - 05:03 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button