There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
 
Tag Cloud
audio avg avg 8 bios boot browser bsod computer cpu crash css dell desktop driver dvd email error excel explorer firefox firefox 3 freeze game graphics hard drive hardware help please hijackthis hjt install internet internet explorer itunes javascript lan laptop malware missing monitor msn network networking openoffice outlook outlook 2003 outlook express php popups problem problems router seo slow sound sp3 spyware startup trojan usb video virtumonde virus vista vundo windows windows vista windows xp winxp wireless word
Malware Removal & HijackThis Logs
Search
Search in:
 
Advanced Search
Tech Support Guy Forums > Security & Malware Removal > Malware Removal & HijackThis Logs >
error 800401f3


HELLO AND WELCOME! Before you can post your question, you'll have to register -- it's completely free! Click here to join today! We highly recommend that you print a copy of our Guide for New Members. Enjoy!

Page 1 of 2 1 2 >
 
Thread Tools
elaine@m&s's Avatar
Member with 32 posts.
  
Join Date: Sep 2005
Location: bromley kent
Experience: Beginner
29-Apr-2008, 03:37 AM #1
Unhappy error 800401f3
hi , when i did a disk clean it seems to have done something to my internet , i as the admin user can sign on to msn live but no one else can, other issues seem to have arrived as well to date there seems to be a problem with flash readers and also i could not use mirosoft update, (but that seens to have been fixed using a fix it page) my computer will not roll back to any previous times and i have to refreash to get on to most internet pages,

elaine :confused





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:46:39, on 29/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\AOL\1178575986\ee\AOLSoftware.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\igfxsrvc.exe
c:\program files\common files\aol\1178575986\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1178575986\ee\aolsoftware.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1178575986\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [AOLAspSunset2] C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZUxdm265YYGB
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...1.0.0.15-3.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/...lMgr_v01_5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by109fd.bay109.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1179126392375
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/...ws-i586-jc.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/...ploader4_5.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/bingame/zpagames...p.cab56961.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 16907 bytes
Last edited by elaine@m&s : 29-Apr-2008 03:55 AM. Reason: attach log
cybertech's Avatar
Computer Specs
Moderator with 56,053 posts.
  
Join Date: Apr 2002
Location: Washington State
12-May-2008, 02:06 PM #2
Run HijackThis and click Open the Misc Tools section
  • Click Open Uninstall Manager
  • Save list
  • click on the Desktop icon or select to save the list on the desktop
  • then click save.

Open the file and copy/paste the contents back here in your next reply.
elaine@m&s's Avatar
Member with 32 posts.
  
Join Date: Sep 2005
Location: bromley kent
Experience: Beginner
13-May-2008, 02:35 AM #3
i now seem to have an antivirus message coming up everytime i change page to, thankyou


4oD
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Reader 8.1.1
Adobe Shockwave Player 11
AOL Coach Version 1.0(Build:20040229.1 uk)
AOL Toolbar
AOL UK (Choose which version to remove)
AOL Uninstaller (Choose which Products to Remove)
AOL You've Got Pictures Screensaver
AppCore
Apple Mobile Device Support
Apple Software Update
BlueSoleil
Boots F2CD Picture Suite
ccCommon
CDDRV_Installer
Compatibility Pack for the 2007 Office system
Component Framework
Dell Resource CD
Dell ResourceCD
DellConnect
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
ESPNMotion
Football Manager 2008
High Definition Audio Driver Package - KB835221
Highlight Viewer (Windows Live Toolbar)
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
HP Driver Diagnostics
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 1200 series
HP Photosmart Essential
hp psc 1200 series
IE AntiVirus
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
iTunes
Java(TM) 6 Update 5
KhalInstallWrapper
Learn2 Player (Uninstall Only)
LimeWire 4.16.6
LiveUpdate (Symantec Corporation)
LiveUpdate (Symantec Corporation)
Logitech Audio Echo Cancellation Component
Logitech QuickCam
Logitech SetPoint
Logitech Video Enumerator
Logitech® Camera Driver
MAGIX Media Manager 2004 silver
MAGIX ringtone maker SE
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MVision
Norton AntiVirus
Norton AntiVirus Help
Norton Confidential Core
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
PowerDVD 5.5
QuickTime
RealPlayer Basic
Repligator 13
RocketDock 1.3.1
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
SigmaTel Audio
Smart Menus (Windows Live Toolbar)
SmartSoft Video Converter
Sonic Audio module
Sonic DLA
Sonic Encoders
Sonic MyDVD LE
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sony Ericsson Device Data
Sony Ericsson Drivers
Sony Ericsson PC Suite
Sony Ericsson PC Suite
Sony Media Manager 2.2
Sony Vegas 7.0
SPBBC 32bit
Spybot - Search & Destroy
SweetIM For Internet Explorer 3.0b
Symantec Real Time Storage Protection Component
SymNet
TomTom HOME
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update Rollup 2 for Windows XP Media Center Edition 2005
Update Service
Viewpoint Media Player
Windows Defender
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Favorites for Windows Live Toolbar
Windows Live installer
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885295
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Media Center Edition 2005 KB925766
WinRAR archiver
cybertech's Avatar
Computer Specs
Moderator with 56,053 posts.
  
Join Date: Apr 2002
Location: Washington State
13-May-2008, 03:04 PM #4
Go to add/remove programs and remove:
IE AntiVirus

Run HJT again and put a check in the following:

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZUxdm265YYGB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...1.0.0.15-3.cab

Close all applications and browser windows before you click "fix checked".



Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Select Files to Delete choose: Select All
  • Click the Empty Selected button.

Click Exit on the Main menu to close the program.



Download (save and select your desktop to save it to) SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive and all other fixed drives..
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply with a new hijackthis log.
  • Click Close to exit the program.


Please perform a scan with Kaspersky Webscan Online Virus Scanner
  • Read the Requirements and Privacy statement, then select "Accept".
  • A new window will appear promting you to install an ActiveX component from Kaspersky - "Do you want to install this software?".
  • Click "Yes" or select "Install" to download the ActiveX controls that allows ActiveScan to run.
  • When the download is complete it will say ready, click "Next".
  • Click "Scan Settings" and check the option to use the Extended Database if available otherwise Standard).
  • Click "Scan Options" and select both "Scan Archives" and "Scan Mail Bases".
  • Click "OK".
  • Under "Select a target to scan", click on "My Computer".
  • When the scan is complete choose to save the results as "Save as Text" named kaspersky.txt to your desktop and post them in your next reply.


Kaspersky does not remove anything but will provide a log of anything it finds. On August 8th, 2006 Kaspersky updated the software used for Free Online Virus Scanner. In order to continue using the online scanner you will need to uninstall the old version (if previously used) from your Add/Remove Programs list and then install the latest version. To do this, follow the steps here and reboot afterwards if your system does not reboot automatically or it will show 'Kaspersky Online Scanner license key was not found!
__________________
Microsoft MVP/Windows - Consumer Security


If we have helped you, please consider making a donation to TSG!
elaine@m&s's Avatar
Member with 32 posts.
  
Join Date: Sep 2005
Location: bromley kent
Experience: Beginner
14-May-2008, 10:25 AM #5
14 may high jack log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:57:34, on 14/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\AOL\1178575986\ee\AOLSoftware.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
c:\program files\common files\aol\1178575986\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1178575986\ee\aolsoftware.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: iebho - {F8A0D89E-875F-41AF-83BE-6B5780224682} - C:\WINDOWS\iebho.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1178575986\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [AOLAspSunset2] C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/...lMgr_v01_5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by109fd.bay109.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1179126392375
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/...ws-i586-jc.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/...ploader4_5.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/bingame/zpagames...p.cab56961.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 16721 bytes
elaine@m&s's Avatar
Member with 32 posts.
  
Join Date: Sep 2005
Location: bromley kent
Experience: Beginner
14-May-2008, 10:35 AM #6
14th may SUPERAntiSpyware Scan Log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/14/2008 at 10:42 AM

Application Version : 4.0.1154

Core Rules Database Version : 3460
Trace Rules Database Version: 1451

Scan type : Complete Scan
Total Scan Time : 01:28:19

Memory items scanned : 782
Memory threats detected : 0
Registry items scanned : 6961
Registry threats detected : 0
File items scanned : 118215
File threats detected : 273

Adware.Tracking Cookie
C:\Documents and Settings\BARRY\Cookies\barry@adopt.euroclick[2].txt
C:\Documents and Settings\BARRY\Cookies\barry@advertising[2].txt
C:\Documents and Settings\BARRY\Cookies\barry@atdmt[2].txt
C:\Documents and Settings\BARRY\Cookies\barry@counter5.sextracker[1].txt
C:\Documents and Settings\BARRY\Cookies\barry@doubleclick[2].txt
C:\Documents and Settings\BARRY\Cookies\barry@sextracker[1].txt
C:\Documents and Settings\JAMES\Cookies\james@112.2o7[2].txt
C:\Documents and Settings\JAMES\Cookies\james@122.2o7[2].txt
C:\Documents and Settings\JAMES\Cookies\james@2.adbrite[1].txt
C:\Documents and Settings\JAMES\Cookies\james@2.marketbanker[2].txt
C:\Documents and Settings\JAMES\Cookies\james@247realmedia[2].txt
C:\Documents and Settings\JAMES\Cookies\james@2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@3.adbrite[1].txt
C:\Documents and Settings\JAMES\Cookies\james@4.adbrite[1].txt
C:\Documents and Settings\JAMES\Cookies\james@a.websponsors[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ad.accelerator-media[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ad.joinaxxess[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ad.lookery[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ad.uk.tangozebra[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ad.uk.tangozebra[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ad.yieldmanager[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ad.yieldx[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ad.zanox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ad1.clickhype[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ad1.emediate[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ad2.clickhype[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ad2.doublepimp[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adbrite[2].txt
C:\Documents and Settings\JAMES\Cookies\james@adecn[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adfarm1.adition[2].txt
C:\Documents and Settings\JAMES\Cookies\james@adinterax[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adlegend[2].txt
C:\Documents and Settings\JAMES\Cookies\james@adopt.euroclick[2].txt
C:\Documents and Settings\JAMES\Cookies\james@adopt.specificclick[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adrevenue[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adrevolver[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ads-dev.youporn[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.addynamix[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.adgoto[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.aol.co[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.as4x.tmcs[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.associatedcontent[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.ft[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.habbogroup[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.joinaxxess[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.lookery[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.lookery[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.madisonavenue[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.mediamayhemcorp[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.planetactive[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.pointroll[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.realtechnetwork[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.realtechnetwork[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.realtechnetwork[3].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.revsci[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.soft32[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.today[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ads.usercash[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ads2.firingsquad[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adserve.v-store.co[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adserver.easyad[2].txt
C:\Documents and Settings\JAMES\Cookies\james@adserver.fusacapital[2].txt
C:\Documents and Settings\JAMES\Cookies\james@adserver.mediarun[2].txt
C:\Documents and Settings\JAMES\Cookies\james@adserver.netcollex.co[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adserver.weakgame[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adserver.zo-server[2].txt
C:\Documents and Settings\JAMES\Cookies\james@adserving.muppetism[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adtech[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adultadworld[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adultfriendfinder[1].txt
C:\Documents and Settings\JAMES\Cookies\james@advertising[2].txt
C:\Documents and Settings\JAMES\Cookies\james@adverts.digitalspy.co[1].txt
C:\Documents and Settings\JAMES\Cookies\james@adviva[2].txt
C:\Documents and Settings\JAMES\Cookies\james@anad.tacoda[1].txt
C:\Documents and Settings\JAMES\Cookies\james@anat.tacoda[1].txt
C:\Documents and Settings\JAMES\Cookies\james@aoleusearch.122.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@aoluk.122.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@apmebf[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ar.atwola[1].txt
C:\Documents and Settings\JAMES\Cookies\james@arabsexweb[2].txt
C:\Documents and Settings\JAMES\Cookies\james@as-eu.falkag[2].txt
C:\Documents and Settings\JAMES\Cookies\james@atdmt[2].txt
C:\Documents and Settings\JAMES\Cookies\james@atoc.112.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@atwola[2].txt
C:\Documents and Settings\JAMES\Cookies\james@audit.median[1].txt
C:\Documents and Settings\JAMES\Cookies\james@azjmp[2].txt
C:\Documents and Settings\JAMES\Cookies\james@banner.32vegas[2].txt
C:\Documents and Settings\JAMES\Cookies\james@banner.goldenpalace[2].txt
C:\Documents and Settings\JAMES\Cookies\james@banner.windowscasino[2].txt
C:\Documents and Settings\JAMES\Cookies\james@bluestreak[1].txt
C:\Documents and Settings\JAMES\Cookies\james@bravenet[1].txt
C:\Documents and Settings\JAMES\Cookies\james@brbporn[2].txt
C:\Documents and Settings\JAMES\Cookies\james@bs.serving-sys[1].txt
C:\Documents and Settings\JAMES\Cookies\james@burstnet[1].txt
C:\Documents and Settings\JAMES\Cookies\james@buzznet.112.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@c5.zedo[1].txt
C:\Documents and Settings\JAMES\Cookies\james@camelmedia[2].txt
C:\Documents and Settings\JAMES\Cookies\james@carphonewarehouse.112.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@casalemedia[1].txt
C:\Documents and Settings\JAMES\Cookies\james@cbs.112.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@centrica.usertracking[1].txt
C:\Documents and Settings\JAMES\Cookies\james@cgm.adbureau[2].txt
C:\Documents and Settings\JAMES\Cookies\james@clickbank[2].txt
C:\Documents and Settings\JAMES\Cookies\james@clickintext[1].txt
C:\Documents and Settings\JAMES\Cookies\james@clicks.adengage[2].txt
C:\Documents and Settings\JAMES\Cookies\james@clicksor[2].txt
C:\Documents and Settings\JAMES\Cookies\james@clicktorrent[1].txt
C:\Documents and Settings\JAMES\Cookies\james@counter1.sextracker[1].txt
C:\Documents and Settings\JAMES\Cookies\james@counter13.sextracker[1].txt
C:\Documents and Settings\JAMES\Cookies\james@counter4.sextracker[1].txt
C:\Documents and Settings\JAMES\Cookies\james@counter6.sextracker[1].txt
C:\Documents and Settings\JAMES\Cookies\james@counter7.sextracker[1].txt
C:\Documents and Settings\JAMES\Cookies\james@data.coremetrics[1].txt
C:\Documents and Settings\JAMES\Cookies\james@date.ventivmedia[2].txt
C:\Documents and Settings\JAMES\Cookies\james@directtrack[2].txt
C:\Documents and Settings\JAMES\Cookies\james@divx.112.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@divx.adbureau[2].txt
C:\Documents and Settings\JAMES\Cookies\james@doubleclick[1].txt
C:\Documents and Settings\JAMES\Cookies\james@e-2dj6wglioldpkcq.stats.esomniture[2].txt
C:\Documents and Settings\JAMES\Cookies\james@e-2dj6wjmiepd5eeo.stats.esomniture[2].txt
C:\Documents and Settings\JAMES\Cookies\james@eas.apm.emediate[1].txt
C:\Documents and Settings\JAMES\Cookies\james@edge.ru4[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-autotrader.hitbox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-bskyb.hitbox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-ctv.hitbox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-dig.hitbox[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-foxmovies.hitbox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-foxsports.hitbox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-futurepub.hitbox[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-ifilm.hitbox[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-logantod.hitbox[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-myspaceinc.hitbox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-tfl.hitbox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-vcbs.hitbox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-warnerbrothers.hitbox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ehg-wssuk.hitbox[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ero-advertising[2].txt
C:\Documents and Settings\JAMES\Cookies\james@eyewonder[1].txt
C:\Documents and Settings\JAMES\Cookies\james@ezzs.valueclick[2].txt
C:\Documents and Settings\JAMES\Cookies\james@fastclick[2].txt
C:\Documents and Settings\JAMES\Cookies\james@gallery-dax7rg2o7g61jgtu.usercash[2].txt
C:\Documents and Settings\JAMES\Cookies\james@h.starware[1].txt
C:\Documents and Settings\JAMES\Cookies\james@heavycom.122.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@hitbox[2].txt
C:\Documents and Settings\JAMES\Cookies\james@hottestxxxwebcams[2].txt
C:\Documents and Settings\JAMES\Cookies\james@i.screensavers[2].txt
C:\Documents and Settings\JAMES\Cookies\james@iacas.adbureau[2].txt
C:\Documents and Settings\JAMES\Cookies\james@image.masterstats[1].txt
C:\Documents and Settings\JAMES\Cookies\james@imrworldwide[2].txt
C:\Documents and Settings\JAMES\Cookies\james@indexstats[2].txt
C:\Documents and Settings\JAMES\Cookies\james@indextools[1].txt
C:\Documents and Settings\JAMES\Cookies\james@insightexpressai[1].txt
C:\Documents and Settings\JAMES\Cookies\james@interclick[2].txt
C:\Documents and Settings\JAMES\Cookies\james@join.porntube[1].txt
C:\Documents and Settings\JAMES\Cookies\james@kinxxx[2].txt
C:\Documents and Settings\JAMES\Cookies\james@kontera[2].txt
C:\Documents and Settings\JAMES\Cookies\james@likecrack[1].txt
C:\Documents and Settings\JAMES\Cookies\james@lotsofads.smilingtraffic[1].txt
C:\Documents and Settings\JAMES\Cookies\james@maxserving[1].txt
C:\Documents and Settings\JAMES\Cookies\james@media.adrevolver[1].txt
C:\Documents and Settings\JAMES\Cookies\james@media.adrevolver[3].txt
C:\Documents and Settings\JAMES\Cookies\james@mediaplex[2].txt
C:\Documents and Settings\JAMES\Cookies\james@metacafe.122.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@msnportal.112.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@myticketmarket.112.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@mywebsearch[1].txt
C:\Documents and Settings\JAMES\Cookies\james@nextag[2].txt
C:\Documents and Settings\JAMES\Cookies\james@o2mdnzz8605tv1nv05.usercash[1].txt
C:\Documents and Settings\JAMES\Cookies\james@optimost[1].txt
C:\Documents and Settings\JAMES\Cookies\james@overture[2].txt
C:\Documents and Settings\JAMES\Cookies\james@pacificpoker[1].txt
C:\Documents and Settings\JAMES\Cookies\james@partners.tattomedia[2].txt
C:\Documents and Settings\JAMES\Cookies\james@partners.webmasterplan[2].txt
C:\Documents and Settings\JAMES\Cookies\james@partygaming.122.2o7[2].txt
C:\Documents and Settings\JAMES\Cookies\james@partypoker[1].txt
C:\Documents and Settings\JAMES\Cookies\james@pornbase[1].txt
C:\Documents and Settings\JAMES\Cookies\james@pornenmeer[1].txt
C:\Documents and Settings\JAMES\Cookies\james@pornhost[1].txt
C:\Documents and Settings\JAMES\Cookies\james@pornoamateurs[2].txt
C:\Documents and Settings\JAMES\Cookies\james@pornoinside[1].txt
C:\Documents and Settings\JAMES\Cookies\james@porntube[2].txt
C:\Documents and Settings\JAMES\Cookies\james@precisionclick[1].txt
C:\Documents and Settings\JAMES\Cookies\james@pro-market[1].txt
C:\Documents and Settings\JAMES\Cookies\james@questionmarket[1].txt
C:\Documents and Settings\JAMES\Cookies\james@realmedia[2].txt
C:\Documents and Settings\JAMES\Cookies\james@reduxads.valuead[2].txt
C:\Documents and Settings\JAMES\Cookies\james@revsci[1].txt
C:\Documents and Settings\JAMES\Cookies\james@richmedia.yahoo[1].txt
C:\Documents and Settings\JAMES\Cookies\james@rocku.adbureau[2].txt
C:\Documents and Settings\JAMES\Cookies\james@roiservice[1].txt
C:\Documents and Settings\JAMES\Cookies\james@rotator.adjuggler[2].txt
C:\Documents and Settings\JAMES\Cookies\james@screensavers[2].txt
C:\Documents and Settings\JAMES\Cookies\james@server.iad.liveperson[1].txt
C:\Documents and Settings\JAMES\Cookies\james@server.iad.liveperson[3].txt
C:\Documents and Settings\JAMES\Cookies\james@server.lon.liveperson[1].txt
C:\Documents and Settings\JAMES\Cookies\james@server.lon.liveperson[3].txt
C:\Documents and Settings\JAMES\Cookies\james@serving-sys[1].txt
C:\Documents and Settings\JAMES\Cookies\james@sexbabes[1].txt
C:\Documents and Settings\JAMES\Cookies\james@sexbombslive[2].txt
C:\Documents and Settings\JAMES\Cookies\james@sexintheuk[2].txt
C:\Documents and Settings\JAMES\Cookies\james@sexmovies[2].txt
C:\Documents and Settings\JAMES\Cookies\james@sexreactor[1].txt
C:\Documents and Settings\JAMES\Cookies\james@sextapecelebs[1].txt
C:\Documents and Settings\JAMES\Cookies\james@sextracker[1].txt
C:\Documents and Settings\JAMES\Cookies\james@sexy-trip[1].txt
C:\Documents and Settings\JAMES\Cookies\james@sexyandshocking[2].txt
C:\Documents and Settings\JAMES\Cookies\james@sexyclips[2].txt
C:\Documents and Settings\JAMES\Cookies\james@shocking-sextapes[2].txt
C:\Documents and Settings\JAMES\Cookies\james@simplyhealth.112.2o7[1].txt
C:\Documents and Settings\JAMES\Cookies\james@sitestat.mayoclinic[2].txt
C:\Documents and Settings\JAMES\Cookies\james@smartweb.advertserve[1].txt
C:\Documents and Settings\JAMES\Cookies\james@socialmedia[2].txt
C:\Documents and Settings\JAMES\Cookies\james@specificclick[2].txt
C:\Documents and Settings\JAMES\Cookies\james@stat.dealtime[1].txt
C:\Documents and Settings\JAMES\Cookies\james@stat.onestat[2].txt
C:\Documents and Settings\JAMES\Cookies\james@statcounter[2].txt
C:\Documents and Settings\JAMES\Cookies\james@stats.channel4[1].txt
C:\Documents and Settings\JAMES\Cookies\james@stats.drivecleaner[1].txt
C:\Documents and Settings\JAMES\Cookies\james@statse.webtrendslive[2].txt
C:\Documents and Settings\JAMES\Cookies\james@superstats[1].txt
C:\Documents and Settings\JAMES\Cookies\james@tacoda[1].txt
C:\Documents and Settings\JAMES\Cookies\james@teensay.co[1].txt
C:\Documents and Settings\JAMES\Cookies\james@test.coremetrics[1].txt
C:\Documents and Settings\JAMES\Cookies\james@thats****ed[1].txt
C:\Documents and Settings\JAMES\Cookies\james@track.adform[2].txt
C:\Documents and Settings\JAMES\Cookies\james@track.omguk[1].txt
C:\Documents and Settings\JAMES\Cookies\james@tracking.summitmedia.co[1].txt
C:\Documents and Settings\JAMES\Cookies\james@tradedoubler[2].txt
C:\Documents and Settings\JAMES\Cookies\james@tribalfusion[1].txt
C:\Documents and Settings\JAMES\Cookies\james@try.screensavers[2].txt
C:\Documents and Settings\JAMES\Cookies\james@try.starware[2].txt
C:\Documents and Settings\JAMES\Cookies\james@ukbingotraffic.directtrack[1].txt
C:\Documents and Settings\JAMES\Cookies\james@valueclick[1].txt
C:\Documents and Settings\JAMES\Cookies\james@video.pornhost[1].txt
C:\Documents and Settings\JAMES\Cookies\james@videoegg.adbureau[2].txt
C:\Documents and Settings\JAMES\Cookies\james@winantivirus[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www.addfreestats[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.amateurpornz[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www.burstbeacon[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www.burstnet[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.camelmedia[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.clash-media[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www.comprabanner[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.counterstatistik[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.freesmutporno[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www.galleries-porno[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www.googleadservices[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.googleadservices[4].txt
C:\Documents and Settings\JAMES\Cookies\james@www.pornenmeer[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www.pornhub[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www.pornoamateurs[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.porntube[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.ppctracking[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.sextapecelebs[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.sexy-trip[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.sexyclips[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www.thats****ed[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.thumbxxx[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www.trafficholder[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.winantivirus[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www.xxxmsncam[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www1.addfreestats[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www5.addfreestats[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www6.addfreestats[1].txt
C:\Documents and Settings\JAMES\Cookies\james@www7.addfreestats[2].txt
C:\Documents and Settings\JAMES\Cookies\james@www8.addfreestats[2].txt
C:\Documents and Settings\JAMES\Cookies\james@xiti[1].txt
C:\Documents and Settings\JAMES\Cookies\james@xxxcounter[1].txt
C:\Documents and Settings\JAMES\Cookies\james@xxxporn[1].txt
C:\Documents and Settings\JAMES\Cookies\james@yadro[2].txt
C:\Documents and Settings\JAMES\Cookies\james@youporn[2].txt
C:\Documents and Settings\JAMES\Cookies\james@zbox.zanox[1].txt
C:\Documents and Settings\JAMES\Cookies\james@zedo[1].txt
cybertech's Avatar
Computer Specs
Moderator with 56,053 posts.
  
Join Date: Apr 2002
Location: Washington State
14-May-2008, 10:36 AM #7
Did you get a Kaspersky log?

Run HJT again and put a check in the following:

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: iebho - {F8A0D89E-875F-41AF-83BE-6B5780224682} - C:\WINDOWS\iebho.dll

Close all applications and browser windows before you click "fix checked".



Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 6.
  • Scroll down to where it says Java Runtime Environment (JRE) 6 Update 6. The Java SE Runtime Environment (JRE) allows end-users to run Java applications (the fifth one in the list)..
  • Click the "Download" button to the right. A new page will open.
  • Select your platform and check the box that says: I agree to the Java SE Runtime Environment 6 License Agreement.
  • Click Continue.
  • Click on the link under Windows Offline Installation (jre-6u6-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager.
  • Go to Start - Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Close any programs you may have running - especially your web browser.
  • Then from your desktop double-click on the download to install the newest version.
__________________
Microsoft MVP/Windows - Consumer Security


If we have helped you, please consider making a donation to TSG!