There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Virus & Other Malware Removal
Go to first new post Black desktop, missing all shortcuts, fi ...
Go to first new post Extremely unresponsive, massive hang-ups ...
Go to first new post Incredibar Removal - Support Pls!
Go to first new post need help regarding malware/spyware
Go to first new post Somethings Amiss....
Go to first new post "svchost application error 0x6fe217 ...
Go to first new post Family Cyber Removal
Go to first new post Cannot access any google sites - youtube ...
Go to first new post We Got System Checked :-(
Go to first new post Trojan: Win32/Alureon.FK - hijack this l ...
Go to first new post System Check problem
Go to first new post slow computer, downloads over a few mb f ...
Go to first new post Overall Sluggish Performance, Video Hicc ...
Go to first new post Extremely slow computer
Go to first new post RegClean Pro
Tag Cloud
access acer asus batch bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop lcd malware memory monitor motherboard network printer problem ram registry router security slow software sound toshiba trojan usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless xbox
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
Annoying Virus - Please help! (New)

Page 1 of 3 1 23
Reply  
Thread Tools
hornet67's Avatar
Junior Member with 18 posts.
  
Join Date: May 2006
Experience: Beginner
26-May-2006, 05:25 PM #1
Annoying Virus - Please help!
I have been infected with a virus, here's the messy stuff:

1, I now have six question marks next to my clock (??????)
2, It's removed the 'run' button on the Start menu.
3, If i try to bring up the Task Manager it says this has been disabled by the administrator. (which it hasn't, because it's my personal compy)
4, It tried to email all my addresses etc,

I'm running Windows XP, if you need any other information please ask.
Successful virus destroyee will have my firstborn child named after them.
Thanks, Gary.
Register for free to hide this ad!
Cheeseball81's Avatar
Moderator & Malware Removal Specialist with 80,165 posts.
  
Join Date: Mar 2004
Location: Long Island, NY
Experience: Advanced
26-May-2006, 05:41 PM #2
Hi and welcome

* Click here to download HJTsetup.exe.
Save HJTsetup.exe to your desktop.

Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
__________________
Microsoft MVP - Consumer Security
If we've helped you, please donate to TSG!
hornet67's Avatar
Junior Member with 18 posts.
  
Join Date: May 2006
Experience: Beginner
26-May-2006, 06:19 PM #3
Thanks! Here we are: note the question marks are there too!

Logfile of HijackThis v1.99.1
Scan saved at 22:17:28 ??????, on 26/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\KService\KService.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\VoyagerTest\fts.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\kdx\KHost.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
c:\program files\common files\aol\1142514794\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
N4 - Mozilla: user_pref("browser.startup.homepage", "http://www.mozilla.org/start/"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSe arch.src"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Home\wsbho2k0.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [delcab] C:\drivers\deltreew.exe C:\cabs
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKLM\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe -all
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...9x/AvSniff.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-30.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/Cl.../OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1141744372718
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - https://a248.e.akamai.net/f/248/5462...l/SymDlBrg.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b3.../java/RntX.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B95942C8-21DE-4F68-9F1E-B3D3DB9CE39B}: NameServer = 205.188.146.145
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apache - Unknown owner - C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\KService\KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Cheeseball81's Avatar
Moderator & Malware Removal Specialist with 80,165 posts.
  
Join Date: Mar 2004
Location: Long Island, NY
Experience: Advanced
27-May-2006, 01:40 PM #4
* Click here to download the trial version of Ewido Security Suite.

· Install Ewido.
· During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
· Launch ewido.
· It will prompt you to update click the OK button and it will go to the main screen.
· On the left side of the main screen click update.
· Click on Start and let it update.
· DO NOT run a scan yet.

Restart your computer into Safe Mode now.
(Start tapping the F8 key at Startup, before the Windows logo screen).
Perform the following steps in Safe Mode:

* Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK.
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop.

Reboot.

Post a new Hijack This log and the results of the Ewido scan.
__________________
Microsoft MVP - Consumer Security
If we've helped you, please donate to TSG!
hornet67's Avatar
Junior Member with 18 posts.
  
Join Date: May 2006
Experience: Beginner
27-May-2006, 07:51 PM #5
Here's the results, i have to split them over posts as it won't let me post the whole thing.
Thanks.

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 23:38:03 ??????, 27/05/2006
+ Report-Checksum: D8D51269

+ Scan result:

:mozilla.6:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.312:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.313:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.323:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.324:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.325:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.326:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.327:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.348:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.367:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.368:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.399:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.442:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.472:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.475:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.479:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.480:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.481:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.482:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.493:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.494:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.499:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.501:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.511:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.512:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.524:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.529:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.531:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.533:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.534:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.535:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.536:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.538:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
hornet67's Avatar
Junior Member with 18 posts.
  
Join Date: May 2006
Experience: Beginner
27-May-2006, 07:52 PM #6
:mozilla.539:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.540:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.545:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.546:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.547:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.561:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.562:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.660:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.686:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.710:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
C:\Documents and Settings\Gary E\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv505.jar-11fac7b6-5652d272.zip/Dummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@a-1shz2prbmdj6wvny-1sez2pra2dj6wjl...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@ads.euniverseads[1].txt -> TrackingCookie.Euniverseads : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@ads.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@bellglobemediapublishing.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@cneteurope.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@cnn.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@content.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@data2.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfk4agdpgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfk4cocpwdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfk4ghdzeeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfk4ukc5sdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfk4whd5khp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkiahazggo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkieoazoho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkigldzglq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkiqocjckp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkiwjajeao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkoancjkho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkocpazmbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkoehczgbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkognczclo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkoqpdjgcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkougajwco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkowid5mfo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkownazeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkycmc5agp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkykmcjaao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkyuid5ofq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfl4gocpifq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfl4khcjado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfl4kidpsgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfl4skdpigp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wflighdzgep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfligkazakq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfliomajekq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfliqmczkdq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfliwhcjiep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wflocgajeko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfloqkdpgkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wflyoiazglp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmiamczcfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmighcpalq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmiqndjmdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmismcpwlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmiwhd5ggp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmiwkazslq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmyeocjwhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmyqldjgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgk4qpdjgbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgk4slcjgcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkigld5ikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkikodzafo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkiwkczsfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkoahd5wao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkoglazccp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkoulc5oco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkowhdzcdp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkowkc5efo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkygmazafp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkyqhcpkbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkywkczkdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgl4qgc5sfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4elajokp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4gkazmdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4kkczggp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4kld5kdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4ugdzwko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4undjieq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4upajgkq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjkoancpglo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjkoehcpclq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjkoqhajabp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjkyegdzocp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjkysjdjgfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjl4ajdjggo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjl4ckc5wcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjl4uoczmbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjliknazsdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjliooazabo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlisnczmlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlogpajkgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjloogdzegp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjloqkc5olo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlowicpcdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlowid5mgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlyamd5kfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlyslc5iao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlyujd5wdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmiamd5cgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmieldpckq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmigpcjocp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmiolcjkep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmioncjmap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmiqgc5sco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmyelcpkep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmyenajcep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmyendpcdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmygocpicp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmysgd5cep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmysld5scq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmyuodpeep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnyakd5sho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnyakdpgep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnycndzoho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnyoic5gap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnyqpazifq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnyqpc5ecp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@eurostar.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@image.masterstats[2].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@microsoftuk.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@nbcuniversal.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@news.com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@premiumtv.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@programs.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@saksfifthavenue.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@server.lon.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@server3.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@service.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@skyeurope.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@webstat[1].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@www.web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...mniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...mniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfl...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfl...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wjk...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wjm...mniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup
C:\Program Files\ScanSpyware v3.8.0.4\SSBackup\ssTemp.zip/gary e@ads.euniverseads[1]4.txt -> TrackingCookie.Euniverseads : Cleaned with backup
C:\Program Files\ScanSpyware v3.8.0.4\SSBackup\ssTemp.zip/gary e@ads.realcastmedia[2]5.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\RECYCLER\S-1-5-21-2253077151-3868891257-2426844156-1005\Dc222.exe -> Worm.VB.ee : Cleaned with backup
C:\RECYCLER\S-1-5-21-2253077151-3868891257-2426844156-1005\Dc223.exe -> Worm.VB.ee : Cleaned with backup
C:\WINDOWS\system32\shehalx.dll -> Backdoor.IRCBot.od : Cleaned with backup
C:\WINDOWS\system32\Win1145695.exe -> Worm.VB.ee : Cleaned with backup


::Report End
hornet67's Avatar
Junior Member with 18 posts.
  
Join Date: May 2006
Experience: Beginner
27-May-2006, 07:53 PM #7
And the Hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 23:43:38 ??????, on 27/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\KService\KService.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\VoyagerTest\fts.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\WINDOWS\kdx\KHost.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\program files\common files\aol\1142514794\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
N4 - Mozilla: user_pref("browser.startup.homepage", "http://www.mozilla.org/start/"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSe arch.src"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Home\wsbho2k0.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [delcab] C:\drivers\deltreew.exe C:\cabs
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKLM\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe -all
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...9x/AvSniff.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-30.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/Cl.../OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1141744372718
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - https://a248.e.akamai.net/f/248/5462...l/SymDlBrg.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b3.../java/RntX.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apache - Unknown owner - C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\KService\KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Cheeseball81's Avatar
Moderator & Malware Removal Specialist with 80,165 posts.
  
Join Date: Mar 2004
Location: Long Island, NY
Experience: Advanced
28-May-2006, 01:30 AM #8
Run ActiveScan online virus scan:
http://www.pandasoftware.com/products/activescan.htm

Once you are on the Panda site click the Scan your PC button.
A new window will open...click the Check Now button.
Enter your Country.
Enter your State/Province.
Enter your e-mail address and click send.
Select either Home User or Company.
Click the big Scan Now button.
If it wants to install an ActiveX component allow it.
It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
When download is complete, click on My Computer to start the scan.
When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Post the contents of the ActiveScan report.
__________________
Microsoft MVP - Consumer Security
If we've helped you, please donate to TSG!
hornet67's Avatar
Junior Member with 18 posts.
  
Join Date: May 2006
Experience: Beginner
28-May-2006, 04:57 PM #9
Thank you!
Here we are:


Incident Status Location

Adware:adware/wupd Not disinfected Windows Registry
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt[.rightmedia.net/]
Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@64.62.232[6].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@adopt.hbmediapro[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@adrevolver[3].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@ath.belnk[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@atwola[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@belnk[1].txt
Spyware:Cookie/Barelylegal Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@c.fsx[1].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@c2.gostats[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@casalemedia[2].txt
Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@ct.360i[2].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@did-it[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@dist.belnk[2].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@fe.lea.lycos[1].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@gostats[2].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@go[1].txt
Spyware:Cookie/Mp3search Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@mp3search[2].txt
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@rightmedia[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@searchportal.information[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@statcounter[1].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@target[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@toplist[1].txt
Spyware:Cookie/Affiliate fuel Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@www.affiliatefuel[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@xiti[2].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@xmts[1].txt
Potentially unwanted tool:Application/Pskill.A Not disinfected C:\WINDOWS\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]
Potentially unwanted tool:Application/Pskill.A Not disinfected C:\WINDOWS\system\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]
Potentially unwanted tool:Application/Pskill.A Not disinfected E:\OSONLY\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]
Cheeseball81's Avatar
Moderator & Malware Removal Specialist with 80,165 posts.
  
Join Date: Mar 2004
Location: Long Island, NY
Experience: Advanced
28-May-2006, 05:22 PM #10
Rescan with Hijack This.
Close all browser windows except Hijack This.
Put a check mark beside these entries and click "Fix Checked".

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O4 - HKLM\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe

O4 - HKCU\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe

O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/Cl.../OCI/setup.exe

Close Hijack This.

Please download the Killbox by Option^Explicit.

Note: In the event you already have Killbox, this is a new version that I need you to download.
  • Save it to your desktop.
  • Please double-click Killbox.exe to run it.
  • Select:
    • Delete on Reboot
    • then Click on the All Files button.
  • Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):


    C:\Program Files\Viewpoint\
    C:\WINDOWS\System32\svhda.exe

  • Return to Killbox, go to the File menu, and choose Paste from Clipboard.
  • Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If your computer does not restart automatically, please restart it manually.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.

Post a new Hijack This log.
__________________
Microsoft MVP - Consumer Security
If we've helped you, please donate to TSG!
hornet67's Avatar
Junior Member with 18 posts.
  
Join Date: May 2006
Experience: Beginner
28-May-2006, 05:26 PM #11
Can i just check, i know what the xxxsite-u stuff is , it's a site i was doing on my computer, i know and want that stuff, should i leave that un checked?
Thanks
Cheeseball81's Avatar
Moderator & Malware Removal Specialist with 80,165 posts.
  
Join Date: Mar 2004
Location: Long Island, NY
Experience: Advanced
28-May-2006, 05:27 PM #12
If you know those entries then you don't have to fix them.
hornet67's Avatar
Junior Member with 18 posts.
  
Join Date: May 2006
Experience: Beginner
28-May-2006, 06:10 PM #13
Thank you again for your help,
i don't know if this helps, but there is a thread ongoing here with exactly the same problem as me:http://forums.techguy.org/security/4...lock-date.html
Logfile of HijackThis v1.99.1
Scan saved at 22:06:56 ??????, on 28/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\KService\KService.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\VoyagerTest\fts.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\kdx\KHost.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\program files\common files\aol\1142514794\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
N4 - Mozilla: user_pref("browser.startup.homepage", "http://www.mozilla.org/start/"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSe arch.src"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Home\wsbho2k0.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [delcab] C:\drivers\deltreew.exe C:\cabs
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe -all
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...9x/AvSniff.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-30.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1141744372718
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - https://a248.e.akamai.net/f/248/5462...l/SymDlBrg.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b3.../java/RntX.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apache - Unknown owner - C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\KService\KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Cheeseball81's Avatar
Moderator & Malware Removal Specialist with 80,165 posts.
  
Join Date: Mar 2004
Location: Long Island, NY
Experience: Advanced
28-May-2006, 06:15 PM #14
You're welcome
There are some files I'd lke to get analyzed that look alittle suspicious:

Go to the forum here: http://www.thespykiller.co.uk/forum/index.php?board=1.0
Upload this (these) file(s):

C:\drivers\deltreew.exe
C:\cabs

Here are the directions for uploading the file:

Just click "New Topic", fill in the needed details and post a link to your thread here. Click the "Browse" button. Navigate to the file on your computer. When the file is listed in the window click "Post" to upload the file.
__________________
Microsoft MVP - Consumer Security
If we've helped you, please donate to TSG!
hornet67's Avatar
Junior Member with 18 posts.
  
Join Date: May 2006
Experience: Beginner
28-May-2006, 06:17 PM #15
Off to do that now, don't know if it helps but i edited my last post, at the top is a link to an ongoing thread that a guy has here with the same problem.
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply
Page 1 of 3 1 23

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 02:07 PM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.