1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Contracted a trojan cannot kill it.

Discussion in 'Virus & Other Malware Removal' started by mattbro75, Jan 20, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. mattbro75

    mattbro75 Thread Starter

    Joined:
    Jun 20, 2003
    Messages:
    76
    I have Avast as my AV and it detects it all the time, but none of the possible options they give Move to chest, delete, repair seem to stop it from coming back.

    I have googled this and cannot find any info. Please help.

    Here's the info Avast gives me:

    C:\WINDOWS\SMS5_HOOk.DLL\[Morphine]

    Win32:Trojan-gen. {Other}
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Click here to download HJTsetup.exe: http://www.thespykiller.co.uk/files/HJTSetup.exe
    Save HJTsetup.exe to your desktop.

    Double click on the HJTsetup.exe icon on your desktop.
    By default it will install to C:\Program Files\Hijack This.
    Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
    Put a check by Create a desktop icon then click Next again.
    Continue to follow the rest of the prompts from there.
    At the final dialogue box click Finish and it will launch Hijack This.
    Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
    Click Save to save the log file and then the log will open in notepad.
    Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    Come back here to this thread and Paste the log in your next reply.
    DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
     
  3. mattbro75

    mattbro75 Thread Starter

    Joined:
    Jun 20, 2003
    Messages:
    76
    Thanks, here's the log.

    Logfile of HijackThis v1.99.1
    Scan saved at 11:39:04 AM, on 1/20/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/accounts/Ser...om/mail/?ui=html&zy=l&ltmpl=wsad&ltmplcache=2
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130365689546
    O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: WeitsServes - Unknown owner - C:\WINDOWS\SMS5.EXE
     
  4. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Click here to download the trial version of Ewido Security Suite:
    http://www.ewido.net/en/download/

    · Install Ewido.
    · During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
    · Launch ewido.
    · It will prompt you to update click the OK button and it will go to the main screen.
    · On the left side of the main screen click update.
    · Click on Start and let it update.
    · DO NOT run a scan yet.

    Restart your computer into Safe Mode now.
    (Start tapping the F8 key at Startup, before the Windows logo screen).
    Perform the following steps in Safe Mode:

    * Run Ewido:
    Click on scanner
    Click Complete System Scan and the scan will begin.
    During the scan it will prompt you to clean files, click OK.
    When the scan is finished, look at the bottom of the screen and click the Save report button.
    Save the report to your desktop.

    Reboot.

    Post a new Hijack This log and the results of the Ewido scan.
     
  5. mattbro75

    mattbro75 Thread Starter

    Joined:
    Jun 20, 2003
    Messages:
    76
    Ewido scan report: Part 1 of 2

    ---------------------------------------------------------
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 12:47:34 PM, 1/20/2006
    + Report-Checksum: 83B421AA

    + Scan result:

    HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
    :mozilla.7:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.8:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.9:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.10:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.11:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.12:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.17:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.43:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
    :mozilla.45:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    :mozilla.46:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    :mozilla.51:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
    :mozilla.62:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.63:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.64:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.65:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.66:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
    :mozilla.67:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
    :mozilla.68:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
    :mozilla.69:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
    :mozilla.70:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
    :mozilla.71:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.72:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.73:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.74:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.75:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.76:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.77:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.78:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.94:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
    :mozilla.95:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
    :mozilla.100:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.101:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
    :mozilla.102:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.103:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.104:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.105:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.106:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.107:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.108:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.109:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.110:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.111:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.112:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.113:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.114:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.115:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.116:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.117:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.118:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.119:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.120:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.121:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.122:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.123:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.124:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.125:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.126:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.127:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.128:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.129:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.130:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.131:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.132:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.133:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.149:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
    :mozilla.150:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.151:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.152:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.153:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.154:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.155:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
    :mozilla.156:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
    :mozilla.157:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
    :mozilla.188:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.194:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
    :mozilla.195:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
    :mozilla.208:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.217:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
     
  6. mattbro75

    mattbro75 Thread Starter

    Joined:
    Jun 20, 2003
    Messages:
    76
    Ewido scan report 2 of 2 (it was too long to post)



    :mozilla.218:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
    :mozilla.223:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.224:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.225:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.226:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.227:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.228:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.229:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.230:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.231:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.232:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.233:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.234:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.235:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.236:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.252:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.253:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.254:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.255:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.256:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.257:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.258:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.259:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.260:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.261:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.262:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
    :mozilla.269:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
    :mozilla.270:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
    :mozilla.271:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
    :mozilla.272:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
    :mozilla.273:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
    :mozilla.320:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Hotlog : Cleaned with backup
    :mozilla.372:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.445:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
    :mozilla.458:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
    :mozilla.459:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
    :mozilla.462:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
    :mozilla.472:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
    :mozilla.498:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.499:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.500:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.501:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.502:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.509:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
    :mozilla.532:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
    :mozilla.533:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
    :mozilla.534:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
    :mozilla.535:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
    :mozilla.536:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
    :mozilla.537:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
    :mozilla.538:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
    :mozilla.539:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
    :mozilla.543:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
    :mozilla.587:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.588:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.589:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.590:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.591:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
    :mozilla.598:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adition : Cleaned with backup
    :mozilla.599:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adition : Cleaned with backup
    :mozilla.600:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.601:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.602:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.603:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.604:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.605:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.635:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
    :mozilla.636:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
    :mozilla.697:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
    :mozilla.698:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
    :mozilla.699:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
    :mozilla.700:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
    :mozilla.701:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
    :mozilla.702:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
    :mozilla.706:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
    :mozilla.707:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
    :mozilla.708:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
    :mozilla.766:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
    :mozilla.798:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.811:C:\Documents and Settings\Jmoadtite Brothers\Application Data\Mozilla\Firefox\Profiles\6pzddwiu.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][2].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][1].txt -> Spyware.Cookie.Centrport : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][2].txt -> Spyware.Cookie.Com : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][1].txt -> Spyware.Cookie.Overture : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][2].txt -> Spyware.Cookie.Revenue : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][2].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][2].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][1].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
    C:\Documents and Settings\Jmoadtite Brothers\Cookies\jmoadtite [email protected][1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
    C:\WINDOWS\SMS5.DLL -> Backdoor.Hupigon.jn : Cleaned with backup
    C:\WINDOWS\SMS5.EXE -> Backdoor.Hupigon.ig : Cleaned with backup
    C:\WINDOWS\Temp\trz14B.tmp -> Backdoor.Hupigon.ji : Cleaned with backup


    ::Report End
     
  7. mattbro75

    mattbro75 Thread Starter

    Joined:
    Jun 20, 2003
    Messages:
    76
    New HJT logfile

    Looks like Ewido got it. Last three entries fixed. Thanks! Can you tell me anything more about this bugger? What sort of activity could have resulted in it? Only one of the three machines I run on my home netowork came down with this. The one thing different about this machine is that I take it to school (college) with me and it often connects with various wireless networks there. Is that a likely cause?

    This seems to be a keylogger of some sort? How worried should I be in that regard?

    Think I should purchase Ewido? I'm not familiar with it. Currently run Spybot SD, Avast AV, MS firewall, and adaware.

    At any rate, MUCH THANKS!!(y)

    Logfile of HijackThis v1.99.1
    Scan saved at 1:01:21 PM, on 1/20/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/accounts/Ser...om/mail/?ui=html&zy=l&ltmpl=wsad&ltmplcache=2
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130365689546
    O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: WeitsServes - Unknown owner - C:\WINDOWS\SMS5.EXE (file missing)
     
  8. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Yes that sounds like the cause.

    Up to you if you wanna purcahse it. Right now, the free 14-day test version containing all the extensions of the plus-version will be activated. At the end of the test phase, the extensions of the plus version are deactivated and the freeware version can be used unlimited times. The purchased license code of the plus version can be entered at any time.

    Be back shortly with instructions
     
  9. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Click Start – Run - and type in:

    services.msc

    Click OK.

    In the services window find: WeitsServes

    Right click and choose Properties. On the General tab under Service Status click the Stop button to stop the service. Beside Startup Type in the dropdown menu select Disabled. Click Apply then OK. Exit the Services utility.

    Note: You may get an error here when trying to access the properties of the service. If you do get an error, just select the service and look there in the top left of the main service window and click "Stop" to stop the service. If that gives an error or it is already stopped, just skip this step and proceed with the rest.

    Rescan with Hijack This.
    Close all browser windows except Hijack This.
    Put a check mark beside these entries and click "Fix Checked".

    O23 - Service: WeitsServes - Unknown owner - C:\WINDOWS\SMS5.EXE (file missing)

    Reboot.
    Post a new log.
     
  10. mattbro75

    mattbro75 Thread Starter

    Joined:
    Jun 20, 2003
    Messages:
    76
    Here's the new log. I was unable to find the entry you asked me to fix. Is that a reason to worry or just something we already did killed it?

    Thanks.

    Logfile of HijackThis v1.99.1
    Scan saved at 2:50:36 PM, on 1/20/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/accounts/Ser...om/mail/?ui=html&zy=l&ltmpl=wsad&ltmplcache=2
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130365689546
    O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
     
  11. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    We already got it. Everything looks good now. (y)
     
  12. mattbro75

    mattbro75 Thread Starter

    Joined:
    Jun 20, 2003
    Messages:
    76
    Thanks, you RAWK, brutha. :D (y)
     
  13. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    That's sista. ;) and you're welcome!

    You can mark your thread "Solved" from the Thread Tools drop down menu.
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/435672

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice