egcomservice_1046.dll message

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

abdounouri

Thread Starter
Joined
Jan 8, 2006
Messages
9
When I switch on my computer It always shows two messages : "egcomservice_1046.dll message. The specified module could not be found". How can I solve that problem? Thanking you in advance.
 

abdounouri

Thread Starter
Joined
Jan 8, 2006
Messages
9
MFDnSC said:
Get HiJack This V1.99.1 http://thespykiller.co.uk/files/hijackthis_sfx.exe - double click the DL file and click UNZIP letting it extract to its default folder C:\Program FIles\HiJackThis, run it from there, DO NOT fix anything, post the log here.
Thanks MFDnSC. Here is the the logfile you asked for:
Logfile of HijackThis v1.99.1
Scan saved at 20:35:10, on 08/01/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
E:\Program Files\Acceleration Software\StopSignProducts\Firewall\fwservice.exe
E:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\System32\tcpsvcs.exe
E:\WINDOWS\System32\snmp.exe
E:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\QuickTime\qttask.exe
E:\WINDOWS\System32\devldr32.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
E:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
E:\Program Files\HbTools\Bin\4.6.4.1\HbtOEAddOn.exe
E:\Program Files\Acceleration Software\SystemPatcher\sys_alert.exe
E:\Program Files\Common Files\eAcceleration\eanthology.exe
E:\Program Files\ZyXEL\OMNI ADSL USB\CnxDslTb.exe
E:\Program Files\Trust\250S Series\lwbwheel.exe
E:\Program Files\inKline Global\PCShowBuzz\PCShowBuzz.exe
E:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
E:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
E:\WINDOWS\System32\LVCOMSX.EXE
E:\PROGRA~1\ACCELE~1\VELOZD~1\veloz.exe
E:\Program Files\Logitech\Video\LogiTray.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
E:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
E:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
E:\Program Files\WinZip\WZQKPICK.EXE
E:\Program Files\Logitech\Video\FxSvr2.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - E:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
F2 - REG:system.ini: UserInit=E:\WINDOWS\System32\Userinit.exe
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - E:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
O2 - BHO: (no name) - {6ACD11BD-4CA0-4283-A8D8-872B9BA289B6} - E:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - E:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Bladi Toolbar - {A7A46FCF-40E3-4EA5-A8DA-7865D52B9571} - E:\Program Files\IEToolbar\bladi_net.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - E:\Program Files\Starware\bin\Starware.dll (file missing)
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - E:\Program Files\HbTools\Bin\4.6.4.1\HbtHostIE.dll
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - E:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - E:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [websx] E:\Program Files\websx\int437937.exe -auto
O4 - HKLM\..\Run: [WebScan] "E:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "E:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [sginst] E:\PROGRA~1\ACCELE~1\SCRIPT~1\sginst.exe /upd
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] E:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] E:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] E:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LingvoTraining] "E:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Tutor.exe" /ND /NW /AS
O4 - HKLM\..\Run: [Lanceur FinePrint v5] "E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [Instant Buzz Daemon] E:\Program Files\Instant Buzz\IBDaemon.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [ifwjqn] E:\WINDOWS\ifwjqn.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] E:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [HbTools] E:\Program Files\HbTools\Bin\4.6.4.1\HbtOEAddOn.exe
O4 - HKLM\..\Run: [gjkjsbwp] E:\WINDOWS\gjkjsbwp.exe
O4 - HKLM\..\Run: [eanth_system_patcher] "E:\Program Files\Acceleration Software\SystemPatcher\sys_alert.exe" /Startup
O4 - HKLM\..\Run: [EanthologyApp] "E:\Program Files\Common Files\eAcceleration\eanthology.exe" /b Startup
O4 - HKLM\..\Run: [dguard] E:\PROGRA~1\ACCELE~1\DOWNLO~1\dguard.exe
O4 - HKLM\..\Run: [BO1HelperStartUp] E:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1
O4 - HKLM\..\Run: [BI1HelperStartUp] E:\PROGRA~1\BEACHI~1\BI1HEL~1.EXE /partner BI1
O4 - HKLM\..\Run: [StopSignSsFwMon] Rundll32.exe "E:\Program Files\Acceleration Software\StopSignProducts\Firewall\ssfwmon.dll",VerifyStatus
O4 - HKLM\..\Run: [CnxDslTaskBar] "E:\Program Files\ZyXEL\OMNI ADSL USB\CnxDslTb.exe"
O4 - HKLM\..\Run: [TrustInstaller] H:\Setup.EXE
O4 - HKLM\..\Run: [LWBMOUSE] E:\Program Files\Trust\250S Series\lwbwheel.exe
O4 - HKLM\..\Run: [PCShowBuzz] E:\Program Files\inKline Global\PCShowBuzz\PCShowBuzz.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [eMailEncryption] E:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe runstart
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] E:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] E:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\RunOnce: [StopSignSsTsMon] Rundll32.exe "E:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [StopSignSsFwMon] Rundll32.exe "E:\Program Files\Acceleration Software\StopSignProducts\Firewall\ssfwmon.dll",VerifyStatus /ro
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGCOMSERVICE_1046.dll,InstantAccess
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKCU\..\Run: [RoboForm] "E:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "E:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: MyWebSearch Email Plugin.lnk = E:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = E:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
O4 - Global Startup: Norton GoBack.lnk = E:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = E:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://e:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxdm795YYRU
O8 - Extra context menu item: &Translate English Word - res://e:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://e:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://e:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire &[ - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Générateur &G - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O8 - Extra context menu item: Personnaliser le menu - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire &] - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O8 - Extra context menu item: Similar Pages - res://e:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://e:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Translate with Lingvo - res://E:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Lingvo.exe/3000
O9 - Extra button: Instant Buzz - {066040F0-5018-4E15-8AA0-81D36136D989} - E:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {2F099F5D-7003-4441-82C2-707C7C273FEB} - E:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra 'Tools' menuitem: Block This Page - {2F099F5D-7003-4441-82C2-707C7C273FEB} - E:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire &[ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Générateur - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra 'Tools' menuitem: Générateur &G - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm &R - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - E:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINDOWS\web\related.htm
O9 - Extra button: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: i-Nav Options - {CE000996-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O12 - Plugin for .pdf: E:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1064_XP.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1071_XP.cab
O16 - DPF: {086A694F-91FB-4068-B44C-124FB69BF05D} - http://www.searchwww.com/search.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/playersd/installer2.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=d5ce257857a083868c1f4672b0407c8b9379fe5496c0e7d74dd5b79e931ad6d6d9b0f3669e53e51b8fba848fa8088c3fc64cb0edfedca287d6c4c1b056f368:c05c8ac2b23f939ff11a0351cafa03db
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2AEEAC34-FD74-4142-B891-4B05C0C03C87} - http://akamai.downloadv3.com/binaries/DialHTML/EGCOMSERVICE_1042_pack_XP.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - http://akamai.downloadv3.com/binaries/IA/svcsysnet32_EN_XP.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_XP.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_1002902.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by23fd.bay23.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {62360003-D8A7-418B-9DC6-2B9DE95273A0} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v8/0326/ticker.cab
O16 - DPF: {7565A160-5C60-4866-A120-F4D5B2BA3AAE} (FSLoaderCtrl Class) - http://www.clickedyclick.com/Download_Helper/fsloader_v3.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.myfree-classifieds.com/software/visual/isetup.cab
O16 - DPF: {90F7E144-984F-4FA6-83A7-C9C8DCB9974C} (RSActiveXObj Control) - http://cnet.radarsync.com/RSActiveX.ocx
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1068_XP.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BA14D944-0D8C-4F16-A950-6E53EEBB558F} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1040_EN_XP.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D7B59209-0ED9-4986-BD4A-527BE836C6B2} - http://akamai.downloadv3.com/binaries/DialHTML/EGCOMSERVICE_1046_XP.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://lw12fd.law12.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC48D9C0-FD30-427F-A32D-485F77663154}: NameServer = 212.188.4.10 195.34.32.116
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: FWService - eAcceleration Corp. - E:\Program Files\Acceleration Software\StopSignProducts\Firewall\fwservice.exe
O23 - Service: GBPoll - Symantec Corporation - E:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - E:\Program Files\VeriSign\NAVI\naviagent.exe
 
Joined
Sep 7, 2004
Messages
49,014
Download the trial version of Ewido Security Suite http://www.ewido.net/en/download/ (W2K/XP Only)
· Install ewido.
· During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
· Launch ewido
· It will prompt you to update click the OK button and it will go to the main screen
· On the left side of the main screen click update
· Click on Start and let it update.
· DO NOT run a scan yet. You will do that later in safe mode.

Restart your computer into safe mode now. Perform the following steps in safe mode:
(Start tapping F8 at the first black screen after power up)

Run Ewido:
· Click on scanner
· Click Complete System Scan and the scan will begin.
· During the scan it will prompt you to clean files, click OK
· When the scan is finished, look at the bottom of the screen and click the Save report button.
· Save the report to your C: Drive
This will take some time to run!
Boot to normal mode
Post that log and a new HiJack log
 

abdounouri

Thread Starter
Joined
Jan 8, 2006
Messages
9
Logfile of HijackThis v1.99.1
Scan saved at 23:36:21, on 08/01/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
E:\Program Files\ewido anti-malware\ewidoctrl.exe
E:\Program Files\Acceleration Software\StopSignProducts\Firewall\fwservice.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
E:\WINDOWS\System32\tcpsvcs.exe
E:\WINDOWS\System32\snmp.exe
E:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\WINDOWS\System32\devldr32.exe
E:\Program Files\QuickTime\qttask.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
E:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
E:\Program Files\Acceleration Software\SystemPatcher\sys_alert.exe
E:\Program Files\Common Files\eAcceleration\eanthology.exe
E:\Program Files\ZyXEL\OMNI ADSL USB\CnxDslTb.exe
E:\Program Files\Trust\250S Series\lwbwheel.exe
E:\Program Files\inKline Global\PCShowBuzz\PCShowBuzz.exe
E:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
E:\WINDOWS\System32\LVCOMSX.EXE
E:\Program Files\Logitech\Video\LogiTray.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
E:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
E:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
E:\Program Files\WinZip\WZQKPICK.EXE
E:\Program Files\Logitech\Video\FxSvr2.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\PROGRA~1\ACCELE~1\VELOZD~1\veloz.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - E:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing)
F2 - REG:system.ini: UserInit=E:\WINDOWS\System32\Userinit.exe
O2 - BHO: (no name) - {6ACD11BD-4CA0-4283-A8D8-872B9BA289B6} - E:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - E:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Bladi Toolbar - {A7A46FCF-40E3-4EA5-A8DA-7865D52B9571} - E:\Program Files\IEToolbar\bladi_net.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - E:\Program Files\Starware\bin\Starware.dll (file missing)
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - E:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [websx] E:\Program Files\websx\int437937.exe -auto
O4 - HKLM\..\Run: [WebScan] "E:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "E:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [sginst] E:\PROGRA~1\ACCELE~1\SCRIPT~1\sginst.exe /upd
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] E:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] E:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] E:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LingvoTraining] "E:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Tutor.exe" /ND /NW /AS
O4 - HKLM\..\Run: [Lanceur FinePrint v5] "E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [Instant Buzz Daemon] E:\Program Files\Instant Buzz\IBDaemon.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [ifwjqn] E:\WINDOWS\ifwjqn.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] E:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [HbTools] E:\Program Files\HbTools\Bin\4.6.4.1\HbtOEAddOn.exe
O4 - HKLM\..\Run: [gjkjsbwp] E:\WINDOWS\gjkjsbwp.exe
O4 - HKLM\..\Run: [eanth_system_patcher] "E:\Program Files\Acceleration Software\SystemPatcher\sys_alert.exe" /Startup
O4 - HKLM\..\Run: [EanthologyApp] "E:\Program Files\Common Files\eAcceleration\eanthology.exe" /b Startup
O4 - HKLM\..\Run: [dguard] E:\PROGRA~1\ACCELE~1\DOWNLO~1\dguard.exe
O4 - HKLM\..\Run: [BO1HelperStartUp] E:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1
O4 - HKLM\..\Run: [BI1HelperStartUp] E:\PROGRA~1\BEACHI~1\BI1HEL~1.EXE /partner BI1
O4 - HKLM\..\Run: [StopSignSsFwMon] Rundll32.exe "E:\Program Files\Acceleration Software\StopSignProducts\Firewall\ssfwmon.dll",VerifyStatus
O4 - HKLM\..\Run: [CnxDslTaskBar] "E:\Program Files\ZyXEL\OMNI ADSL USB\CnxDslTb.exe"
O4 - HKLM\..\Run: [TrustInstaller] H:\Setup.EXE
O4 - HKLM\..\Run: [LWBMOUSE] E:\Program Files\Trust\250S Series\lwbwheel.exe
O4 - HKLM\..\Run: [PCShowBuzz] E:\Program Files\inKline Global\PCShowBuzz\PCShowBuzz.exe
O4 - HKLM\..\Run: [eMailEncryption] E:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe runstart
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] E:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] E:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\RunOnce: [StopSignSsTsMon] Rundll32.exe "E:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [StopSignSsFwMon] Rundll32.exe "E:\Program Files\Acceleration Software\StopSignProducts\Firewall\ssfwmon.dll",VerifyStatus /ro
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGCOMSERVICE_1046.dll,InstantAccess
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKCU\..\Run: [RoboForm] "E:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "E:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: MyWebSearch Email Plugin.lnk = E:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = E:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
O4 - Global Startup: Norton GoBack.lnk = E:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = E:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://e:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxdm795YYRU
O8 - Extra context menu item: &Translate English Word - res://e:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://e:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://e:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire &[ - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Générateur &G - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O8 - Extra context menu item: Personnaliser le menu - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire &] - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O8 - Extra context menu item: Similar Pages - res://e:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://e:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Translate with Lingvo - res://E:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Lingvo.exe/3000
O9 - Extra button: Instant Buzz - {066040F0-5018-4E15-8AA0-81D36136D989} - E:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {2F099F5D-7003-4441-82C2-707C7C273FEB} - E:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra 'Tools' menuitem: Block This Page - {2F099F5D-7003-4441-82C2-707C7C273FEB} - E:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire &[ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Générateur - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra 'Tools' menuitem: Générateur &G - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm &R - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - E:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: i-Nav Options - {CE000996-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O12 - Plugin for .pdf: E:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1064_XP.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1071_XP.cab
O16 - DPF: {086A694F-91FB-4068-B44C-124FB69BF05D} - http://www.searchwww.com/search.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/playersd/installer2.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_XP.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_1002902.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by23fd.bay23.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {62360003-D8A7-418B-9DC6-2B9DE95273A0} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v8/0326/ticker.cab
O16 - DPF: {7565A160-5C60-4866-A120-F4D5B2BA3AAE} (FSLoaderCtrl Class) - http://www.clickedyclick.com/Download_Helper/fsloader_v3.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.myfree-classifieds.com/software/visual/isetup.cab
O16 - DPF: {90F7E144-984F-4FA6-83A7-C9C8DCB9974C} (RSActiveXObj Control) - http://cnet.radarsync.com/RSActiveX.ocx
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1068_XP.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BA14D944-0D8C-4F16-A950-6E53EEBB558F} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1040_EN_XP.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://lw12fd.law12.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: FWService - eAcceleration Corp. - E:\Program Files\Acceleration Software\StopSignProducts\Firewall\fwservice.exe
O23 - Service: GBPoll - Symantec Corporation - E:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - E:\Program Files\VeriSign\NAVI\naviagent.exe
 

abdounouri

Thread Starter
Joined
Jan 8, 2006
Messages
9
The Ewido scan report could not be send to you because it has more than 30000. What can I do to get it send? Thank you for your patience.
 

abdounouri

Thread Starter
Joined
Jan 8, 2006
Messages
9
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:28:46 م, 08/01/2006
+ Report-Checksum: 2F8CEE8D

+ Scan result:

HKLM\SOFTWARE\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Classes\BridgeX.Installer -> Spyware.BlazeFind : Cleaned with backup
HKLM\SOFTWARE\Classes\BridgeX.Installer\CLSID -> Spyware.BlazeFind : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} -> Spyware.MyWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{021BB032-80A8-4FB6-B3D5-CF27B1553B95} -> Spyware.Slagent : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -> Spyware.WinFavorites : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{205FF73B-CA67-11D5-99DD-444553540006} -> Spyware.CnsMin : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2AEEAC34-FD74-4142-B891-4B05C0C03C87} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{469C7080-8EC8-43A6-AD97-45848113743C} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D7B59209-0ED9-4986-BD4A-527BE836C6B2} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EFB22865-F3BC-4309-ADFA-C8E078A7F762} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FA16BCE1-5E36-472A-8466-E0CDD5CE00E6} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\EGCOMSERVICE.EGComSvc -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\EGCOMSERVICE.EGComSvc\CLSID -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\EGCOMSERVICE.EGComSvc.1 -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\EGCOMSERVICE2.EGComSvc2 -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\EGCOMSERVICE2.EGComSvc2\CLSID -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\EGCOMSERVICE2.EGComSvc2.1 -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{0985C112-2562-46F2-8DA6-92648BA4630F} -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{205FF73A-CA67-11D5-99DD-444553540006} -> Spyware.CnsMin : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{639581D0-8376-4073-B73B-45993FA45156} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{66B0C472-A6B5-4E86-8330-F4875AF90929} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{F8ACA5A0-060A-478A-8368-1407780D2251} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{FABBB49A-4D7B-415B-8250-15C3B854E9FF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\SysWebTelecom.SysWebTelecom -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\SysWebTelecom.SysWebTelecom\CLSID -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\SysWebTelecom.SysWebTelecom\CurVer -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{205FF72E-CA67-11D5-99DD-444553540006} -> Spyware.CnsMin : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{21DE6877-97C0-4FC7-9C16-666B996DB4A2} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{45397063-D7D0-47C2-9508-26487608A298} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{4C92F224-C456-4422-BD61-3F960720F484}\2.0\HELPDIR -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{67907B3C-A6EF-4A01-99AD-3FCD5F526429} -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{71E9CF40-AF72-4B55-BD3F-1FEA2A0EAEA6} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{71EFE583-62FE-4419-9918-CA3B683F7B36} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{793AF621-5CD0-4B92-B765-6712F6AAF48E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{9967A873-40F3-4C7E-9239-6C8760F19F61} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{AD9B275B-E42D-4C7F-9FFB-29B5FB81688B} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{B9F51D42-CCA0-4408-BB02-D433D1865A3A} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{F8EE014F-B34C-4544-8E45-95A7971D323B} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\XBTB00000.IEToolbar -> Spyware.Richfind : Cleaned with backup
HKLM\SOFTWARE\Classes\XBTB00000.IEToolbar\CLSID -> Spyware.Richfind : Cleaned with backup
HKLM\SOFTWARE\Classes\XBTB00000.IEToolbar\CurVer -> Spyware.Richfind : Cleaned with backup
HKLM\SOFTWARE\Classes\XBTB00000.IEToolbar.1 -> Spyware.Richfind : Cleaned with backup
HKLM\SOFTWARE\Classes\XBTB00000.XBTB00000 -> Spyware.Richfind : Cleaned with backup
HKLM\SOFTWARE\Classes\XBTB00000.XBTB00000\CLSID -> Spyware.Richfind : Cleaned with backup
HKLM\SOFTWARE\Classes\XBTB00000.XBTB00000\CurVer -> Spyware.Richfind : Cleaned with backup
HKLM\SOFTWARE\Classes\XBTB00000.XBTB00000.1 -> Spyware.Richfind : Cleaned with backup
HKLM\SOFTWARE\Classes\YSBactivex.Installer -> Spyware.YourSiteBar : Cleaned with backup
HKLM\SOFTWARE\Classes\YSBactivex.Installer\CLSID -> Spyware.YourSiteBar : Cleaned with backup
HKLM\SOFTWARE\HbTools -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\PI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Hotbar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -> Spyware.WinFavorites : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> Spyware.PopularScreensavers : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540006} -> Spyware.CnsMin : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2AEEAC34-FD74-4142-B891-4B05C0C03C87} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{469C7080-8EC8-43A6-AD97-45848113743C} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D7B59209-0ED9-4986-BD4A-527BE836C6B2} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{EFB22865-F3BC-4309-ADFA-C8E078A7F762} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} -> Spyware.MyWebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA -> Spyware.MoneyTree : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsOutlookTools -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HbToolsWebTools -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Optimizer -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReports by Hotbar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB00000.XBTB00000IEToolbar -> Spyware.Richfind : Cleaned with backup
:mozilla.9:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Estat : Cleaned with backup
:mozilla.10:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.11:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Comclick : Cleaned with backup
:mozilla.12:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Comclick : Cleaned with backup
:mozilla.13:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Comclick : Cleaned with backup
:mozilla.14:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Weborama : Cleaned with backup
:mozilla.15:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Weborama : Cleaned with backup
:mozilla.16:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Weborama : Cleaned with backup
:mozilla.57:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.70:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.231:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Smartadserver : Cleaned with backup
:mozilla.242:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Smartadserver : Cleaned with backup
:mozilla.250:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Dbbsrv : Cleaned with backup
:mozilla.251:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.272:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.285:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Smartadserver : Cleaned with backup
:mozilla.297:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Smartadserver : Cleaned with backup
:mozilla.443:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.444:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.445:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.446:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.447:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.448:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.449:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.450:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.451:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.452:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.453:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.454:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.731:E:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\eaa3295q.default\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Adocean : Cleaned with backup
 
Joined
Sep 7, 2004
Messages
49,014
Edit out of it the cookie entries or enought to post the log

I'll review the HJT log and post again with the fixes
 

abdounouri

Thread Starter
Joined
Jan 8, 2006
Messages
9
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][4].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickhype : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Adorigin : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][4].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][5].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][5].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Com : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Com : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Com : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][5].txt -> Spyware.Cookie.Com : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][4].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][5].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Dbbsrv : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][4].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][5].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Estat : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Estat : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Estat : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Euniverseads : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Overture : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Overture : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Overture : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][4].txt -> Spyware.Cookie.Overture : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][6].txt -> Spyware.Cookie.Overture : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Overture : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][4].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][5].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][4].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][5].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][6].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Trafic : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][4].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][3].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][4].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][1].txt -> Spyware.Cookie.Smartadserver : Cleaned with backup
E:\Documents and Settings\user\Cookies\[email protected][2].txt -> Spyware.Cookie.Dbbsrv : Cleaned with backup
E:\Documents and Settings\user\Desktop\dossier Nour\faux virus\Alcoholic.exe -> Not-A-Virus.Joke.CrazyMouse : Cleaned with backup
E:\Documents and Settings\user\Desktop\dossier Nour\faux virus\email.exe -> Not-A-Virus.Joke.Enfin.a : Cleaned with backup
E:\Documents and Settings\user\Desktop\dossier Nour\faux virus\format.exe -> Not-A-Virus.Joke.Apeldorn : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt -> Spyware.Cookie.Com : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt -> Spyware.Cookie.Estat : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt -> Spyware.Cookie.Comclick : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt -> Spyware.Cookie.Spylog : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][2].txt -> Spyware.Cookie.Smartadserver : Cleaned with backup
E:\Documents and Settings\user\Local Settings\Temp\Cookies\[email protected][1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
E:\Program Files\Acceleration Software\Anti-Virus\engine_setup.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Acceleration Software\Oodlz\oodlzx.dll -> Dialer.Generic : Cleaned with backup
E:\Program Files\Acceleration Software\Oodlz\setup.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Common Files\eAcceleration\EanthComponents\eaccel_setup.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Common Files\eAcceleration\EanthComponents\oodlz_install.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Common Files\eAcceleration\EanthComponents\search_setup.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Common Files\eAcceleration\EanthComponents\StopSign_install-r.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Common Files\eAcceleration\eanthmngr_update.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Common Files\eAcceleration\eAnthologyApp_Update.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Common Files\eAcceleration\eAnthology_updater2.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Common Files\eAcceleration\Installer\eaccel_updater.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Common Files\eAcceleration\Installer\killasic.exe -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\Common Files\eAcceleration\Installer\stopsinfo.dll -> Spyware.eAcceleration : Cleaned with backup
E:\Program Files\HbTools\bin\4.6.4.1\HbtHostOE.dll -> Spyware.HotBar : Cleaned with backup
E:\Program Files\HbTools\bin\4.6.4.1\HbtOEAddOn.exe -> Adware.Hotbar : Cleaned with backup
E:\Program Files\HbTools\bin\4.6.4.1\HbtWallpaper.dll -> Adware.Hotbar : Cleaned with backup
E:\Program Files\HbTools\bin\4.6.4.1\HbtWeatherOnTray.exe -> Adware.Hotbar : Cleaned with backup
E:\Program Files\Internet Optimizer -> Spyware.InternetOptimizer : Cleaned with backup
E:\Program Files\MSN Messenger\riched20.dll -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3CJPEG.DLL -> Spyware.FunWeb : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3DTACTL.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3HISTSW.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3HTTPCT.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3POPSWT.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3PSSAVR.SCR -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3REPROX.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3RESTUB.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3SCHMON.EXE -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\F3WPHOOK.DLL -> Spyware.Wesbar : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\M3HTML.DLL -> Adware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\M3IDLE.DLL -> Adware.IWon : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\M3SKIN.DLL -> Adware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE -> Spyware.Wesbar : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\bar\3.bin\NPMYWEBS.DLL -> Spyware.MyWebSearch : Cleaned with backup
E:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL -> Adware.MyWebSearch : Cleaned with backup
E:\WINDOWS\system32\eglivecam_1027.dll -> Spyware.LiveCam : Cleaned with backup
E:\WINDOWS\system32\eglivecam_1028.dll -> Trojan.P2E.aa : Cleaned with backup
E:\WINDOWS\system32\f3PSSavr.scr -> Spyware.MyWebSearch : Cleaned with backup


::Report End
 

abdounouri

Thread Starter
Joined
Jan 8, 2006
Messages
9
Please note that in order to send the full report I had to divide it in two parts. Hoping that you will be able to analyse it. Many thanks.
 
Joined
Sep 7, 2004
Messages
49,014
If this were my system I’d remove StopSign/Eaccelerator read about it here

http://www.spywarewarrior.com/rogue_anti-spyware.htm#ss_note

There are othe products that are much better!!!!!


Fix these with HJT – mark them, close IE, click fix checked

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - E:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing)

O3 - Toolbar: Bladi Toolbar - {A7A46FCF-40E3-4EA5-A8DA-7865D52B9571} - E:\Program Files\IEToolbar\bladi_net.dll (file missing)

O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - E:\Program Files\Starware\bin\Starware.dll (file missing)

O4 - HKLM\..\Run: [websx] E:\Program Files\websx\int437937.exe –auto

O4 - HKLM\..\Run: [Instant Buzz Daemon] E:\Program Files\Instant Buzz\IBDaemon.exe

O4 - HKLM\..\Run: [ifwjqn] E:\WINDOWS\ifwjqn.exe

O4 - HKLM\..\Run: [HbTools] E:\Program Files\HbTools\Bin\4.6.4.1\HbtOEAddOn.exe

O4 - HKLM\..\Run: [gjkjsbwp] E:\WINDOWS\gjkjsbwp.exe

O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGCOMSERVICE_1046.dll,InstantAccess

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe

O4 - Startup: MyWebSearch Email Plugin.lnk = E:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE

O9 - Extra button: Instant Buzz - {066040F0-5018-4E15-8AA0-81D36136D989} - E:\WINDOWS\System32\shdocvw.dll

O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1064_XP.cab

O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1071_XP.cab

O16 - DPF: {086A694F-91FB-4068-B44C-124FB69BF05D} - http://www.searchwww.com/search.cab

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab

O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_1002902.cab

O16 - DPF: {BA14D944-0D8C-4F16-A950-6E53EEBB558F} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1040_EN_XP.cab

DownLoad http://www.downloads.subratam.org/KillBox.zip

Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

E:\Program Files\MyWebSearch
E:\Program Files\IEToolbar
E:\Program Files\Starware
E:\Program Files\websx
E:\Program Files\Instant Buzz
E:\WINDOWS\ifwjqn.exe
E:\Program Files\HbTools
E:\WINDOWS\gjkjsbwp.exe
E:\WINDOWS\System32\EGCOMSERVICE_1046.dll

Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

START – RUN – type in %temp% OK - Edit – Select all – File – Delete

Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

Empty the recycle bin
Boot and post a new log from normal NOT safe mode

Please give feedback on what worked/didn’t work and the current status of your system
 
Joined
Sep 7, 2004
Messages
49,014
As you can see by the Ewido log eAcceleration is junk

Dump it and get for your AV

Get the free AVG 7 install it, check for updates and run a full scan

AVG 7 - http://free.grisoft.com/freeweb.php/doc/2/
============
Fire Wall - Free Zone Alarm
http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?lid=nav_za
----------------------
Get all of these and/or verify you have the current versions

SpywareBlaster 3.5 http://majorgeeks.com/download2859.html
SpyBot V1.4 http://www.majorgeeks.com/download2471.html
AdAware SE 1.06 http://www.majorgeeks.com/download506.html
MS AntiSpy - http://www.microsoft.com/downloads/...a2-6a57-4c57-a8bd-dbf62eda9671&displaylang=en (XP and W2K only)

DownLoad them (they are free), install them, check each for their
definition updates
and then run AdAware, MS AntiSpy (W2k/XP) and Spybot, fixing anything
they say.

In SpywareBlaster - Always enable all protection after updates
In SpyBot - After an update run immunize
 

abdounouri

Thread Starter
Joined
Jan 8, 2006
Messages
9
There is one error message left. Here is the log. Thank you very much for your time and help.
Logfile of HijackThis v1.99.1
Scan saved at 01:57:53, on 09/01/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
E:\Program Files\ewido anti-malware\ewidoctrl.exe
E:\Program Files\Acceleration Software\StopSignProducts\Firewall\fwservice.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
E:\WINDOWS\System32\tcpsvcs.exe
E:\WINDOWS\System32\snmp.exe
E:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\WINDOWS\System32\devldr32.exe
E:\Program Files\QuickTime\qttask.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
E:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
E:\Program Files\Acceleration Software\SystemPatcher\sys_alert.exe
E:\Program Files\Common Files\eAcceleration\eanthology.exe
E:\Program Files\ZyXEL\OMNI ADSL USB\CnxDslTb.exe
E:\Program Files\Trust\250S Series\lwbwheel.exe
E:\Program Files\inKline Global\PCShowBuzz\PCShowBuzz.exe
E:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
E:\WINDOWS\System32\LVCOMSX.EXE
E:\PROGRA~1\ACCELE~1\VELOZD~1\veloz.exe
E:\Program Files\Logitech\Video\LogiTray.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
E:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
E:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
E:\Program Files\WinZip\WZQKPICK.EXE
E:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
F2 - REG:system.ini: UserInit=E:\WINDOWS\System32\Userinit.exe
O2 - BHO: (no name) - {6ACD11BD-4CA0-4283-A8D8-872B9BA289B6} - E:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - E:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - E:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [WebScan] "E:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "E:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [sginst] E:\PROGRA~1\ACCELE~1\SCRIPT~1\sginst.exe /upd
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] E:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] E:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] E:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LingvoTraining] "E:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Tutor.exe" /ND /NW /AS
O4 - HKLM\..\Run: [Lanceur FinePrint v5] "E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [IMJPMIG8.1] E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] E:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [eanth_system_patcher] "E:\Program Files\Acceleration Software\SystemPatcher\sys_alert.exe" /Startup
O4 - HKLM\..\Run: [EanthologyApp] "E:\Program Files\Common Files\eAcceleration\eanthology.exe" /b Startup
O4 - HKLM\..\Run: [dguard] E:\PROGRA~1\ACCELE~1\DOWNLO~1\dguard.exe
O4 - HKLM\..\Run: [BO1HelperStartUp] E:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1
O4 - HKLM\..\Run: [BI1HelperStartUp] E:\PROGRA~1\BEACHI~1\BI1HEL~1.EXE /partner BI1
O4 - HKLM\..\Run: [StopSignSsFwMon] Rundll32.exe "E:\Program Files\Acceleration Software\StopSignProducts\Firewall\ssfwmon.dll",VerifyStatus
O4 - HKLM\..\Run: [CnxDslTaskBar] "E:\Program Files\ZyXEL\OMNI ADSL USB\CnxDslTb.exe"
O4 - HKLM\..\Run: [TrustInstaller] H:\Setup.EXE
O4 - HKLM\..\Run: [LWBMOUSE] E:\Program Files\Trust\250S Series\lwbwheel.exe
O4 - HKLM\..\Run: [PCShowBuzz] E:\Program Files\inKline Global\PCShowBuzz\PCShowBuzz.exe
O4 - HKLM\..\Run: [eMailEncryption] E:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe runstart
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] E:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] E:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\RunOnce: [StopSignSsTsMon] Rundll32.exe "E:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus /ro
O4 - HKLM\..\RunOnce: [StopSignSsFwMon] Rundll32.exe "E:\Program Files\Acceleration Software\StopSignProducts\Firewall\ssfwmon.dll",VerifyStatus /ro
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "E:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "E:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = E:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
O4 - Global Startup: Norton GoBack.lnk = E:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = E:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://e:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxdm795YYRU
O8 - Extra context menu item: &Translate English Word - res://e:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://e:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://e:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire &[ - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Générateur &G - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O8 - Extra context menu item: Personnaliser le menu - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire &] - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O8 - Extra context menu item: Similar Pages - res://e:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://e:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Translate with Lingvo - res://E:\Program Files\ABBYY Lingvo 10 Multilingual Dictionary\Lingvo.exe/3000
O9 - Extra button: (no name) - {2F099F5D-7003-4441-82C2-707C7C273FEB} - E:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra 'Tools' menuitem: Block This Page - {2F099F5D-7003-4441-82C2-707C7C273FEB} - E:\PROGRA~1\ACCELE~1\StopSign\webcbrowse.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire &[ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Générateur - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra 'Tools' menuitem: Générateur &G - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm &R - {724d43aa-0d85-11d4-9908-00400523e39a} - file://E:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - E:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROProj.dll
O9 - Extra button: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: i-Nav Options - {CE000996-A58C-4441-8938-744CD72AB27F} - E:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O10 - Unknown file in Winsock LSP: e:\progra~1\accele~1\velozd~1\asiclayer.dll
O12 - Plugin for .pdf: E:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://mm.tf1.fr/playersd/installer2.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1070_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by23fd.bay23.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {62360003-D8A7-418B-9DC6-2B9DE95273A0} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v8/0326/ticker.cab
O16 - DPF: {7565A160-5C60-4866-A120-F4D5B2BA3AAE} (FSLoaderCtrl Class) - http://www.clickedyclick.com/Download_Helper/fsloader_v3.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.myfree-classifieds.com/software/visual/isetup.cab
O16 - DPF: {90F7E144-984F-4FA6-83A7-C9C8DCB9974C} (RSActiveXObj Control) - http://cnet.radarsync.com/RSActiveX.ocx
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1068_XP.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://lw12fd.law12.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC48D9C0-FD30-427F-A32D-485F77663154}: NameServer = 212.188.4.10 195.34.32.116
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: FWService - eAcceleration Corp. - E:\Program Files\Acceleration Software\StopSignProducts\Firewall\fwservice.exe
O23 - Service: GBPoll - Symantec Corporation - E:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - E:\Program Files\VeriSign\NAVI\naviagent.exe
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top