1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help please

Discussion in 'Virus & Other Malware Removal' started by J.S., Aug 8, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. J.S.

    J.S. Thread Starter

    Joined:
    Aug 8, 2006
    Messages:
    11
    Hello,

    I seem to have the same problem on my laptop. Could you help me out fixing this, please?

    I followed the steps you described in this topic. I did a scan with Ewido Anti-spyware in the Safe Mode. Now I'm scanning with Panda ActiveScan. If I post these two reports afterwords, can you help me further please?
    Thx!

    Kind Regards.
    Jan.
     
  2. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,048
    Hi J.S. and welcome to TSG,

    I would like to see your HijackThis log before you do any scans please.


    I've split your post off into a thread of your own.
     
  3. J.S.

    J.S. Thread Starter

    Joined:
    Aug 8, 2006
    Messages:
    11
    Thx for willing to help me! I'm sorry for the mistakes I might make in my English writing... :(

    Here the HijackThis log...



    Logfile of HijackThis v1.99.1
    Scan saved at 18:36:05, on 8/08/2006
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\Ati2evxx.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\WINNT\system32\hidserv.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\ON Technology\ON Command Remote Host\ph32svc.exe
    C:\WINNT\system32\Ati2evxx.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\ON Technology\ON Command Remote Host\phtray.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
    C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
    C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
    C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ewido anti-spyware 4.0\ewido.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
    O4 - HKLM\..\Run: [ProxyHostTrayIcon] "C:\Program Files\ON Technology\ON Command Remote Host\phtray.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
    O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
    O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127823572185
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136555075218
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = info.az.vub.ac.be
    O17 - HKLM\System\CCS\Services\Tcpip\..\{05C92247-F1A7-4799-BE9E-DAE344E6A411}: NameServer = 134.184.250.7,134.184.15.13
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = info.az.vub.ac.be
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = info.az.vub.ac.be,az.vub.ac.be
    O17 - HKLM\System\CS1\Services\Tcpip\..\{05C92247-F1A7-4799-BE9E-DAE344E6A411}: NameServer = 134.184.250.7,134.184.15.13
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = info.az.vub.ac.be
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = info.az.vub.ac.be,az.vub.ac.be
    O17 - HKLM\System\CS2\Services\Tcpip\..\{05C92247-F1A7-4799-BE9E-DAE344E6A411}: NameServer = 134.184.250.7,134.184.15.13
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = info.az.vub.ac.be,az.vub.ac.be
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
    O23 - Service: ON Command Remote Host Service (ProxyHostService) - Funk Software, Inc. - C:\Program Files\ON Technology\ON Command Remote Host\ph32svc.exe
     
  4. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,048
    Please post the results of your Ewido scan and go ahead and do the Panda Active Scan and post those results as well.

    Please go HERE to run Panda's ActiveScan
    • Once you are on the Panda site click the Scan your PC button
    • A new window will open...click the Check Now button
    • Enter your Country
    • Enter your State/Province
    • Enter your e-mail address and click send
    • Select either Home User or Company
    • Click the big Scan Now button
    • If it wants to install an ActiveX component allow it
    • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
    • When download is complete, click on My Computer to start the scan
    • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report
     
  5. J.S.

    J.S. Thread Starter

    Joined:
    Aug 8, 2006
    Messages:
    11
    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 13:42:20 8/08/2006

    + Scan result:



    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\CP4DQRS1\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : No action taken.
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OP6N8XMR\send_ocx_sof[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.247realmedia : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Addynamix : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Adtech : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : No action taken.
    C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][3].txt -> TrackingCookie.Belstat : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Bluestreak : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Bridgetrack : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Burstnet : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Clickhype : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Com : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected]trics[1].txt -> TrackingCookie.Coremetrics : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Doubleclick : No action taken.
    C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Estat : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Etracker : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : No action taken.
    C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Fastclick : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : No action taken.
    C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : No action taken.
    C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : No action taken.
    C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Ivwbox : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Liveperson : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Mediaplex : No action taken.
    C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Mediaplex : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Oewabox : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Onestat : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Questionmarket : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Realcastmedia : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Realtracker : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Revenue : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Sexcounter : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Smartadserver : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Statcounter : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Targetnet : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Tracking101 : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Tradedoubler : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Valuead : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Valueclick : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Web-stat : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Weborama : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : No action taken.
    C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Zedo : No action taken.


    ::Report end
     
  6. J.S.

    J.S. Thread Starter

    Joined:
    Aug 8, 2006
    Messages:
    11
    This Ewido scan was done 6 hours ago. Is that a problem?

    I'm now running the Panda scan...
     
  7. J.S.

    J.S. Thread Starter

    Joined:
    Aug 8, 2006
    Messages:
    11
    Panda Scan report...



    Incident Status Location

    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Adverserve Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Beweb Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][3].txt
    Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][4].txt
    Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][5].txt
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/SpywareStormer Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
    Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Buydomains Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt
    Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][2].txt
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt
    Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\Cookies\[email protected][1].txt
     
  8. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,048
    Sorry about the delay but I was never notified of your reply.

    Do you have a remote control software program by Funk Software?


    Rescan with HijackThis, close all browser windows except HijackThis, put a check mark beside these entries and click fix checked.


    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm




    Clear out all of your cookies in IE:

    Open the Tools menu.
    Select Internet Options to open the Dialog box.
    Click the Delete Cookies button.


    Then reset cookies as follows:

    In IE click on Tools - Internet Options - privacy tab and select "advanced". Set both First Party and Third Party cookies to "prompt" and check "always allow session cookies".

    Basically, you should refuse all cookies except those from sites you trust or need to log in to. In those cases, you can add the sites to the Trusted Zone or simply choose to "always accept" them.

    You can refuse a cookie each time it asks (if you're not sure and don't want to block it all the time) or you can select the option to "apply my decision to all cookies from this website" and then select "block or allow". If you block a cookie and later find it's needed, you can go back into Internet Options, under the privacy tab and click on "Sites" and remove it from the list of blocked cookies there.
     
  9. J.S.

    J.S. Thread Starter

    Joined:
    Aug 8, 2006
    Messages:
    11
    This doesn't ring a bell, so I don't think so... :(
     
  10. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,048
    That entry seems legit so we'll leave it alone.

    How are things running now?
     
  11. J.S.

    J.S. Thread Starter

    Joined:
    Aug 8, 2006
    Messages:
    11
    I've never encountered any problems. The only thing was that McAfee warned for this virus-thing, but couldn't remove it... I did everything what you adviced, so it should be ok now?

    This virus, is it a cookie?
     
  12. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,048
    What virus did McAfee warn about and where was it located?
     
  13. J.S.

    J.S. Thread Starter

    Joined:
    Aug 8, 2006
    Messages:
    11
  14. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,048
    I remember splitting your post off but couldn't remember what the other poster's problem was.

    Is McAfee still detecting the file?
     
  15. J.S.

    J.S. Thread Starter

    Joined:
    Aug 8, 2006
    Messages:
    11
    Since 2 days ago, I didn't get a warning anymore. I'm now performing an On-Demand Scan...
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/490462

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice