I think i have a worm/virus on my comp PLEASE HELP

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

XxSnoe931xX

Thread Starter
Joined
Dec 27, 2005
Messages
101
Here is my Hijackthis log file:


Logfile of HijackThis v1.99.1
Scan saved at 4:19:56 PM, on 1/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\wanmpsvc.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1151551403\ee\AOLSoftware.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\2.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\cfgwiz.exe" /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1151551403\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7E99C8D-E6A3-4827-B0CA-7E323AFA837E}: NameServer = 205.188.146.145
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
 
Joined
Sep 7, 2004
Messages
49,014
Add remove programs - remove RX Toolbar if present

Download Superantispyware

http://www.superantispyware.com/superantispywarefreevspro.html

Install it and double-click the icon on your desktop to run it.
· It will ask if you want to update the program definitions, click Yes.
· Under Configuration and Preferences, click the Preferences button.
· Click the Scanning Control tab.
· Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
· On the main screen, under Scan for Harmful Software click Scan your computer.
· On the left check C:\Fixed Drive.
· On the right, under Complete Scan, choose Perform Complete Scan.
· Click Next to start the scan. Please be patient while it scans your computer.
· After the scan is complete a summary box will appear. Click OK.
· Make sure everything in the white box has a check next to it, then click Next.
· It will quarantine what it found and if it asks if you want to reboot, click Yes.
· To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click and choose copy.
· Click close and close again to exit the program.
· Please paste that information here for me with a new HijackThis log.
 

XxSnoe931xX

Thread Starter
Joined
Dec 27, 2005
Messages
101
SUPERAntiSpyware Scan Log
Generated 01/28/2007 at 06:49 PM

Application Version : 3.5.1016

Core Rules Database Version : 3174
Trace Rules Database Version: 1184

Scan type : Complete Scan
Total Scan Time : 00:27:41

Memory items scanned : 448
Memory threats detected : 0
Registry items scanned : 4267
Registry threats detected : 27
File items scanned : 28900
File threats detected : 311

Browser Hijacker.Internet Explorer Zone Hijack
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\coolwebsearch.com
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\coolwebsearch.com#*
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmeup.com
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmeup.com#*
HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\coolwebsearch.com
HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\coolwebsearch.com#*
HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmeup.com
HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmeup.com#*

Adware.Tracking Cookie
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][4].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][3].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected]_6l6d[1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][2].txt

Adware.MyWay
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}\InprocServer32

Unclassified.Unknown Origin
HKCR\CLSID\{4D1C4E81-A32A-416B-BCDB-33B3EF3617D3}
HKCR\CLSID\{4D1C4E81-A32A-416B-BCDB-33B3EF3617D3}\InprocServer32
HKCR\CLSID\{4D1C4E81-A32A-416B-BCDB-33B3EF3617D3}\InprocServer32#ThreadingModel
HKCR\CLSID\{4D1C4E81-A32A-416B-BCDB-33B3EF3617D3}\Programmable
HKCR\CLSID\{4D1C4E81-A32A-416B-BCDB-33B3EF3617D3}\TypeLib
HKCR\CLSID\{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3}
HKCR\CLSID\{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3}\InprocServer32
HKCR\CLSID\{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3}\InprocServer32#ThreadingModel
HKCR\CLSID\{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3}\Programmable
HKCR\CLSID\{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3}\TypeLib
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\InprocServer32
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\InprocServer32#ThreadingModel
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\KeyPhrasesFileName
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\ProgID
HKCR\CLSID\{2AB289AE-4B90-4281-B2AE-1F4BB034B647}\VersionIndependentProgID

Trojan.PestTrap
HKU\S-1-5-21-2553679162-2952614001-785314837-1008\Software\SNO2

Browser Hijacker.Favorites
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Finance.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Games.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Web Hosting.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Adult Gay Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Adult Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Bondage Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Chinese Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Christian Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Dating & Marriage.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Dating Gay Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Fillipina Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Find Sex Partner.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\French Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\German Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Indian Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Italian Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Jewish Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Senior Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Sex Personals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Dating\Spanish & Portuguese.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Carisoprodol.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Celebrex.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Cialis.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Crestor.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Levitra.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Lipitor.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Neurontin.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Online Pharmacy.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Paxil.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Phentermine.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Tramadol.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Water Phentermine.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Xanax.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Zocor.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy\Zoloft.url
C:\Documents and Settings\Compaq_Owner\Favorites\Pharmacy
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Amateur.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Anal.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Asian.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Bizarre.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Black.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\*******.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Bondage.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Busty.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Cartoons.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Casting.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Classic.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Cream Pie.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Czech Girls.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Fat.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Fetish.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Fisting.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Foot & Nylon.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Gangbang.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Gay.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Gonzo.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Hardcore.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Incest.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Interracial.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Lesbian.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Masturbation.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Mature.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Medic.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Pissing.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Pregnant.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Pussies.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Russian Girls.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Teens.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Transsexuals.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD\Vomit.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Adult DVD Shop.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Free XXX DVD.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\ICO DVD.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\ICO NET.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Amateur.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Babes.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\BDSM.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Big Tits.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Blondes.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Brunettes.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Cumshot.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Fat.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Fetish.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Gay.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Groupsex.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Hardcore.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Interracial.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Latina.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Lesbian.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Masturbation.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Muffdive.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Outdoor.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Panties.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Pregnant.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Shemales.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Teens.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Toys.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Transsexual.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche\Uniform.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Movies by Niche
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Terabyte of Porn.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Angel Baby.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Babysitter.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Bed of Roses.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Candys Girls.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Cheerleader Diaries.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Discipline.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Double Her Pleasure.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Extreme Penetrations.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\FULL MOVIES LIST.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Girls School.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Jessie james's booty bandit.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Kelly the Coed.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\MILTF Mothers I Like to ****.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Naughty Nannies.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Over Eighteen.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Planet X.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Rollerball.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Teacher's Pet.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\The Awakening of Keegan.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\True College Girls.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies\Whore of the Rings.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\Top20 Adult Movies
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18\XXX Reactor.url
C:\Documents and Settings\Compaq_Owner\Favorites\Adult + 18
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Ace On-line Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Best Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Best Gamble Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Carnival.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Casino Bonuses.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Casino Reviews.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Club DICE Poker.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Club DICE.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Diamond Club.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Dliamond Club Poker.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Jackpot On-line Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Joyland.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Monaco Gold Casino.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\New York Casino.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Party Poker.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Playgate Poker.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Playgate.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Prestige Bingo.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Prestige Poker.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Prestige.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Ruby Bingo.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\The American Dream Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Top On-line Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\Usa Casino.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling\You Bingo.url
C:\Documents and Settings\Compaq_Owner\Favorites\Favorites\Casino - Gambling
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Ace On-line Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Best Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Best Gamble Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Carnival.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Casino Bonuses.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Casino Reviews.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Club DICE Poker.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Club DICE.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Diamond Club.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Dliamond Club Poker.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Jackpot On-line Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Joyland.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Monaco Gold Casino.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\New York Casino.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Party Poker.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Playgate Poker.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Playgate.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Prestige Bingo.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Prestige Poker.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Prestige.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Ruby Bingo.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\The American Dream Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Top On-line Casinos.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\Usa Casino.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling\You Bingo.url
C:\Documents and Settings\Compaq_Owner\Favorites\Games\Casino - Gambling
C:\!KILLBOX\SHOP\BATTERY.URL
C:\!KILLBOX\SHOP\BED.URL
C:\!KILLBOX\SHOP\CARS.URL
C:\!KILLBOX\SHOP\CDS.URL
C:\!KILLBOX\SHOP\CIGARETTES.URL
C:\!KILLBOX\SHOP\CIGARS.URL
C:\!KILLBOX\SHOP\CONTACT LENS.URL
C:\!KILLBOX\SHOP\DIAMONDS.URL
C:\!KILLBOX\SHOP\GIFT SHOPPING\BOSS GIFT.URL
C:\!KILLBOX\SHOP\GIFT SHOPPING\CANDLES.URL
C:\!KILLBOX\SHOP\GIFT SHOPPING\FLOWERS.URL
C:\!KILLBOX\SHOP\GIFT SHOPPING\GIFT CLOCK.URL
C:\!KILLBOX\SHOP\GIFT SHOPPING\GIFT SHOPPING.URL
C:\!KILLBOX\SHOP\GIFT SHOPPING\GOLF.URL
C:\!KILLBOX\SHOP\GIFT SHOPPING\PERFUME.URL
C:\!KILLBOX\SHOP\GIFT SHOPPING\SPORTSWEAR.URL
C:\!KILLBOX\SHOP\GIFT SHOPPING\WHOLESALE.URL
C:\!KILLBOX\SHOP\GIFT SHOPPING\WINE.URL
C:\!KILLBOX\SHOP\GIFTS.URL
C:\!KILLBOX\SHOP\JEWELRY.URL
C:\!KILLBOX\SHOP\KNIFE.URL
C:\!KILLBOX\SHOP\LABEL.URL
C:\!KILLBOX\SHOP\NOTEBOOKS.URL
C:\!KILLBOX\SHOP\OFFICE SUPPLIES.URL
C:\!KILLBOX\SHOP\PROMOTIONAL PRODUCTS.URL
C:\!KILLBOX\SHOP\SHADES.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\ANTI SPAM.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\ASIAN SINGLES.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\BLACKJACK.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\BRITNEY SPEARS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\CARD GAMES.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\CHAT.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\CREDIT CARDS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\DEBT.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\FREE CASINO MONEY.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\HOTELS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\JOB OPPORTUNITY.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\JOBS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\LAPTOP NOTEBOOK.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\LOANS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\FLASH GAMES.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\JAVA GAMES.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\MOBILE PORTAL.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\MOBILE WORLD.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\MUSIC.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\PC GAMES.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\PICTURES.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\POLYPHONIC.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\SCREENSAVERS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\SEX CONTENT.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\VIDEOS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MOBILE\WALLPAPERS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MONEY.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\50 CENT.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\BENNY BENASSI.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\BLACK EYED PEAS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\DOWNLOAD MUSIC.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\EMINEM.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\FIND MP3.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\FREE MUSIC.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\GREEN DAY.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\MADONNA.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\MP3.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\RINGTONES.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\MUSIC\SLIPKNOT.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\ONLINE DATING.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\REMOVE POPUPS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\FAVORITES\TRAVEL.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\GAMES\BOONTY GAMES.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\GAMES\COWABANGA.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\GAMES\FLASH GAMES FOR MOBILE.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\GAMES\JAVA GAMES FOR MOBILE.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\GAMES\KOBE BALLS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\GAMES\SNOWBALL WARS.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\GAMES\SUDOKU.URL
C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\FAVORITES\GAMES\SUPER BOXING.URL

Adware.RX Toolbar
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP113\A0006423.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP113\A0006424.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP95\A0005228.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP95\A0005229.DLL

Adware.Need2Find
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP114\A0006450.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP114\A0006451.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP114\A0006453.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP114\A0006454.DLL

Trojan.SpySheriff
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP117\A0007557.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP117\A0007558.EXE

Trojan.Downloader-NtOsKernel
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP122\A0007811.DLL

Unclassified.Unknown Origin/System
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP122\A0007812.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A3FE4697-A95B-4476-A0D8-DD1DBA8414B7}\RP122\A0007813.EXE

Adware.Unknown Origin
C:\WINDOWS\GLOBO.BMP

Adware.TrustInCash
C:\WINDOWS\SYSTEM32\GLOBO.XML
C:\WINDOWS\SYSTEM32\TCONINI.DAT
 

XxSnoe931xX

Thread Starter
Joined
Dec 27, 2005
Messages
101
Logfile of HijackThis v1.99.1
Scan saved at 7:07:36 PM, on 1/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\wanmpsvc.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\AOL\1151551403\ee\aolsoftware.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\cfgwiz.exe" /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1151551403\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7E99C8D-E6A3-4827-B0CA-7E323AFA837E}: NameServer = 205.188.146.145
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
 
Joined
Sep 7, 2004
Messages
49,014
Please click here http://www.majorgeeks.com/Sun_Java_Runtime_Environment_d4648.html to download the latest version of JAVA Install the application, then go to the Add/Remove Programs options in the Control Panel and Remove ALL previous versions of JAVA.

=====================
Fix these with HiJackThis – mark them, close IE, click fix checked

O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)

O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)

START – RUN – type in %temp% - OK - Edit – Select all – File – Delete

Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp

Not all temp files will delete and that is normal
Empty the recycle bin
Boot and post a new hijack log from normal NOT safe mode

Please give feedback on what worked/didn’t work and the current status of your system
 

XxSnoe931xX

Thread Starter
Joined
Dec 27, 2005
Messages
101
Logfile of HijackThis v1.99.1
Scan saved at 12:15:15 PM, on 1/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\wanmpsvc.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\AOL\1151551403\ee\aolsoftware.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\cfgwiz.exe" /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1151551403\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7E99C8D-E6A3-4827-B0CA-7E323AFA837E}: NameServer = 205.188.146.145
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
 
Joined
Sep 7, 2004
Messages
49,014

XxSnoe931xX

Thread Starter
Joined
Dec 27, 2005
Messages
101
did everything u said, everything seems to be running better im am doing another superantispyware scan right now to make sure it found and got everything.thank you so much for helping me fix this problem i will try everything i can to make sure my comp stays clean from now on and in the future
 

XxSnoe931xX

Thread Starter
Joined
Dec 27, 2005
Messages
101
i am still having problems with my display properties,all of them work fine except the background tab when i go to it, i cant change it, it will only allow me to change the color of the background but not the actual background images its like its locked. And the background I did have on it shows up now only when i restart my comp and turn it off/on then the background goes blank to black
 
Joined
Sep 7, 2004
Messages
49,014
Go to Control Panel > Display.
Click on the "Desktop" tab then click the "Customize Desktop" button.
Click on the "Web" tab.
Under "Web Pages" you should see an entry checked called something like "Security" or similar.
Select that entry and click the "Delete" button. Click OK then Apply and OK.
 

XxSnoe931xX

Thread Starter
Joined
Dec 27, 2005
Messages
101
didnt work on the backgrounds there wasnt anything under the web tab to delete i also right clicked set picture as background with the picture i had on it if that helps any
 

XxSnoe931xX

Thread Starter
Joined
Dec 27, 2005
Messages
101
hmmm this is odd a minute ago i pulled my start bar down to see something and i seen my background image but its like theres a black layer background keeping it covered blocking it from showing
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top