1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Lots of problems and viruses attacking in less than an hour

Discussion in 'Virus & Other Malware Removal' started by TheArmegeddon, Jul 9, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. TheArmegeddon

    TheArmegeddon Thread Starter

    Joined:
    Jul 9, 2007
    Messages:
    132
    O.K. So heres how it started, I was looking for some "Video and Photo Material" when I ran across a site that redirected me to a "Antivirus Download Site", but when I e words Contra Virus as the page was brought up I immediatley closed it and searched for information on the virus and how to get rid of it, and that's when my computer became and open target. I downloaded SpywareBot and just a minute ago security task manager, but before that I started getting more of what I believe are fake alerts. So now after a good 30 minutes to and hour I've gotten over 30 alerts which I've refused, 1 which I am keeping on hold, my desktops background has turned into a red background with a red biohazard symbol and the words "Your Privacy is in danger, please download privacy protection software". I'd love to give more detail but the infections are slowing my computer to a stop and due to that I've spent 20 minutes typing this. the only more information I can give is that SpywareBot says I have about 11465 infections on my computer, which goes to show Norton is slacking off. anyway I need URGENT HELP or just advice on what I should do.
     
  2. TheArmegeddon

    TheArmegeddon Thread Starter

    Joined:
    Jul 9, 2007
    Messages:
    132
    Alright so heres what have found I have on my computer.

    "Privacy in Danger, Download privacy security program" Background that leads to a website that tries to install udefender which is what I believe a virus.

    "Windows Security Alert" pop-up which redirects me into a website on internet explorer which leads me to automatically assume it's a virus because my default browser is firefox.

    "Spyware alert" pop-up which does the exact same as the pop-up above

    Through Security Task Manager I have quarantined Mgrs.exe , BhoNew Module (Don't know what it is exactly), and Google web accelerator (quarantined just because it was still on my computer after removing it)

    I'm Still waiting for my SuperAntiSpyware Pro scan to finish, about to run a Hijack This scan

    Edit: don't know if this effects anything but my time went from 3:58 P.M. to 15:58 without me changing it.
     
  3. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Click here to download HJTInstall.exe
    • Save HJTInstall.exe to your desktop.
    • Doubleclick on the HJTInstall.exe icon on your desktop.
    • By default it will install to C:\Program Files\Trend Micro\HijackThis .
    • Click on Install.
    • It will create a HijackThis icon on the desktop.
    • Once installed, it will launch Hijackthis.
    • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and Paste the log in your next reply.
    • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
     
  4. TheArmegeddon

    TheArmegeddon Thread Starter

    Joined:
    Jul 9, 2007
    Messages:
    132
    Thank you here is the log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:05, on 2007-07-09
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\ehome\RMSvc.exe
    C:\WINDOWS\system32\ScsiAccess.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ehome\McrdSvc.exe
    C:\Program Files\Windows Media Player\WMPNetwk.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\AOL\1135329934\ee\AOLSoftware.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\MEDIC\bin\sprtcmd.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\ehome\RMSysTry.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\AOL\1135329934\ee\AOLSoftware.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\MEDIC\bin\sprtcmd.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe
    C:\Program Files\Photo Toolkit\ivbar\phototoolkitmem.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\SpywareBot\SpywareBot.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Security Task Manager\taskman.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Common Files\Symantec Shared\NMain.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=pavilion&pf=desktop&parm1=seconduser
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=pavilion&pf=desktop&parm1=seconduser
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=pavilion&pf=desktop&parm1=seconduser
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=pavilion&pf=desktop&parm1=seconduser
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office12\GRA8E1~1.DLL
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1135329934\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [MEDIC] "C:\Program Files\MEDIC\bin\sprtcmd.exe" /P MEDIC
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
    O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-21-3787300670-4182442122-2149885210-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'HP_Administrator')
    O4 - HKUS\S-1-5-21-3787300670-4182442122-2149885210-1008\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe (User 'HP_Administrator')
    O4 - HKUS\S-1-5-21-3787300670-4182442122-2149885210-1008\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe -a (User 'HP_Administrator')
    O4 - HKUS\S-1-5-21-3787300670-4182442122-2149885210-1008\..\Run: [I&F Viewer toolbar] "C:\Program Files\Photo Toolkit\ivbar\phototoolkitmem.exe" -start (User 'HP_Administrator')
    O4 - HKUS\S-1-5-21-3787300670-4182442122-2149885210-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'HP_Administrator')
    O4 - HKUS\S-1-5-21-3787300670-4182442122-2149885210-1008\..\Run: [QuickCamPro.exe] (User 'HP_Administrator')
    O4 - HKUS\S-1-5-21-3787300670-4182442122-2149885210-1008\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User 'HP_Administrator')
    O4 - HKUS\S-1-5-21-3787300670-4182442122-2149885210-1008\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S (User 'HP_Administrator')
    O4 - HKUS\S-1-5-21-3787300670-4182442122-2149885210-1008\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'HP_Administrator')
    O4 - HKUS\S-1-5-21-3787300670-4182442122-2149885210-1008\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'HP_Administrator')
    O4 - S-1-5-21-3787300670-4182442122-2149885210-1008 Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (User 'HP_Administrator')
    O4 - S-1-5-21-3787300670-4182442122-2149885210-1008 User Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (User 'HP_Administrator')
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_98.dll' missing
    O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://help.rr.com/Foundrysdccommon/download/tgctlar.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor2/sis/mjolauncher.cab
    O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://a248.e.akamai.net/f/248/5462...img/operations/symbizpr/xcontrol/SymDlBrg.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B69F2A9C-E470-11D3-AFA3-525400DB7692} (Actimage Room Control) - http://hutchence.armstrong.com/ib/databases/actimage40803.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab55579.cab
    O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://merillat.view22.com/view22/roomapp/View22RTE.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI1933~1\Office12\GR99D3~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O21 - SSODL: msqnx - {3697FB8D-8EE0-484E-A828-ABA5C14CDDB7} - C:\WINDOWS\msqnx.dll
    O21 - SSODL: msddx - {868F0864-79F3-4F6B-B4D2-D44B170868FE} - C:\WINDOWS\msddx.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

    --
    End of file - 21773 bytes
     
  5. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Download Superantispyware (SAS) free home version

    http://www.superantispyware.com/superantispywarefreevspro.html

    Install it and double-click the icon on your desktop to run it.
    · It will ask if you want to update the program definitions, click Yes.
    · Under Configuration and Preferences, click the Preferences button.
    · Click the Scanning Control tab.
    · Under Scanner Options make sure the following are checked:
    o Close browsers before scanning
    o Scan for tracking cookies
    o Terminate memory threats before quarantining.
    o Please leave the others unchecked.
    o Click the Close button to leave the control center screen.
    · On the main screen, under Scan for Harmful Software click Scan your computer.
    · On the left check C:\Fixed Drive.
    · On the right, under Complete Scan, choose Perform Complete Scan.
    · Click Next to start the scan. Please be patient while it scans your computer.
    · After the scan is complete a summary box will appear. Click OK.
    · Make sure everything in the white box has a check next to it, then click Next.
    · It will quarantine what it found and if it asks if you want to reboot, click Yes.
    · To retrieve the removal information for me please do the following:
    o After reboot, double-click the SUPERAntispyware icon on your desktop.
    o Click Preferences. Click the Statistics/Logs tab.
    o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    o It will open in your default text editor (such as Notepad/Wordpad).
    o Please highlight everything in the notepad, then right-click and choose copy.
    · Click close and close again to exit the program.
    · Please paste that information here for me with a new HijackThis log.

    This will take some time!!!!!!!!
     
  6. TheArmegeddon

    TheArmegeddon Thread Starter

    Joined:
    Jul 9, 2007
    Messages:
    132
    I have good news along with probably fatal bad news. it seems the viruses and threats have been eliminated but now my computer will not start normally or access the internet. I am typing to you through my vide game consoles web browser. Is there anything that could've caused this like deleting the non-threatening files that were detected through super anti spyware? If theres no chance in recovery I'll just learn from my mistakes
     
  7. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    I had you run a standard malware program, it is well known and I doubt it did anything

    Boot and try to go to last know good config by tapping F8 at the first black screen
     
  8. TheArmegeddon

    TheArmegeddon Thread Starter

    Joined:
    Jul 9, 2007
    Messages:
    132
    alright it works normally but still can't connect to the internet. now the background is gone but it's icons are still there and one of the pop-ups is still there
     
  9. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    I can't help you if you do not follow the directions and post the logs from the programs and a new hijack log - please read the directions!
     
  10. TheArmegeddon

    TheArmegeddon Thread Starter

    Joined:
    Jul 9, 2007
    Messages:
    132
    I'm sorry about all of that just happened but my computer just wasn't responding but now my internet on my PC is back so I can now give you the logs. Worse news is nothing has changed and all viruses seem to be back. there are 2 SAS logs and the hijack this log you asked for:

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/09/2007 at 04:18 PM

    Application Version : 3.9.1008

    Core Rules Database Version : 3266
    Trace Rules Database Version: 1277

    Scan type : Quick Scan
    Total Scan Time : 00:42:14

    Memory items scanned : 267
    Memory threats detected : 0
    Registry items scanned : 998
    Registry threats detected : 58
    File items scanned : 16888
    File threats detected : 152

    Unclassified.SpywareBot (Not A Threat)
    HKU\S-1-5-21-3787300670-4182442122-2149885210-1014\Software\SpywareBot
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Setup Version
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: App Path
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#InstallLocation
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Icon Group
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: User
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Selected Tasks
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Deselected Tasks
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#DisplayIcon
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#UninstallString
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#QuietUninstallString
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#DisplayVersion
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Publisher
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#URLInfoAbout
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#HelpLink
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#NoModify
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#NoRepair
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#InstallDate
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run#spywarebot [ C:\Program Files\SpywareBot\SpywareBot.exe -boot ]
    C:\Program Files\SpywareBot\Launcher.exe
    C:\Program Files\SpywareBot\SpywareBot.exe
    C:\Program Files\SpywareBot\SpywareBot.url
    C:\Program Files\SpywareBot\unins000.dat
    C:\Program Files\SpywareBot\unins000.exe
    C:\Program Files\SpywareBot
    C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot on the Web.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\Uninstall SpywareBot.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot
    C:\Documents and Settings\The Armageddon\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareBot.lnk
    C:\DOCUMENTS AND SETTINGS\THE ARMAGEDDON\DESKTOP\SETUP.EXE

    Trojan.VideoCach/Gen
    HKCR\NewMediaCodec.VideoSupport
    HKCR\NewMediaCodec.VideoSupport\CLSID
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\Control
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\Implemented Categories
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\InprocServer32
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\InprocServer32#ThreadingModel
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\MiscStatus
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\MiscStatus\1
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\ProgID
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\ToolboxBitmap32
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\TypeLib
    HKCR\CLSID\{150EA8E7-A97C-4816-AD02-4865EEF8C5FF}\Version
    HKCR\CLSID\{BABA5BDB-4EFF-48DB-B443-679651D37128}
    HKCR\CLSID\{BABA5BDB-4EFF-48DB-B443-679651D37128}\InprocServer32
    HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}
    HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}\1.0
    HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}\1.0\0
    HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}\1.0\0\win32
    HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}\1.0\FLAGS
    HKCR\TypeLib\{CDC0999C-999C-4EE1-875B-5C3542641768}\1.0\HELPDIR
    HKCR\Interface\{B6A3935F-8FE4-49A4-B987-A1C09E53589F}
    HKCR\Interface\{B6A3935F-8FE4-49A4-B987-A1C09E53589F}\ProxyStubClsid
    HKCR\Interface\{B6A3935F-8FE4-49A4-B987-A1C09E53589F}\ProxyStubClsid32
    HKCR\Interface\{B6A3935F-8FE4-49A4-B987-A1C09E53589F}\TypeLib
    HKCR\Interface\{B6A3935F-8FE4-49A4-B987-A1C09E53589F}\TypeLib#Version
    HKCR\Interface\{EF94A58F-599B-4602-9C34-99683C5859B1}
    HKCR\Interface\{EF94A58F-599B-4602-9C34-99683C5859B1}\ProxyStubClsid
    HKCR\Interface\{EF94A58F-599B-4602-9C34-99683C5859B1}\ProxyStubClsid32
    HKCR\Interface\{EF94A58F-599B-4602-9C34-99683C5859B1}\TypeLib
    HKCR\Interface\{EF94A58F-599B-4602-9C34-99683C5859B1}\TypeLib#Version
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewMediaCodec
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewMediaCodec#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewMediaCodec#DisplayIcon
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewMediaCodec#uninstallString
    C:\Program Files\NewMediaCodec\install.ico
    C:\Program Files\NewMediaCodec\NewMediaCodec.ocx
    C:\Program Files\NewMediaCodec\Uninstall.exe
    C:\Program Files\NewMediaCodec

    Desktop Hijacker.AboutYourPrivacy
    C:\WINDOWS\privacy_danger\images\capt.gif
    C:\WINDOWS\privacy_danger\images\danger.jpg
    C:\WINDOWS\privacy_danger\images\down.gif
    C:\WINDOWS\privacy_danger\images\spacer.gif
    C:\WINDOWS\privacy_danger\images
    C:\WINDOWS\privacy_danger\index.htm
    C:\WINDOWS\privacy_danger
    C:\Documents and Settings\The Armageddon\Desktop\Error Cleaner.url
    C:\Documents and Settings\The Armageddon\Desktop\Privacy Protector.url
    C:\Documents and Settings\The Armageddon\Desktop\Spyware&Malware Protection.url
    C:\Documents and Settings\The Armageddon\Favorites\Error Cleaner.url
    C:\Documents and Settings\The Armageddon\Favorites\Privacy Protector.url
    C:\Documents and Settings\The Armageddon\Favorites\Spyware&Malware Protection.url

    Trojan.Downloader-Gen/A
    C:\ARENA\A.EXE

    Adware.Tracking Cookie
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][4].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][4].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][4].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt

    Trojan.Media-Codec/NewMedia
    C:\DOCUMENTS AND SETTINGS\THE ARMAGEDDON\DESKTOP\NEWMEDIACODECINSTALLER.EXE

    Trojan.Downloader-Gen/AVP
    C:\WINDOWS\AVP.EXE

    Desktop Hijacker.AboutYourPrivacy-Installer
    C:\WINDOWS\MAIN_UNINSTALLER.EXE

    Trojan.Downloader-MGRS
    C:\WINDOWS\MGRS.EXE
     
  11. TheArmegeddon

    TheArmegeddon Thread Starter

    Joined:
    Jul 9, 2007
    Messages:
    132
    LOG 2:

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/09/2007 at 08:23 PM

    Application Version : 3.9.1008

    Core Rules Database Version : 3266
    Trace Rules Database Version: 1277

    Scan type : Complete Scan
    Total Scan Time : 03:56:11

    Memory items scanned : 346
    Memory threats detected : 0
    Registry items scanned : 12813
    Registry threats detected : 24
    File items scanned : 39162
    File threats detected : 156

    Unclassified.SpywareBot (Not A Threat)
    [SpywareBot] C:\PROGRAM FILES\SPYWAREBOT\SPYWAREBOT.EXE
    C:\PROGRAM FILES\SPYWAREBOT\SPYWAREBOT.EXE
    [SpywareBot] C:\PROGRAM FILES\SPYWAREBOT\SPYWAREBOT.EXE
    HKU\S-1-5-21-3787300670-4182442122-2149885210-1014\Software\SpywareBot
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Setup Version
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: App Path
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#InstallLocation
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Icon Group
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: User
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Selected Tasks
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Inno Setup: Deselected Tasks
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#DisplayIcon
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#UninstallString
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#QuietUninstallString
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#DisplayVersion
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#Publisher
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#URLInfoAbout
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#HelpLink
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#NoModify
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#NoRepair
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBot_is1#InstallDate
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run#spywarebot [ C:\Program Files\SpywareBot\SpywareBot.exe -boot ]
    C:\Program Files\SpywareBot\Launcher.exe
    C:\Program Files\SpywareBot\SpywareBot.url
    C:\Program Files\SpywareBot\unins000.dat
    C:\Program Files\SpywareBot\unins000.exe
    C:\Program Files\SpywareBot
    C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot on the Web.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\Uninstall SpywareBot.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot
    C:\Documents and Settings\The Armageddon\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareBot.lnk
    C:\DOCUMENTS AND SETTINGS\THE ARMAGEDDON\DESKTOP\SETUP.EXE

    Trojan.Downloader-Gen/AVP
    [avp] C:\WINDOWS\AVP.EXE
    C:\WINDOWS\AVP.EXE

    Adware.Tracking Cookie
    C:\Documents and Settings\The Armageddon\Cookies\[email protected][1].txt
    C:\Documents and Settings\The Armageddon\Cookies\[email protected][2].txt
    C:\Documents and Settings\The Armageddon\Cookies\[email protected][1].txt
    C:\Documents and Settings\The Armageddon\Cookies\[email protected][3].txt
    C:\Documents and Settings\The Armageddon\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][4].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][4].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][4].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][1].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][2].txt
    C:\Documents and Settings\HP_Administrator\Cookies\[email protected][3].txt
    C:\Documents and Settings\The Armageddon\Cookies\[email protected][2].txt

    Trojan.VideoCach/Gen
    C:\Program Files\NewMediaCodec\install.ico
    C:\Program Files\NewMediaCodec\NewMediaCodec.ocx
    C:\Program Files\NewMediaCodec\Uninstall.exe
    C:\Program Files\NewMediaCodec

    Desktop Hijacker.AboutYourPrivacy
    C:\WINDOWS\privacy_danger\images\capt.gif
    C:\WINDOWS\privacy_danger\images\danger.jpg
    C:\WINDOWS\privacy_danger\images\down.gif
    C:\WINDOWS\privacy_danger\images\spacer.gif
    C:\WINDOWS\privacy_danger\images
    C:\WINDOWS\privacy_danger\index.htm
    C:\WINDOWS\privacy_danger
    C:\Documents and Settings\The Armageddon\Desktop\Error Cleaner.url
    C:\Documents and Settings\The Armageddon\Desktop\Privacy Protector.url
    C:\Documents and Settings\The Armageddon\Desktop\Spyware&Malware Protection.url
    C:\Documents and Settings\The Armageddon\Favorites\Error Cleaner.url
    C:\Documents and Settings\The Armageddon\Favorites\Privacy Protector.url
    C:\Documents and Settings\The Armageddon\Favorites\Spyware&Malware Protection.url

    Trojan.Downloader-Gen/A
    C:\ARENA\A.EXE

    Trojan.Media-Codec/NewMedia
    C:\DOCUMENTS AND SETTINGS\THE ARMAGEDDON\DESKTOP\NEWMEDIACODECINSTALLER.EXE
     
  12. TheArmegeddon

    TheArmegeddon Thread Starter

    Joined:
    Jul 9, 2007
    Messages:
    132
    HIJACK THIS LOG:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:43, on 2007-07-09
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
    C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\AOL\1135329934\ee\AOLSoftware.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\MEDIC\bin\sprtcmd.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\ehome\RMSvc.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\ehome\RMSysTry.exe
    C:\WINDOWS\system32\ScsiAccess.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\DOCUME~1\THEARM~1\LOCALS~1\Temp\SSUPDATE.EXE
    C:\DOCUME~1\THEARM~1\LOCALS~1\Temp\SSUPDATE.EXE
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Messenger\msmsgs.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=pavilion&pf=desktop&parm1=seconduser
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=pavilion&pf=desktop&parm1=seconduser
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=pavilion&pf=desktop&parm1=seconduser
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office12\GRA8E1~1.DLL
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1135329934\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [MEDIC] "C:\Program Files\MEDIC\bin\sprtcmd.exe" /P MEDIC
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_98.dll' missing
    O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://help.rr.com/Foundrysdccommon/download/tgctlar.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor2/sis/mjolauncher.cab
    O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://a248.e.akamai.net/f/248/5462...img/operations/symbizpr/xcontrol/SymDlBrg.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B69F2A9C-E470-11D3-AFA3-525400DB7692} (Actimage Room Control) - http://hutchence.armstrong.com/ib/databases/actimage40803.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab55579.cab
    O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://merillat.view22.com/view22/roomapp/View22RTE.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI1933~1\Office12\GR99D3~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O21 - SSODL: msqnx - {3697FB8D-8EE0-484E-A828-ABA5C14CDDB7} - C:\WINDOWS\msqnx.dll
    O21 - SSODL: msddx - {868F0864-79F3-4F6B-B4D2-D44B170868FE} - C:\WINDOWS\msddx.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

    --
    End of file - 17058 bytes
     
  13. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    DownLoad http://www.cexx.org/lspfix.htm

    Launch the LSP application, and click the "I know what I'm doing" checkbox.

    Move nothing just click Finish.
    =================

    NOTE: If you have downloaded ComboFix previously please delete that version and download it again!

    Download this file :

    http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
    or
    http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe

    Double click combofix.exe & follow the prompts.
    When finished, it shall produce a log for you. Post that log and a HiJack log in your next reply

    Note:
    Do not mouseclick combofix's window while its running. That may cause it to stall
     
  14. TheArmegeddon

    TheArmegeddon Thread Starter

    Joined:
    Jul 9, 2007
    Messages:
    132
    while I wait for the scan to complete can I ask you a question? if so then heres the question. If I do a system restore/ system recover, would that work, as in could I do that as a last case scenario?
     
  15. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Yes but that is treating the symptom and not the cure - the files will still be there
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/593681

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice