1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

My computer is deluged with pop-up blockers

Discussion in 'Windows XP' started by 5thandlast, Oct 30, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. 5thandlast

    5thandlast Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    242
    And as a result, my computer's cache memory (512mb) is now running like 1mb. Nothing shuts down when I want it to (the programmes keep running)

    I need someone to take a look at my computer.

    For a noobie (and this is 5thandlasts Mrs as Mr 5thandlast is in England) can you please tell me how to "hijack this" in Noobie terms (ie. a walkthrough)
     
  2. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Get HiJack This V1.99.1 http://thespykiller.co.uk/files/hijackthis_sfx.exe - double click the DL file and click UNZIP letting it extract to its default folder C:\Program FIles\HiJackThis, run it from there, DO NOT fix anything, post the log here.

    Open the log in notepad

    EDIT - SELECT ALL
    EDIT - COPY

    Then come to this message, and in the quick reply box click in the white space and then EDIT - PASTE
     
  3. 5thandlast

    5thandlast Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    242
    Logfile of HijackThis v1.99.1
    Scan saved at 21:20:34, on 30.10.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programfiler\Citrix\ICA Client\ssonsvr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\sstray.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe
    C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
    C:\Programfiler\QuickTime\qttask.exe
    C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe
    C:\Programfiler\D-Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programfiler\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\PANICW~1\POP-UP~2\PSFree.exe
    C:\PROGRA~1\PANICW~1\POP-UP~3\POPUPS~1.EXE
    C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Programfiler\MSN Toolbar Suite\DS\02.05.0000.1105\nb-no\bin\WindowsSearch.exe
    C:\Programfiler\WinZip\WZQKPICK.EXE
    C:\Programfiler\G-ORG\iFinger\iFinger.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe
    C:\Programfiler\MSN Toolbar Suite\DS\02.05.0000.1105\nb-no\bin\WindowsSearchIndexer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programfiler\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Programfiler\Windows NT\Tilbehør\wordpad.exe
    C:\PROGRA~1\WINZIP\winzip32.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com/skycom/home
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.nor.chello.no/ssi/welcome/welcome.php?url=home
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fra chello broadband n.v.
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: iFinger - {1624F640-49AC-11D3-8ABD-00C04FA95EE0} - C:\Programfiler\G-ORG\iFinger\iFingerBHO.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll
    O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Programfiler\TEXTware\QUICKfind\PlugIns\IEHelp.dll
    O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programfiler\D-Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~2\PSFree.exe"
    O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRA~1\PANICW~1\POP-UP~3\POPUPS~1.EXE"
    O4 - Startup: iFinger.lnk = C:\Programfiler\G-ORG\iFinger\iFinger.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: PC-søk i Windows.lnk = C:\Programfiler\MSN Toolbar Suite\DS\02.05.0000.1105\nb-no\bin\WindowsSearch.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &MSN Search - res://C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll/search.htm
    O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Åpne i ny bakgrunnsflik - res://C:\Programfiler\MSN Toolbar Suite\TAB\02.05.0000.1105\nb-no\msntabres.dll/229?37b2872ab81a4a00ab7fb6fa994673c8
    O8 - Extra context menu item: Åpne i ny forgrunnsflik - res://C:\Programfiler\MSN Toolbar Suite\TAB\02.05.0000.1105\nb-no\msntabres.dll/230?37b2872ab81a4a00ab7fb6fa994673c8
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\system32\SHDOCVW.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130701028890
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup152.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4396/mcfscan.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
     
  4. 5thandlast

    5thandlast Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    242
    My husband needs his computer and I only installed a few pop-up stoppers.

    The CPU is continually running at 100 percent and everything just freezes. HELP !!!


    Please suggest what I have to remove. Please suggest what I have to delete. Please suggest how I get rid of it all!!
     
  5. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    I don't know what you did but please edit post #4 - that large font is blinding!!!

    Download the trial version of Ewido Security Suite http://www.ewido.net/en/download/ (W2K/XP Only)
    · Install ewido.
    · During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
    · Launch ewido
    · It will prompt you to update click the OK button and it will go to the main screen
    · On the left side of the main screen click update
    · Click on Start and let it update.
    · DO NOT run a scan yet. You will do that later in safe mode.

    Restart your computer into safe mode now. Perform the following steps in safe mode:

    Run Ewido:
    · Click on scanner
    · Click Complete System Scan and the scan will begin.
    · During the scan it will prompt you to clean files, click OK
    · When the scan is finished, look at the bottom of the screen and click the Save report button.
    · Save the report to your C: Drive
    This will take some time to run!
    Boot to normal mode
    Post that log and a new HiJack log – If the Ewido log is too large attach it.
    =======================

    Start - run - type in msconfig

    Uncheck the boxes for panicware

    "C:\PROGRA~1\PANICW~1\POP-UP~2\PSFree.exe"

    "C:\PROGRA~1\PANICW~1\POP-UP~3\POPUPS~1.EXE"
     
  6. 5thandlast

    5thandlast Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    242
    How do I start my computer in safe mode?

    I am a noobie and not very computer literate. Walkthroughs needed for a woman!
     
  7. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Restart the PC and at the very first black screen after the restart start tapping F8 at least every second - this is before you see the windows screen
     
  8. 5thandlast

    5thandlast Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    242
    ewido security suite - Scan report
    ---------------------------------------------------------

    + Created on: 22:47:44, 30.10.2005
    + Report-Checksum: C2984185

    + Scan result:

    HKLM\SOFTWARE\Classes\CLSID\{9F95F736-0F62-4214-A4B4-CAA6738D4C07} -> Spyware.SaveNow : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{BE44DD6F-057A-4476-A0D5-EC926957D277} -> Dialer.Generic : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{22EB8F60-F99B-4E29-8376-E8BC417148FD} -> Spyware.InetSpeak : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{338F1D89-A419-4C40-96E3-C29C978A7DF6} -> Spyware.InetSpeak : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{338F1D89-A419-4C40-96E3-C29C978A7DF6}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{B4450075-9717-43B1-BA10-4B9FD7325FD5} -> Spyware.InetSpeak : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{C285D18D-43A2-4AEF-83FB-BF280E660A97} -> Spyware.SaveNow : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{CBD7E8BE-0E1E-441D-B133-E26F5636CCCF} -> Spyware.InetSpeak : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{CBD7E8BE-0E1E-441D-B133-E26F5636CCCF}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{E41774F1-63E7-44ED-A03A-FF8422F9AFF0} -> Spyware.InetSpeak : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{E41774F1-63E7-44ED-A03A-FF8422F9AFF0}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{FC385F81-0109-4FA8-AAD0-53B4A9A5DD2B} -> Spyware.InetSpeak : Cleaned with backup
    HKLM\SOFTWARE\Classes\Interface\{FC385F81-0109-4FA8-AAD0-53B4A9A5DD2B}\TypeLib\\ -> Spyware.InetSpeak : Cleaned with backup
    HKLM\SOFTWARE\Classes\RunMSC.Loader\CLSID\\ -> Spyware.SaveNow : Cleaned with backup
    HKLM\SOFTWARE\Classes\RunMSC.Loader.1\CLSID\\ -> Spyware.SaveNow : Cleaned with backup
    HKLM\SOFTWARE\Classes\UpdateNSLite.UpdateNSLiteCtrl\CLSID\\ -> Dialer.Generic : Cleaned with backup
    HKLM\SOFTWARE\Classes\UpdateNSLite.UpdateNSLiteCtrl.1\CLSID\\ -> Dialer.Generic : Cleaned with backup
    HKU\S-1-5-21-3277439761-359561344-2389969595-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0494D0D1-F8E0-41AD-92A3-14154ECE70AC} -> Spyware.MyWay : Cleaned with backup
    HKU\S-1-5-21-3277439761-359561344-2389969595-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} -> Spyware.MyWay : Cleaned with backup
    HKU\S-1-5-21-3277439761-359561344-2389969595-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{39AF31DD-EAFC-45EA-A56C-385B52E25CC0} -> Spyware.InetSpeak : Cleaned with backup
    HKU\S-1-5-21-3277439761-359561344-2389969595-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4CEBBC6B-5CEE-4644-80CF-38980BAE93F6} -> Spyware.InetSpeak : Cleaned with backup
    HKU\S-1-5-21-3277439761-359561344-2389969595-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6B12DABB-0B7C-44FA-B0B3-4BAFF3790256} -> Spyware.InetSpeak : Cleaned with backup
    HKU\S-1-5-21-3277439761-359561344-2389969595-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC0D2038-2DE5-4A6F-92BC-B18A3E0DE32A} -> Spyware.InetSpeak : Cleaned with backup
    C:\Documents and Settings\Mark Gaughan\Cookies\mark [email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    C:\Programfiler\BearShare\Installer\saveinstwm.exe -> Adware.SaveNow : Cleaned with backup
    C:\Programfiler\MyWay\myBar\1.bin\MYWAYPLUGINPROXY.CLASS -> Spyware.MyWay : Cleaned with backup
    C:\Programfiler\MyWay\myBar\1.bin\NPMYWAY.DLL -> Spyware.MyWay : Cleaned with backup

    Logfile of HijackThis v1.99.1
    Scan saved at 22:53:14, on 30.10.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programfiler\Citrix\ICA Client\ssonsvr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\sstray.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe
    C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
    C:\Programfiler\QuickTime\qttask.exe
    C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe
    C:\Programfiler\D-Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programfiler\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\PANICW~1\POP-UP~2\PSFree.exe
    C:\PROGRA~1\PANICW~1\POP-UP~3\POPUPS~1.EXE
    C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Programfiler\MSN Toolbar Suite\DS\02.05.0000.1105\nb-no\bin\WindowsSearch.exe
    C:\Programfiler\WinZip\WZQKPICK.EXE
    C:\Programfiler\G-ORG\iFinger\iFinger.exe
    C:\Programfiler\MSN Toolbar Suite\DS\02.05.0000.1105\nb-no\bin\WindowsSearchIndexer.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Programfiler\ewido\security suite\ewidoctrl.exe
    C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programfiler\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com/skycom/home
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.nor.chello.no/ssi/welcome/welcome.php?url=home
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fra chello broadband n.v.
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: iFinger - {1624F640-49AC-11D3-8ABD-00C04FA95EE0} - C:\Programfiler\G-ORG\iFinger\iFingerBHO.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll
    O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Programfiler\TEXTware\QUICKfind\PlugIns\IEHelp.dll
    O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programfiler\D-Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~2\PSFree.exe"
    O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRA~1\PANICW~1\POP-UP~3\POPUPS~1.EXE"
    O4 - Startup: iFinger.lnk = C:\Programfiler\G-ORG\iFinger\iFinger.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: PC-søk i Windows.lnk = C:\Programfiler\MSN Toolbar Suite\DS\02.05.0000.1105\nb-no\bin\WindowsSearch.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &MSN Search - res://C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll/search.htm
    O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Åpne i ny bakgrunnsflik - res://C:\Programfiler\MSN Toolbar Suite\TAB\02.05.0000.1105\nb-no\msntabres.dll/229?37b2872ab81a4a00ab7fb6fa994673c8
    O8 - Extra context menu item: Åpne i ny forgrunnsflik - res://C:\Programfiler\MSN Toolbar Suite\TAB\02.05.0000.1105\nb-no\msntabres.dll/230?37b2872ab81a4a00ab7fb6fa994673c8
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\system32\SHDOCVW.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130701028890
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup152.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4396/mcfscan.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Programfiler\ewido\security suite\ewidoctrl.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
     
  9. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    You didn't do this

    Start - run - type in msconfig

    Uncheck the boxes for panicware

    "C:\PROGRA~1\PANICW~1\POP-UP~2\PSFree.exe"

    "C:\PROGRA~1\PANICW~1\POP-UP~3\POPUPS~1.EXE"
    ==================
    Add remove programs remove Bear Share
    ++++++++++++++++++
    Run HiJack scan only - mark this entry and then click fix checked

    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe

    ===========

    Boot and then tell me what the status of the system is
     
  10. 5thandlast

    5thandlast Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    242
    Its running pretty badly.

    Whenever I run an audio player, (Real Player for example), it kind of freezes and doesn't close. CPU goes crazy (I hear it clicking over like a madman and when I hit Ctrl-Alt-Del the CPU always shows 100 percent). The DDR memory 2x256mb is always running at nigh on 100 percent too.

    God knows what would happen if I ran a game.
     
  11. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    http://www.kaspersky.com/virusscanner

    When the scan is finished, anything that it cannot clean, have it delete it.
    Save the results from the scan!

    Post a new HiJackThis log along with the results from Kaspersky scan
     
  12. 5thandlast

    5thandlast Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    242
    I can't delete Bareshare via Add\Remove Programmes. (Bloody programme!) Is there any other way of achieveing this aim?

    As of press, I'm halfway through my scan.
     
  13. 5thandlast

    5thandlast Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    242
    Logfile of HijackThis v1.99.1
    Scan saved at 00:20:21, on 31.10.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Programfiler\ewido\security suite\ewidoctrl.exe
    C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programfiler\Citrix\ICA Client\ssonsvr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\sstray.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe
    C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
    C:\Programfiler\QuickTime\qttask.exe
    C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe
    C:\Programfiler\D-Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programfiler\MSN Messenger\MsnMsgr.Exe
    C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Programfiler\MSN Toolbar Suite\DS\02.05.0000.1105\nb-no\bin\WindowsSearch.exe
    C:\Programfiler\WinZip\WZQKPICK.EXE
    C:\Programfiler\MSN Toolbar Suite\DS\02.05.0000.1105\nb-no\bin\WindowsSearchIndexer.exe
    C:\Programfiler\Internet Explorer\iexplore.exe
    C:\Programfiler\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\WINDOWS\system32\cidaemon.exe
    C:\Programfiler\MSN Toolbar Suite\DS\02.05.0000.1105\nb-no\bin\WindowsSearchFilter.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com/skycom/home
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.nor.chello.no/ssi/welcome/welcome.php?url=home
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fra chello broadband n.v.
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll
    O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Programfiler\TEXTware\QUICKfind\PlugIns\IEHelp.dll
    O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programfiler\D-Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: PC-søk i Windows.lnk = C:\Programfiler\MSN Toolbar Suite\DS\02.05.0000.1105\nb-no\bin\WindowsSearch.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programfiler\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &MSN Search - res://C:\Programfiler\MSN Toolbar Suite\TB\02.05.0000.1105\nb-no\msntb.dll/search.htm
    O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Åpne i ny bakgrunnsflik - res://C:\Programfiler\MSN Toolbar Suite\TAB\02.05.0000.1105\nb-no\msntabres.dll/229?37b2872ab81a4a00ab7fb6fa994673c8
    O8 - Extra context menu item: Åpne i ny forgrunnsflik - res://C:\Programfiler\MSN Toolbar Suite\TAB\02.05.0000.1105\nb-no\msntabres.dll/230?37b2872ab81a4a00ab7fb6fa994673c8
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - C:\WINDOWS\system32\SHDOCVW.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130701028890
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup152.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4396/mcfscan.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Programfiler\ewido\security suite\ewidoctrl.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
     
  14. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Are things better now that the pop up blockers are disabled???
     
  15. 5thandlast

    5thandlast Thread Starter

    Joined:
    Aug 23, 2003
    Messages:
    242
    Yes and no.

    The speed is up, but some programmes still seem to freeze. When you choose the "close now" option, they don't close. the send a fail report to Mickysoft, who then seem to say that they can't solve the problem. Sound familiar?

    Now how do I get rid of Bareshare? Can't do it through add\remove programmes.

    KASPERSKY ON-LINE SCANNER REPORT
    Monday, October 31, 2005 01:35:11
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky On-line Scanner version: 5.0.67.0
    Kaspersky Anti-Virus database last update: 31/10/2005
    Kaspersky Anti-Virus database records: 157257
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    A:\
    C:\
    D:\
    E:\
    F:\

    Scan Statistics:
    Total number of scanned objects: 78273
    Number of viruses found: 5
    Number of infected objects: 10
    Number of suspicious objects: 0
    Duration of the scan process: 4245 sec

    Infected Object Name - Virus Name
    C:\Documents and Settings\Tone Mikalsen\Lokale innstillinger\Programdata\Identities\{486992D6-9CC1-457B-BEBA-7C927615F143}\Microsoft\Outlook Express\Slettede elementer.dbx/[From [email protected] <[email protected]>][Date Sat, 16 Jul 2005 16:49:34 -0400 (EDT)]/html Infected: Trojan-Spy.HTML.Bayfraud.hc
    C:\Documents and Settings\Tone Mikalsen\Lokale innstillinger\Programdata\Identities\{486992D6-9CC1-457B-BEBA-7C927615F143}\Microsoft\Outlook Express\Slettede elementer.dbx Infected: Trojan-Spy.HTML.Bayfraud.hc
    C:\Documents and Settings\Tone Mikalsen\Lokale innstillinger\Temporary Internet Files\Content.IE5\G5YZCLIF\wbk68.tmp Infected: Trojan-Spy.HTML.Bayfraud.hc
    C:\Programfiler\MyWay\myBar\1.bin\MYBAR.DLL Infected: not-a-virus:AdWare.Win32.MyWay.a
    C:\System Volume Information\_restore{F2C3B7B1-26DB-4587-B69A-4E3629E4F5D8}\RP160\A0055234.EXE Infected: not-a-virus:AdWare.Win32.MyWay.a
    C:\System Volume Information\_restore{F2C3B7B1-26DB-4587-B69A-4E3629E4F5D8}\RP169\A0058617.exe/data0001.cab/VVSN.exe Infected: not-a-virus:AdWare.Win32.SaveNow.z
    C:\System Volume Information\_restore{F2C3B7B1-26DB-4587-B69A-4E3629E4F5D8}\RP169\A0058617.exe/data0001.cab Infected: not-a-virus:AdWare.Win32.SaveNow.z
    C:\System Volume Information\_restore{F2C3B7B1-26DB-4587-B69A-4E3629E4F5D8}\RP169\A0058617.exe Infected: not-a-virus:AdWare.Win32.SaveNow.z
    C:\System Volume Information\_restore{F2C3B7B1-26DB-4587-B69A-4E3629E4F5D8}\RP169\A0058618.DLL Infected: not-a-virus:AdWare.Win32.MyWay.f
    C:\WINDOWS\Help\hosts Infected: Trojan.BAT.Delude.c

    Scan process completed.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - computer deluged blockers
  1. Marcella253
    Replies:
    2
    Views:
    196
  2. 8biosdrive
    Replies:
    5
    Views:
    545
  3. Tip1721
    Replies:
    1
    Views:
    525
  4. osephj
    Replies:
    11
    Views:
    723
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/412475

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice