Please help me, my computer is infected. (HJ included)

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

jazmiyko

Thread Starter
Joined
Mar 28, 2006
Messages
53
Hi guys, thanks for your time to take a loot at me. I really need help, my computer just got infected. please thanks.


Logfile of HijackThis v1.99.1
Scan saved at 12:23:01 PM, on 2/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KIT3] C:\WINDOWS\system32\spool\hpprintspool.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by131w.bay131.mail.live.com/mail/resources/MsnPUpld.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
 
Joined
Feb 15, 2004
Messages
12,302
hi, welcome to TSG.


Go here and download the latest version of java, once
downloaded, go to add/remove and uninstall all previous versions of java
from add/remove and then install the latest version you just downloaded!


http://www.java.com/en/download/index.jsp




you don't appear to have a firewall or an anti virus program, downlaod them from the links below!



Comodo firewall. Sign up it's free!

http://www.personalfirewall.trustix.com/


Threads on comodo!

http://www.wilderssecurity.com/forumdisplay.php?f=31



Anti-vir

http://www.free-av.com/


update anti vir once installed

Download AVG Anti-Spyware

http://www.ewido.net/en/


* Once you have downloaded AVG Anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
* Once the setup is complete you will need run AVG and update the definition files.
* On the main screen select the icon "Update" then select the "Update now" link.
* Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
* Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
* Once in the Settings screen click on "Recommended actions" and then select "Delete"
* Under "Reports"
* Select "Automatically generate report after every scan"
* Un-Select "Only if threats were found"


Close AVG Anti-Spyware. Anti-spyware, Do NOT run a scan yet. We will do that later in safe mode.



* Click here to download ATF Cleaner by Atribune and save it to your desktop.

http://majorgeeks.com/ATF_Cleaner_d4949.html


* Double-click ATF-Cleaner.exe to run the program.
* Under Main choose: Select All
* Click the Empty Selected button.
o If you use Firefox:
+ Click Firefox at the top and choose: Select All
+ Click the Empty Selected button.
+ NOTE: If you would like to keep your saved passwords, please click No at the prompt.
o If you use Opera:
+ Click Opera at the top and choose: Select All
+ Click the Empty Selected button.
+ NOTE: If you would like to keep your saved passwords, please click No at the prompt.
* Click Exit on the Main menu to close the program.


* Click here for info on how to boot to safe mode if you don't already know
how.

http://service1.symantec.com/SUPPOR...2001052409420406?OpenDocument&src=sec_doc_nam



* Now copy these instructions to notepad and save them to your desktop. You
will need them to refer to in safe mode.


* Restart your computer into safe mode now. Perform the following steps in
safe mode:



have hijack this fix these entries. close all browsers and programmes before
clicking FIX.


R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)



Run AVG Anti-Spyware!

# IMPORTANT: Do not open any other windows or programs while AVG is scanning as it may interfere with the scanning process:
# Launch AVG Anti-spyware by double-clicking the icon on your desktop.
# Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
# AVG will now begin the scanning process. Be patient this may take a little time.
Once the scan is complete do the following:
# If you have any infections you will prompted, then select "Apply all actions"
# Next select the "Reports" icon at the top.
# Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
# Close AVG and reboot your system back into Normal Mode.



reboot to normal mode and run a few online scans!



Note: this is a stand alone, it doesn't install to start/programmes.

Download Mwav,

http://www.spywareinfo.dk/download/mwav.exe


double click on it and it will extract to C:\kaspersky. Click
on the kaspersky folder and click on Kavupd, a black dos window will open
and it will update the programme for you, be patient it will take 5-10
minutes to download the new definitions. Once it's updated, click on mwavscan
to launch the programme.

Use the defaults of:

Memory
startup folders
Registry
system folders
services

Choose drive , all drives and, click scan all files
and then click scan/clean. After it finishes scanning and cleaning post
the log here with a new hijack this log.

Note: this is a very thorough scanner, it might take anything up to an hour
or more, depending on how many drives you have and how badly infected your
pc is.



Highlight the portion of the scan that lists infected items and hold
CTRL + C to Copy then paste it here. The whole log with be extremely
big so there is no way to copy the whole thing. I just need the
infected items list.




post another hijack this log, the AVG Anti-Spyware log and the Mwav scan log.
 

jazmiyko

Thread Starter
Joined
Mar 28, 2006
Messages
53
Sorry, it took me couple of days to finish all these steps. Here are the three reports:

Logfile of HijackThis v1.99.1
Scan saved at 10:23:52 PM, on 2/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\DllHost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by131w.bay131.mail.live.com/mail/resources/MsnPUpld.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

--------------------------------------------
 

jazmiyko

Thread Starter
Joined
Mar 28, 2006
Messages
53
eScan:


File C:\Documents and Settings\DJ_Empty\Favorites\Guitar\Trang Web c?a ngu?i Vi?t choi Guitar - Chia s? cùng h?c h?i!.url infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\Favorites\Online Stuff\Flash Collection\Xem ch? d? - I LOVE YOU ( Funny Flash).url infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\Favorites\Web Surfing\Di?n Ðàn Vi?t Nam.url infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\02 Phiên Khúc Mùa Ðông.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\02 Trông Em Ðang Ng?i.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\02 Ðu?ng V? Khuya.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\03 Chuy?n M?t Chi?c C?u Ðã Gãy.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\03 V? Ði.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\06 Cu?c Ð?i.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\06 Không Bao Gi? Ngan Cách.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\06 Nhu Gi?t Bu?n Roi.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\09 Gi?t Nu?c M?t Ngà.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\09 Ðêm Dài Chuy?n Tuy?n.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Viet Music\New Folder\Cánh Hoa Tàn - Ði?n Thái Toàn.wma infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Viet Music\New Folder\Trò Choi Tình Ái - Ði?n Thái Toàn.wma infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Viet Music\New Folder\Yêu Là Sai - Ði?n Thái Toàn.wma infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Viet Music\New Folder\Yêu Nhi?u Kh? Nhi?u - Ði?n Thái Toàn.wma infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\FOB\My Documents\pc\kf141\keyfinder.exe tagged as not-a-virus:pSWTool.Win32.RAS.a. No Action Taken.
File C:\Documents and Settings\FOB\My Documents\pc\kf141.zip tagged as not-a-virus:pSWTool.Win32.RAS.a. No Action Taken.
File C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll tagged as not-a-virus:AdTool.Win32.MyWebSearch.i. No Action Taken.
File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP401\A0027947.DLL tagged as not-a-virus:AdTool.Win32.MyWebSearch.l. No Action Taken.
File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP401\A0027948.DLL tagged as not-a-virus:AdTool.Win32.MyWebSearch.i. No Action Taken.
File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP403\A0027969.DLL tagged as not-a-virus:AdTool.Win32.MyWebSearch.ak. No Action Taken.
File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP404\A0028026.dll tagged as not-a-virus:AdTool.Win32.MyWebSearch.ak. No Action Taken.
File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP408\A0028159.EXE infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP413\A0028224.EXE infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP413\A0028262.exe infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File C:\WINDOWS\system32\spool\CMD.EXE infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File M:\iTunes\iTunes Music\Kasim\Khat Khao Tro Ve\13 Noi Xua Anh Ch? [Karaoke].mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
File M:\iTunes\iTunes Music\Quach Tuan Vu\Unknown Album\Nua Ðoi Mang Theo.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
 

jazmiyko

Thread Starter
Joined
Mar 28, 2006
Messages
53
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:09:35 AM 2/6/2007

+ Scan result:



HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Cleaned.
C:\Documents and Settings\DJ_Empty\Local Settings\Temporary Internet Files\Content.IE5\VX3ES6KX\ysb_downloads_manager[1].htm -> Downloader.IstBar.j : Cleaned.
:mozilla.542:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.11:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.12:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.13:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.14:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.15:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.16:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.18:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.19:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.20:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.21:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.222:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.287:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.31:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.32:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.33:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.34:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.35:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.36:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.37:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.426:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.427:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.508:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.517:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected]gear.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.365:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.305:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.306:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.303:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.183:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.184:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.40:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.41:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.42:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.43:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.44:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.45:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.39:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.465:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.473:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.475:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.196:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.506:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.414:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.415:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.416:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.417:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.418:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.419:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.420:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.487:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.488:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.459:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.460:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.461:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.518:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.51:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.448:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.456:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.534:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.535:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.536:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.537:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.538:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.606:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.431:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.432:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.135:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.161:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.286:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.358:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.412:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.421:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
 

jazmiyko

Thread Starter
Joined
Mar 28, 2006
Messages
53
---------------------------------------------------------
AVG Anti-Spyware - Scan Report (Continue )
---------------------------------------------------------

:mozilla.422:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.466:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.467:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.511:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.527:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.528:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.228:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.229:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.230:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.231:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.232:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.233:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.234:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.362:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.304:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.339:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.396:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.566:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.581:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.587:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.588:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.383:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.384:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.385:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.327:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.328:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.329:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.330:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.331:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.387:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.413:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.433:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.453:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.512:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.513:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.514:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.199:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.200:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.201:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.202:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.443:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.449:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.450:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.451:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.600:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.601:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.347:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.250:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.251:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.252:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.113:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.131:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.152:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.543:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.189:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.190:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.94:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.114:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.116:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.127:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.132:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.168:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.60:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.85:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.90:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.197:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.55:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.235:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.236:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.237:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.238:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.239:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.166:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.278:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.279:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.280:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.174:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.193:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.194:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.195:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.539:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.540:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.541:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.120:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.121:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Zedo : Cleaned.
C:\RECYCLER\S-1-5-21-4198624821-1270663754-159475076-1006\Dc5.zip/Setup.exe -> Worm.VB.dw : Cleaned.


::Report end
 
Joined
Feb 15, 2004
Messages
12,302
Download the pocket killbox

http://www.bleepingcomputer.com/files/killbox.php


Double-click on Killbox.exe to run it. Now put a tick by Delete on
Reboot. In the "Full Path of File to Delete" box, copy and paste each
of the following lines one at a time then click on the button that has
the red circle with the X in the middle after you enter each file.
It will ask for confimation to delete the file on next reboot. Click
Yes. It will then ask if you want to reboot now. Click No. Continue
with that same procedure until you have copied and pasted all of
these in the "Paste Full Path of File to Delete" box.Then click yes
to reboot after you entered the last one.


Note: It is possible that Killbox will tell you that one or more files do not
exist. If that happens, just continue on with all the files. Be sure you
don't miss any.



C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll



go to this site and download these tools and once you get both
adaware Se 1.6 and spybot, update both of them.

Set adaware to do a full system scan and deselect, "search for neglible risk
entries". Click next to start the scan. Delete everything adaware finds.

reboot and now run spybot

Spybot: Search and destroy.

Delete what spybot finds marked in red. After updating spybot hit the
immunize button.


Download Superantispyware.

http://www.superantispyware.com/


Once downloaded and installed update the defintions
and then run a full system scan quarantine what it finds!



All tools can be downloaded at the link below and found on that page!


. SUPERAntiSpyware
. SpyBot search and destroy
. AdAware SE personal


http://www.majorgeeks.com/downloads31.html




Make sure your ActiveX controls are set as follows:

Go to Internet Options - Security - Internet, press 'default level', then OK.
Now press "Custom Level."

In the ActiveX section, set the first two options (Download signed and
unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX
controls not marked as safe" to 'disable'.


Active X settings

http://www.compu-docs.com/activex.htm



Run ActiveScan online virus scan here

http://www.pandasoftware.com/products/activescan.htm

When the scan is finished, anything that it cannot clean have it delete it.
Make a note of the file location of anything that cannot be deleted so you
can delete it yourself.
- Save the results from the scan!



post another log abd the panda scan.
 

jazmiyko

Thread Starter
Joined
Mar 28, 2006
Messages
53
Hi, First I'm ver sorry for taking too long to finishing these. (because i just got back from trip work)
Second, the last step i tried so many time but its said there an error so please give further instructions.
Here is the log.

Logfile of HijackThis v1.99.1
Scan saved at 10:00:04 PM, on 2/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by131w.bay131.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
 
Joined
Feb 15, 2004
Messages
12,302
what gave the error, panda?If so download and run Dr web!



* Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

* Doubleclick the drweb-cureit.exe file and Allow to run the express scan
* This will scan the files currently running in memory and when something is found,
click the yes button when it asks you if you want to cure it. This is only a short scan.
* Once the short scan has finished, Click Options > Change settings
* Choose the "Scan"-tab, remove the mark at "Heuristic analysis".
* Back at the main window, mark the drives that you want to scan.
* Select all drives. A red dot shows which drives have been chosen.
* Click the green arrow at the right, and the scan will start.
* Click 'Yes to all' if it asks if you want to cure/move the file.
* When the scan has finished, look if you can click next icon next to the files found: IPB Image
* If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
IPB Image
This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
* After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
* Save the report to your desktop. The report will be called DrWeb.csv
* Close Dr.Web Cureit.
* Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.



post another log and the Dr web log
 

jazmiyko

Thread Starter
Joined
Mar 28, 2006
Messages
53
Hi, thanks for been helping me. Here is the logs:
Logfile of HijackThis v1.99.1
Scan saved at 8:29:16 PM, on 2/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by131w.bay131.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe





NPMyGlSh.dll;C:\!KillBox;Adware.Msearch;Deleted.;
A0027947.DLL;C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP401;Adware.Msearch;Deleted.;
A0027948.DLL;C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP401;Adware.Msearch;Deleted.;
A0028379.dll;C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP419;Adware.Msearch;Deleted.;
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top