1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Please help me, my computer is infected. (HJ included)

Discussion in 'Virus & Other Malware Removal' started by jazmiyko, Feb 4, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. jazmiyko

    jazmiyko Thread Starter

    Joined:
    Mar 28, 2006
    Messages:
    53
    Hi guys, thanks for your time to take a loot at me. I really need help, my computer just got infected. please thanks.


    Logfile of HijackThis v1.99.1
    Scan saved at 12:23:01 PM, on 2/4/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5346.0005)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\gearsec.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [KIT3] C:\WINDOWS\system32\spool\hpprintspool.exe
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by131w.bay131.mail.live.com/mail/resources/MsnPUpld.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
    O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
     
  2. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
    hi, welcome to TSG.


    Go here and download the latest version of java, once
    downloaded, go to add/remove and uninstall all previous versions of java
    from add/remove and then install the latest version you just downloaded!


    http://www.java.com/en/download/index.jsp




    you don't appear to have a firewall or an anti virus program, downlaod them from the links below!



    Comodo firewall. Sign up it's free!

    http://www.personalfirewall.trustix.com/


    Threads on comodo!

    http://www.wilderssecurity.com/forumdisplay.php?f=31



    Anti-vir

    http://www.free-av.com/


    update anti vir once installed

    Download AVG Anti-Spyware

    http://www.ewido.net/en/


    * Once you have downloaded AVG Anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
    * Once the setup is complete you will need run AVG and update the definition files.
    * On the main screen select the icon "Update" then select the "Update now" link.
    * Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
    * Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
    * Once in the Settings screen click on "Recommended actions" and then select "Delete"
    * Under "Reports"
    * Select "Automatically generate report after every scan"
    * Un-Select "Only if threats were found"


    Close AVG Anti-Spyware. Anti-spyware, Do NOT run a scan yet. We will do that later in safe mode.



    * Click here to download ATF Cleaner by Atribune and save it to your desktop.

    http://majorgeeks.com/ATF_Cleaner_d4949.html


    * Double-click ATF-Cleaner.exe to run the program.
    * Under Main choose: Select All
    * Click the Empty Selected button.
    o If you use Firefox:
    + Click Firefox at the top and choose: Select All
    + Click the Empty Selected button.
    + NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    o If you use Opera:
    + Click Opera at the top and choose: Select All
    + Click the Empty Selected button.
    + NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    * Click Exit on the Main menu to close the program.


    * Click here for info on how to boot to safe mode if you don't already know
    how.

    http://service1.symantec.com/SUPPOR...2001052409420406?OpenDocument&src=sec_doc_nam



    * Now copy these instructions to notepad and save them to your desktop. You
    will need them to refer to in safe mode.


    * Restart your computer into safe mode now. Perform the following steps in
    safe mode:



    have hijack this fix these entries. close all browsers and programmes before
    clicking FIX.


    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)



    Run AVG Anti-Spyware!

    # IMPORTANT: Do not open any other windows or programs while AVG is scanning as it may interfere with the scanning process:
    # Launch AVG Anti-spyware by double-clicking the icon on your desktop.
    # Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
    # AVG will now begin the scanning process. Be patient this may take a little time.
    Once the scan is complete do the following:
    # If you have any infections you will prompted, then select "Apply all actions"
    # Next select the "Reports" icon at the top.
    # Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
    # Close AVG and reboot your system back into Normal Mode.



    reboot to normal mode and run a few online scans!



    Note: this is a stand alone, it doesn't install to start/programmes.

    Download Mwav,

    http://www.spywareinfo.dk/download/mwav.exe


    double click on it and it will extract to C:\kaspersky. Click
    on the kaspersky folder and click on Kavupd, a black dos window will open
    and it will update the programme for you, be patient it will take 5-10
    minutes to download the new definitions. Once it's updated, click on mwavscan
    to launch the programme.

    Use the defaults of:

    Memory
    startup folders
    Registry
    system folders
    services

    Choose drive , all drives and, click scan all files
    and then click scan/clean. After it finishes scanning and cleaning post
    the log here with a new hijack this log.

    Note: this is a very thorough scanner, it might take anything up to an hour
    or more, depending on how many drives you have and how badly infected your
    pc is.



    Highlight the portion of the scan that lists infected items and hold
    CTRL + C to Copy then paste it here. The whole log with be extremely
    big so there is no way to copy the whole thing. I just need the
    infected items list.




    post another hijack this log, the AVG Anti-Spyware log and the Mwav scan log.
     
  3. jazmiyko

    jazmiyko Thread Starter

    Joined:
    Mar 28, 2006
    Messages:
    53
    Sorry, it took me couple of days to finish all these steps. Here are the three reports:

    Logfile of HijackThis v1.99.1
    Scan saved at 10:23:52 PM, on 2/7/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5346.0005)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Comodo\Firewall\cmdagent.exe
    C:\WINDOWS\system32\gearsec.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\WINDOWS\system32\DllHost.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by131w.bay131.mail.live.com/mail/resources/MsnPUpld.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
    O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
    O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

    --------------------------------------------
     
  4. jazmiyko

    jazmiyko Thread Starter

    Joined:
    Mar 28, 2006
    Messages:
    53
    eScan:


    File C:\Documents and Settings\DJ_Empty\Favorites\Guitar\Trang Web c?a ngu?i Vi?t choi Guitar - Chia s? cùng h?c h?i!.url infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\Favorites\Online Stuff\Flash Collection\Xem ch? d? - I LOVE YOU ( Funny Flash).url infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\Favorites\Web Surfing\Di?n Ðàn Vi?t Nam.url infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\02 Phiên Khúc Mùa Ðông.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\02 Trông Em Ðang Ng?i.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\02 Ðu?ng V? Khuya.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\03 Chuy?n M?t Chi?c C?u Ðã Gãy.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\03 V? Ði.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\06 Cu?c Ð?i.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\06 Không Bao Gi? Ngan Cách.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\06 Nhu Gi?t Bu?n Roi.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\09 Gi?t Nu?c M?t Ngà.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Mom\09 Ðêm Dài Chuy?n Tuy?n.m4a infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Viet Music\New Folder\Cánh Hoa Tàn - Ði?n Thái Toàn.wma infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Viet Music\New Folder\Trò Choi Tình Ái - Ði?n Thái Toàn.wma infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Viet Music\New Folder\Yêu Là Sai - Ði?n Thái Toàn.wma infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\DJ_Empty\My Documents\My Music\Viet Music\New Folder\Yêu Nhi?u Kh? Nhi?u - Ði?n Thái Toàn.wma infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\FOB\My Documents\pc\kf141\keyfinder.exe tagged as not-a-virus:pSWTool.Win32.RAS.a. No Action Taken.
    File C:\Documents and Settings\FOB\My Documents\pc\kf141.zip tagged as not-a-virus:pSWTool.Win32.RAS.a. No Action Taken.
    File C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll tagged as not-a-virus:AdTool.Win32.MyWebSearch.i. No Action Taken.
    File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP401\A0027947.DLL tagged as not-a-virus:AdTool.Win32.MyWebSearch.l. No Action Taken.
    File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP401\A0027948.DLL tagged as not-a-virus:AdTool.Win32.MyWebSearch.i. No Action Taken.
    File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP403\A0027969.DLL tagged as not-a-virus:AdTool.Win32.MyWebSearch.ak. No Action Taken.
    File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP404\A0028026.dll tagged as not-a-virus:AdTool.Win32.MyWebSearch.ak. No Action Taken.
    File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP408\A0028159.EXE infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP413\A0028224.EXE infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP413\A0028262.exe infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\WINDOWS\system32\spool\CMD.EXE infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File M:\iTunes\iTunes Music\Kasim\Khat Khao Tro Ve\13 Noi Xua Anh Ch? [Karaoke].mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File M:\iTunes\iTunes Music\Quach Tuan Vu\Unknown Album\Nua Ðoi Mang Theo.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
     
  5. jazmiyko

    jazmiyko Thread Starter

    Joined:
    Mar 28, 2006
    Messages:
    53
    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 12:09:35 AM 2/6/2007

    + Scan result:



    HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Cleaned.
    C:\Documents and Settings\DJ_Empty\Local Settings\Temporary Internet Files\Content.IE5\VX3ES6KX\ysb_downloads_manager[1].htm -> Downloader.IstBar.j : Cleaned.
    :mozilla.542:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.11:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.12:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.13:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.14:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.15:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.16:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.18:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.19:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.20:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.21:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.222:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.26:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.27:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.287:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.28:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.29:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.31:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.32:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.33:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.34:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.35:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.36:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.37:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.426:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.427:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.46:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.508:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.517:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.365:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.305:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.306:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.303:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Adrevolver : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Adrevolver : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.183:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.184:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.40:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.41:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.42:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.43:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.44:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.45:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.39:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.465:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
    :mozilla.473:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
    :mozilla.475:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned.
    :mozilla.196:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned.
    :mozilla.506:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.414:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.415:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.416:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.417:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.418:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.419:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.420:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Centrport : Cleaned.
    :mozilla.487:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.488:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.459:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Com : Cleaned.
    :mozilla.460:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Com : Cleaned.
    :mozilla.461:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Com : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Com : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Com : Cleaned.
    :mozilla.518:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
    :mozilla.51:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.448:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.456:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.534:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.535:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.536:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.537:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.538:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.606:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.431:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.432:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.135:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.161:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.286:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.358:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.412:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.421:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
     
  6. jazmiyko

    jazmiyko Thread Starter

    Joined:
    Mar 28, 2006
    Messages:
    53
    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report (Continue )
    ---------------------------------------------------------

    :mozilla.422:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.466:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.467:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.511:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.527:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.528:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Hotlog : Cleaned.
    :mozilla.228:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.229:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.230:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.231:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.232:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.233:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.234:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.362:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
    :mozilla.304:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.339:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.396:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.566:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.581:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.587:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.588:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.383:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.384:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.385:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Questionmarket : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.327:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.328:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.329:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.330:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.331:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.387:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Realmedia : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.413:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.433:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.453:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.512:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.513:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.514:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.199:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.200:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.201:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.202:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.443:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.449:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.450:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.451:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.600:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.601:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.347:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Spylog : Cleaned.
    :mozilla.250:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.251:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.252:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Statcounter : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.113:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.131:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.152:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.543:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.189:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
    :mozilla.190:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
    :mozilla.94:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.114:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.116:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.127:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.132:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.168:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.60:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.85:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.90:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Trafficmp : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.197:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.55:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][2].txt -> TrackingCookie.Tribalfusion : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.235:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.236:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.237:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.238:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.239:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.166:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
    :mozilla.278:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.279:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.280:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.174:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.193:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.194:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.195:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.539:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.540:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.541:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\FOB\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.120:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.121:C:\Documents and Settings\DJ_Empty\Application Data\Mozilla\Firefox\Profiles\izl7of2z.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    C:\Documents and Settings\kRiStY k. Le\Cookies\[email protected][2].txt -> TrackingCookie.Zedo : Cleaned.
    C:\RECYCLER\S-1-5-21-4198624821-1270663754-159475076-1006\Dc5.zip/Setup.exe -> Worm.VB.dw : Cleaned.


    ::Report end
     
  7. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
    Download the pocket killbox

    http://www.bleepingcomputer.com/files/killbox.php


    Double-click on Killbox.exe to run it. Now put a tick by Delete on
    Reboot. In the "Full Path of File to Delete" box, copy and paste each
    of the following lines one at a time then click on the button that has
    the red circle with the X in the middle after you enter each file.
    It will ask for confimation to delete the file on next reboot. Click
    Yes. It will then ask if you want to reboot now. Click No. Continue
    with that same procedure until you have copied and pasted all of
    these in the "Paste Full Path of File to Delete" box.Then click yes
    to reboot after you entered the last one.


    Note: It is possible that Killbox will tell you that one or more files do not
    exist. If that happens, just continue on with all the files. Be sure you
    don't miss any.



    C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll



    go to this site and download these tools and once you get both
    adaware Se 1.6 and spybot, update both of them.

    Set adaware to do a full system scan and deselect, "search for neglible risk
    entries". Click next to start the scan. Delete everything adaware finds.

    reboot and now run spybot

    Spybot: Search and destroy.

    Delete what spybot finds marked in red. After updating spybot hit the
    immunize button.


    Download Superantispyware.

    http://www.superantispyware.com/


    Once downloaded and installed update the defintions
    and then run a full system scan quarantine what it finds!



    All tools can be downloaded at the link below and found on that page!


    . SUPERAntiSpyware
    . SpyBot search and destroy
    . AdAware SE personal


    http://www.majorgeeks.com/downloads31.html




    Make sure your ActiveX controls are set as follows:

    Go to Internet Options - Security - Internet, press 'default level', then OK.
    Now press "Custom Level."

    In the ActiveX section, set the first two options (Download signed and
    unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX
    controls not marked as safe" to 'disable'.


    Active X settings

    http://www.compu-docs.com/activex.htm



    Run ActiveScan online virus scan here

    http://www.pandasoftware.com/products/activescan.htm

    When the scan is finished, anything that it cannot clean have it delete it.
    Make a note of the file location of anything that cannot be deleted so you
    can delete it yourself.
    - Save the results from the scan!



    post another log abd the panda scan.
     
  8. jazmiyko

    jazmiyko Thread Starter

    Joined:
    Mar 28, 2006
    Messages:
    53
    Hi, First I'm ver sorry for taking too long to finishing these. (because i just got back from trip work)
    Second, the last step i tried so many time but its said there an error so please give further instructions.
    Here is the log.

    Logfile of HijackThis v1.99.1
    Scan saved at 10:00:04 PM, on 2/17/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5346.0005)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Comodo\Firewall\cmdagent.exe
    C:\WINDOWS\system32\gearsec.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Comodo\Firewall\CPF.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by131w.bay131.mail.live.com/mail/resources/MsnPUpld.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
    O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
    O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
     
  9. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
    what gave the error, panda?If so download and run Dr web!



    * Download Dr.Web CureIt to the desktop:
    ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

    * Doubleclick the drweb-cureit.exe file and Allow to run the express scan
    * This will scan the files currently running in memory and when something is found,
    click the yes button when it asks you if you want to cure it. This is only a short scan.
    * Once the short scan has finished, Click Options > Change settings
    * Choose the "Scan"-tab, remove the mark at "Heuristic analysis".
    * Back at the main window, mark the drives that you want to scan.
    * Select all drives. A red dot shows which drives have been chosen.
    * Click the green arrow at the right, and the scan will start.
    * Click 'Yes to all' if it asks if you want to cure/move the file.
    * When the scan has finished, look if you can click next icon next to the files found: IPB Image
    * If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    IPB Image
    This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
    * After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
    * Save the report to your desktop. The report will be called DrWeb.csv
    * Close Dr.Web Cureit.
    * Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.



    post another log and the Dr web log
     
  10. jazmiyko

    jazmiyko Thread Starter

    Joined:
    Mar 28, 2006
    Messages:
    53
    Hi, thanks for been helping me. Here is the logs:
    Logfile of HijackThis v1.99.1
    Scan saved at 8:29:16 PM, on 2/24/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5346.0005)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Comodo\Firewall\cmdagent.exe
    C:\WINDOWS\system32\gearsec.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Comodo\Firewall\CPF.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by131w.bay131.mail.live.com/mail/resources/MsnPUpld.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
    O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe
    O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe





    NPMyGlSh.dll;C:\!KillBox;Adware.Msearch;Deleted.;
    A0027947.DLL;C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP401;Adware.Msearch;Deleted.;
    A0027948.DLL;C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP401;Adware.Msearch;Deleted.;
    A0028379.dll;C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP419;Adware.Msearch;Deleted.;
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/541166

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice