Popups Going Crazy Msn Messenger Link

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

ALLEGRETTA

Thread Starter
Joined
Jul 4, 2005
Messages
21
help please, i clicke don a link from msn messenger window and now im getting crazy pop ups, runtime error pop ups etc, can neone help me delete these things pleaseeeeeee! thanks in a dvance
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Hi ALLEGRETTA

Click here to download Hijack This: http://thespykiller.co.uk/files/hijackthis_sfx.exe

Let it extract to C:\Program Files

Close out any open browsers
Launch the program
Hit "do a system scan only"
When that finishes, hit "save log"
The log will open in Notepad
Copy & paste that log into this thread

Do not fix anything yet
 

ALLEGRETTA

Thread Starter
Joined
Jul 4, 2005
Messages
21
Logfile of HijackThis v1.99.1
Scan saved at 12:37:58 AM, on 5/07/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\nb4fsnii.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE
C:\WINDOWS\System32\poker3.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Common Files\services.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\WINDOWS\khjgnq.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\WINDOWS\System32\msxct.exe
C:\Program Files\180searchassistant\sais.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Common Files\services.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=374
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WMA COAL PLATFORM ATOM] C:\Documents and Settings\All Users\Application Data\4 BLAH WMA COAL\campcake.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] poker3.exe
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitecwy32.exe
O4 - HKLM\..\Run: [nb4fsnii] C:\WINDOWS\System32\nb4fsnii.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [8mGlWU] C:\WINDOWS\khjgnq.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [msxct] msxct.exe
O4 - HKLM\..\Run: [sais] c:\program files\180searchassistant\sais.exe
O4 - HKLM\..\Run: [lel] C:\WINDOWS\lel.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] poker3.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Ante Info] C:\DOCUME~1\ADMINI~1\APPLIC~1\BLAHDE~1\Delete Army Ooze.exe
O4 - HKCU\..\Run: [EPSON Stylus C60 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE /P23 "EPSON Stylus C60 Series" /O5 "LPT1:" /M "Stylus C60"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] poker3.exe
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\mc-58-12-0000080.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1114592031234
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Print out these instructions:

Go to Add/Remove Programs and uninstall the following (if listed there):
180solutions
BullsEye Network
EliteToolBar
Internet Optimizer
MediaAccess
MessengerPlus3
PowerScan


Then download and run the following programs:

Ad-Aware SE: http://www.majorgeeks.com/download506.html

Install the program and launch it.
First, in the bottom right-hand corner of the main window click on Check for updates now then click Connect and download the latest reference files.
Then, in the main window: Click Start and under Select a scan Mode tick Perform full system scan.
Then, deselect Search for negligible risk entries.
To start the scan, click the Next button.
When the scan is finished mark everything for removal and get rid of it. (Right-click the window and choose select all from the drop down menu and then click Next).

Micro$oft Anti Spyware BETA:
http://www.microsoft.com/athome/security/spyware/software/default.mspx

First in the top menu click File then Check for updates to download the definitons updates.
After updating look in the right side of the main window under "Run Quick Scan Now".
Click Spyware scan options.
In that window put a tick by Run a full system scan.
Then put a check by all three options below that then click Run Scan now.
When the scan is finished, let it fix anything that it finds
(Have it quarantine the items that have that option rather than delete just in case.)
It is a BETA program and there may be false positives.

Restart your computer.

Download and run the LOP Uninstaller here: http://www.thespykiller.co.uk/downloads.htm

Close all browser windows, run the remover, reboot.
Post a new Hijack This log.
 

ALLEGRETTA

Thread Starter
Joined
Jul 4, 2005
Messages
21
sorry i went to bed last night had the flu :(
ok im just downoading the Microsfot Anit spyware and going to run it shortly..........


thanks in advance
good morning by the way if its morning where u r situated :)))
 

ALLEGRETTA

Thread Starter
Joined
Jul 4, 2005
Messages
21
Logfile of HijackThis v1.99.1
Scan saved at 10:56:32 AM, on 5/07/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\System32\poker3.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE
C:\WINDOWS\System32\poker3.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Common Files\services.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=374
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] poker3.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [checkrun] c:\windows\system32\elitenif32.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] poker3.exe
O4 - HKCU\..\Run: [Ante Info] C:\DOCUME~1\ADMINI~1\APPLIC~1\BLAHDE~1\Delete Army Ooze.exe
O4 - HKCU\..\Run: [EPSON Stylus C60 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE /P23 "EPSON Stylus C60 Series" /O5 "LPT1:" /M "Stylus C60"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] poker3.exe
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\mc-58-12-0000080.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1114592031234
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


this is the new log from hijack after i ran ad aware and microsoft scan. i still have ad ware and spyware on my comp :(
thanks in advance.
 

Cheeseball81

Retired Moderator
Joined
Mar 3, 2004
Messages
84,315
Download the trial version of Ewido Security Suite: http://www.ewido.net/en/download/

· Install Ewido.
· During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
· Launch Ewido.
· It will prompt you to update click the OK button and it will go to the main screen.
· On the left side of the main screen click Update.
· Click on Start and let it update.
· DO NOT run a scan yet. You will do that later in Safe Mode.

Restart your computer into Safe Mode now.
(start tapping the F8 key at Startup, before the Windows logo screen)
Perform the following steps in Safe Mode:

Run Ewido:

· Click on scanner.
· Put a check by the following before you scan:

o Binder
o Crypter
o Archives

· Click the Start Scan button to start the scan.
· During the scan it will prompt you to clean files, click OK.
· When the scan is finished, look at the bottom of the screen and click the Save Report button.
· Save the report to your desktop.
· Post that log and a fresh log from Hijack This.
 

ALLEGRETTA

Thread Starter
Joined
Jul 4, 2005
Messages
21
ewido
+ Created on: 12:15:51 PM, 5/07/2005
+ Report-Checksum: 3429515F

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{28CAEFF3-0F18-4036-B504-51D73BD81ABC} -> Spyware.SearchMiracle : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{825CF5BD-8862-4430-B771-0C15C5CA8DEF} -> Spyware.EliteBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DC341F1B-EC77-47BE-8F58-96E83861CC5A} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FAA356E4-D317-42a6-AB41-A3021C6E7D52} -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{0E704BA4-C517-4BE7-A1CD-C3FFDA1E1FFE} -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{31CA5C07-7F5F-4502-8C77-99A91558ADD0} -> Spyware.TX4 : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{339D8AFF-0B42-4260-AD82-78CE605A9543} -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{8EEE58D5-130E-4CBD-9C83-35A0564E5678} -> Spyware.BargainBuddy : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{A36A5936-CFD9-4B41-86BD-319A1931887F} -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C6906A23-4717-4E1F-B6FD-F06EBED15678} -> Spyware.BargainBuddy : Cleaned with backup
HKLM\SOFTWARE\Classes\ISTbar.BarObj -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ISTbar.BarObj\CLSID -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TestContentMatchControl1.ContentMatchTag -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TestContentMatchControl1.ContentMatchTag\CLSID -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TestContentMatchControl1.ContentMatchTag\CurVer -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{223A26D8-9F91-42F6-8ED3-094B637DE020} -> Spyware.TX4 : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{4EB7BBE8-2E15-424B-9DDB-2CDB9516B2C3} -> Spyware.NaviSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{58634367-D62B-4C2C-86BE-5AAC45CDB671} -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{D0288A41-9855-4A9B-8316-BABE243648DA} -> Spyware.SideFind : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{E9A5B71C-093B-4F34-AF07-34FCA89BA0DF} -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Elitum -> Spyware.EliteBar : Cleaned with backup
HKLM\SOFTWARE\Elitum\EliteToolBar -> Spyware.EliteBar : Cleaned with backup
HKLM\SOFTWARE\ISTbar -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\ISTbar\Historyfiles -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\ISTbar\Historystring -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28CAEFF3-0F18-4036-B504-51D73BD81ABC} -> Spyware.SearchMiracle : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EliteBar Internet Explorer Toolbar -> Spyware.EliteBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTbar -> Spyware.ISTBar : Cleaned with backup
HKLM\SOFTWARE\Policies\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\PowerScan -> Spyware.PowerScan : Cleaned with backup
HKU\S-1-5-21-1220945662-287218729-682003330-500\Software\IST -> Spyware.ISTBar : Cleaned with backup
HKU\S-1-5-21-1220945662-287218729-682003330-500\Software\LQ -> Dialer.Generic : Cleaned with backup
HKU\S-1-5-21-1220945662-287218729-682003330-500\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-1220945662-287218729-682003330-500\Software\Policies\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-1220945662-287218729-682003330-500\Software\PowerScan -> Spyware.PowerScan : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.259:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.275:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.278:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.306:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.307:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.308:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.309:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.310:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.311:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.312:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.313:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.314:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.315:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.316:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.317:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.319:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.320:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.322:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.323:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.324:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.325:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.326:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.327:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.328:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.329:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.330:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.331:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.332:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.333:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.334:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.335:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.336:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.337:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.338:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.339:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.340:C:\Documents and Settings\Administrator\Application
 

ALLEGRETTA

Thread Starter
Joined
Jul 4, 2005
Messages
21
Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.341:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.342:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.343:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.344:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.345:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.346:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.347:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.348:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.350:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.351:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.352:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.354:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.362:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.364:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.365:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.434:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.454:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.455:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.456:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.457:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.530:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.531:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.544:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.575:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.593:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.594:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.595:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.596:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.597:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.598:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.609:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.626:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.654:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Counted : Cleaned with backup
:mozilla.667:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.681:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.682:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.740:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.741:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.807:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qu343kfv.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Documents and Settings\Administrator\index.exe/5.exe -> TrojanDownloader.IstBar.is : Cleaned with backup
C:\Documents and Settings\Administrator\index.exe/10.exe -> Spyware.WinAD : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temp\180sainstallersilsais1.exe/clientax.dll -> Spyware.180Solutions : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temp\RarSFX0\index.exe/vonner.exe -> TrojanDropper.Agent.kd : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temp\RarSFX2\10.exe -> Spyware.WinAD : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temp\RarSFX2\5.exe -> TrojanDownloader.IstBar.is : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temp\RarSFX3\10.exe -> Spyware.WinAD : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temp\RarSFX3\5.exe -> TrojanDownloader.IstBar.is : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temp\sidefind.exe -> TrojanDownloader.IstBar.jm : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temp\temp.frD089\MediaAccess.exe -> Spyware.WinAD : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temp\temp.frD089\MediaAccK.exe -> Spyware.WinAD : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\0XRJLCVN\istrecover[1].exe -> TrojanDownloader.IstBar.ij : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\0XRJLCVN\MediaAccK[1].exe -> Spyware.WinAD : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\0XRJLCVN\power_remove[1].exe -> TrojanDownloader.IstBar.gi : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8RABUMNF\cmctl[1].dll -> Spyware.AdMir : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8RABUMNF\powerscan[1].exe -> Spyware.PowerScan : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BQV8PO24\bb[1].exe -> TrojanDownloader.Adload.a : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BQV8PO24\index[1].jpg/5.exe -> TrojanDownloader.IstBar.is : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BQV8PO24\index[1].jpg/10.exe -> Spyware.WinAD : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BQV8PO24\istinstall_158608[1].exe -> TrojanDownloader.IstBar.is : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BQV8PO24\optimize[1].exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BQV8PO24\sidefind[1].exe -> TrojanDownloader.IstBar.jm : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\RXDCBKDO\istsvc[1].exe -> TrojanDownloader.IstBar : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\RXDCBKDO\protector[1].exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\Program Files\ISTbar\cmctl.dll -> Spyware.AdMir : Cleaned with backup
C:\Program Files\ISTsvc\istsvc.exe -> TrojanDownloader.IstBar : Cleaned with backup
C:\Program Files\Media Access\MediaAccC.dll -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Media Access\MediaAccess.exe -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Media Access\MediaAccK.exe -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\00C77668-92F9-4419-96C3-C4ED30\250F3CD0-0476-46FE-90F9-FA83E0 -> Spyware.PowerScan : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\00C77668-92F9-4419-96C3-C4ED30\C44D08D2-DAD9-4D1B-A3EB-F58719 -> TrojanDownloader.IstBar.gi : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4D3B528A-EECB-4B9C-B4F9-29ACEE\24C34EF2-81AB-489C-9D05-31EDC4 -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4D3B528A-EECB-4B9C-B4F9-29ACEE\7D9006E4-92AD-4122-B202-E172FB -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4D3B528A-EECB-4B9C-B4F9-29ACEE\91EEAD96-DF3D-4661-8302-0FE41F -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\9024A35A-8872-4E90-9EA7-68768E\703EEDFF-614A-4C11-9B98-06D867 -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\9024A35A-8872-4E90-9EA7-68768E\AD5870B0-3C00-47C5-9AE1-77CFB5 -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\9C049153-D39B-4D3E-96EA-EBD5BF\14ED8DA8-0DD4-41E4-A24C-3CEBA0 -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\AB6B476D-52AE-4EB7-A7DD-158414\22B5960B-8BE8-4616-975B-8C42D6 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\AB6B476D-52AE-4EB7-A7DD-158414\2AB8111E-E310-42EF-9BD5-F0A993 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\AB6B476D-52AE-4EB7-A7DD-158414\6870E18D-F706-4102-A5BA-118FE8 -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\AE8C73A5-71FA-4586-B397-66A20E\09399C87-482F-4C63-B28C-B3A6CB -> TrojanDownloader.Small.asf : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\AE8C73A5-71FA-4586-B397-66A20E\8D9AD986-E455-45EB-9D3D-36A486 -> TrojanDownloader.Small.asf : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\D825367A-8433-4985-B9EB-D28182\1126BCB5-D1D6-4EC8-A9C5-106C2D -> TrojanDownloader.IstBar.jm : Cleaned with backup
C:\Program Files\Mozilla Firefox\plugins\npzango.dll -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Power Scan\powerscan.exe -> Spyware.PowerScan : Cleaned with backup
C:\Program Files\Power Scan\uninstall.exe -> TrojanDownloader.IstBar.gi : Cleaned with backup
C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\opgsnxvm.exe -> TrojanDownloader.IstBar.ij : Cleaned with backup
C:\WINDOWS\system32\bbchk.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\elitecwo32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\elitecwy32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\elitedcg32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\elitenif32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\eliteozz32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\elitepmm32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\elitergp32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\eliteslj32.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\eliteuwp32.exe -> Spyware.Hijacker.Generic : Cleaned with backup


::Report End
 

ALLEGRETTA

Thread Starter
Joined
Jul 4, 2005
Messages
21
Logfile of HijackThis v1.99.1
Scan saved at 12:27:30 PM, on 5/07/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\System32\poker3.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE
C:\WINDOWS\System32\poker3.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Common Files\services.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\Program Files\Microsoft AntiSpyware\gcasServAlert.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=374
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.03.0000.1005\en-us\msnappau.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [checkrun] c:\windows\system32\elitenfz32.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [Microsoft Windows DLL Services Configuration] poker3.exe
O4 - HKLM\..\RunServices: [Microsoft Windows DLL Services Configuration] poker3.exe
O4 - HKCU\..\Run: [Ante Info] C:\DOCUME~1\ADMINI~1\APPLIC~1\BLAHDE~1\Delete Army Ooze.exe
O4 - HKCU\..\Run: [EPSON Stylus C60 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_A10IC2.EXE /P23 "EPSON Stylus C60 Series" /O5 "LPT1:" /M "Stylus C60"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Windows DLL Services Configuration] poker3.exe
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\mc-58-12-0000080.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by24fd.bay24.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1114592031234
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
 

ALLEGRETTA

Thread Starter
Joined
Jul 4, 2005
Messages
21
omg sorry bout the long post :) have i done something wreong. im getting all these information pop ups from MICROSOFT ANTISPYWARE ALERT! Micrsoft Antispyware has detected the threat IST.ISTbar trying to install itself on your computer etc etc


i followed everything right :p
 

ALLEGRETTA

Thread Starter
Joined
Jul 4, 2005
Messages
21
Ist.Sidefind Adware, Exact.downloader trojan downloader, AvenueMedia.DyFuCa, Unclassified.Spyware.57, SearchMiracle.Elitebar, 180Solutions.SearchAssistent there the warning pop ups :(
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top