Solved: Early Spring cleaning

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Jstealth

Thread Starter
Joined
Nov 14, 2003
Messages
97
Hi All,

I am having a bunch of little things occurring with my computer and believe that there is a virus or two causing these problems.

It's tme to make another donation!

Could someone please help me clean up my system?

Thanks in advance,

Jstealth
 

DoubleHelix

Banned
Joined
Dec 9, 2004
Messages
24,388
What anti-virus software do you have running on your computer? You have to have anti-virus software on your computer if you want to stop getting infected with viruses.
 

Jstealth

Thread Starter
Joined
Nov 14, 2003
Messages
97
Hi DoubleHelix,

I was using Ad-aware 6.0 and Search & Destroy. I constantly search for updates before running them and at some point there were no available updates for either one and all they were catching was tracking cookies.

Here is my log:
Spyware Doctor Activity Report
Generated on 2/5/2005 7:12:17 AM Spyware Doctor Homepage PCTools Homepage Technical Support


Scans (basic information only):

Scan Results:
scan start: 2/5/2005 7:33:15 AM
scan stop: 2/5/2005 7:39:48 AM
scanned items: 127272
found items: 101
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Cookie Scanner, Browser Defaults, Favorites and ZoneMap Scanner, Browser Scanner, Disk Scanner



Infection Name Location Risk
Altnet Software multiple Elevated
eUniverse/IncrediFind multiple High
Kazaa Promotional Items multiple Medium
Altnet Software HKCR\AppID\adm.EXE Elevated
Altnet Software HKCR\AppID\Altnet Signing Module.EXE Elevated
Altnet Software HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Altnet Elevated
BonziBuddy HKLM\software\classes\typelib\{4b7f8bf4-99c2-11d2-b3c3-00a0cc3a50b9} High
BonziBuddy HKLM\software\classes\typelib\{4b7f8bf4-99c2-11d2-b3c3-00a0cc3a50b9}\4.0 High
BonziBuddy HKLM\software\classes\typelib\{4b7f8bf4-99c2-11d2-b3c3-00a0cc3a50b9}\4.0\0 High
BonziBuddy HKLM\software\classes\typelib\{4b7f8bf4-99c2-11d2-b3c3-00a0cc3a50b9}\4.0\0\win32 High
BonziBuddy HKLM\software\classes\typelib\{4b7f8bf4-99c2-11d2-b3c3-00a0cc3a50b9}\4.0\FLAGS High
BonziBuddy HKLM\software\classes\typelib\{4b7f8bf4-99c2-11d2-b3c3-00a0cc3a50b9}\4.0\HELPDIR High
IBIS Toolbar HKLM\software\microsoft\windows\currentversion\run##viewmgr Medium
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions Medium
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions\Broadband Medium
TopSearch HKCR\TypeLib\{EDD3B3E9-3FFD-4836-A6DE-D4A9C473A971} Medium
TopSearch HKCR\TypeLib\{EDD3B3E9-3FFD-4836-A6DE-D4A9C473A971}\1.0 Medium
TopSearch HKCR\TypeLib\{EDD3B3E9-3FFD-4836-A6DE-D4A9C473A971}\1.0\0 Medium
TopSearch HKCR\TypeLib\{EDD3B3E9-3FFD-4836-A6DE-D4A9C473A971}\1.0\0\win32 Medium
TopSearch HKCR\TypeLib\{EDD3B3E9-3FFD-4836-A6DE-D4A9C473A971}\1.0\FLAGS Medium
TopSearch HKCR\TypeLib\{EDD3B3E9-3FFD-4836-A6DE-D4A9C473A971}\1.0\HELPDIR Medium
TopSearch HKCR\Interface\{582AB125-1403-42FB-9EFB-198690BA1496} Medium
TopSearch HKCR\Interface\{582AB125-1403-42FB-9EFB-198690BA1496}\ProxyStubClsid Medium
TopSearch HKCR\Interface\{582AB125-1403-42FB-9EFB-198690BA1496}\ProxyStubClsid32 Medium
TopSearch HKCR\Interface\{582AB125-1403-42FB-9EFB-198690BA1496}\TypeLib Medium
Tracking Cookie(s) jim [email protected][1].txt Medium
Known Bad Sites C:\Documents and Settings\Jim Hinely\Favorites\jim\humor\i made a poop!.url High
Bargain Buddy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0878B424-1F95-4E26-B5AB-F0D349D89650} Elevated
Bargain Buddy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0878B424-1F95-4E26-B5AB-F0D349D89650}\iexplore Elevated
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC} Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Control Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Implemented Categories Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\InprocServer32 Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\MiscStatus Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\MiscStatus\1 Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\ProgID Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Programmable Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\ToolboxBitmap32 Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\TypeLib Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Version Medium
TopSearch HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\VersionIndependentProgID Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC} Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Control Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Implemented Categories Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\InprocServer32 Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\MiscStatus Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\MiscStatus\1 Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\ProgID Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Programmable Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\ToolboxBitmap32 Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\TypeLib Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\Version Medium
TopSearch HKLM\Software\Classes\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}\VersionIndependentProgID Medium
Zestyfind (Unknown Hijacker) HKCR\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC} Medium
Zestyfind (Unknown Hijacker) HKCR\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC}\Implemented Categories Medium
Zestyfind (Unknown Hijacker) HKCR\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC}\Implemented Categories\{00021493-0000-0000-C000-000000000046} Medium
Zestyfind (Unknown Hijacker) HKCR\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC}\InprocServer32 Medium
Zestyfind (Unknown Hijacker) HKCR\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC}\Instance Medium
Zestyfind (Unknown Hijacker) HKCR\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC}\Instance\InitPropertyBag Medium
Zestyfind (Unknown Hijacker) HKLM\Software\Classes\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC} Medium
Zestyfind (Unknown Hijacker) HKLM\Software\Classes\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC}\Implemented Categories Medium
Zestyfind (Unknown Hijacker) HKLM\Software\Classes\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC}\Implemented Categories\{00021493-0000-0000-C000-000000000046} Medium
Zestyfind (Unknown Hijacker) HKLM\Software\Classes\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC}\InprocServer32 Medium
Zestyfind (Unknown Hijacker) HKLM\Software\Classes\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC}\Instance Medium
Zestyfind (Unknown Hijacker) HKLM\Software\Classes\CLSID\{0494D0DE-F8E0-41AD-92A3-14154ECE70AC}\Instance\InitPropertyBag Medium
Twain-tech C:\WINDOWS\preInsTT.exe Elevated
Grokster C:\WINDOWS\smdat32a.sys Medium
Grokster C:\WINDOWS\smdat32m.sys Medium
Altnet Software C:\WINDOWS\Temp\Altnet\adm.exe Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\adm25.dll Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\adm4.dll Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\admdata.dll Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\admdloader.dll Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\admfdi.dll Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\admprog.dll Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\Atl.dll Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\dmfiles.cab Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\dminstall3.cab Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\mysearch.cab Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\pmexe.cab Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\pmfiles.cab Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\pminstall.cab Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\Setup.cab Elevated
Altnet Software C:\WINDOWS\Temp\Altnet\Setup.exe Elevated
Altnet Software C:\WINDOWS\Temp\BullGuard\bulldownload.exe Elevated
Twain-tech C:\WINDOWS\twaintec.dll Elevated
MultiDropper-LO C:\Documents and Settings\Jim & Reene\Local Settings\Temp\ckz194a4\Files\sx.htm High
MultiDropper-LO C:\Documents and Settings\Jim & Reene\Local Settings\Temp\ckz194a4\Files\vi.tty High
Twain-tech C:\Documents and Settings\Renee Hinely\Local Settings\Temp\THI1C6A.tmp\twaintec.dll Elevated
nCASE C:\kyf.dat Medium
nCASE C:\msbb.exe Medium
nCASE C:\ncmyb.dll Medium
Zestyfind (Unknown Hijacker) C:\Program Files\MyWay\myBar\1.bin\MY2NS.EXE Medium
SahAgent C:\WINNT\Downloaded Program Files\SAHAgent_.exe Elevated
SahAgent C:\WINNT\Downloaded Program Files\SAHUninstall_.exe Elevated
nCASE C:\WINNT\system32\kyf.dat Medium
NetPal C:\WINNT\system32\n3tpa1i.dll High


Other Sections:








Copyright ? 2005. Distributed by PC Tools Pty Ltd. Legal Notice


Should I go after the files through Explorer first or address the Registry issues first?

Thanks,

Jstealth
 

DoubleHelix

Banned
Joined
Dec 9, 2004
Messages
24,388
I don't think AVG 6.0 is supported anymore. I've read several threads here about the new version 7.0. You should download that and use it. Ad-Aware doesn't prevent viruses or spyware. It only cleans up spyware after it's been put on your computer.
 

Kenny94

Banned
Joined
Dec 16, 2004
Messages
2,026
Here's a GREAT cleaning tool from a-squared (a²) is a complementary product to antivirus software and desktop firewalls on MS Windows computers. Antivirus software specializes in detecting classic viruses. Many available products have weaknesses in detecting other malicious software (Malware) like Trojans, Dialers, Worms and Spyware (Adware). a² fills the gap that malware writers exploit.
When on page, scroll down to a² Free at:

http://www.emsisoft.com/en/software/free/
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top