Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Infected with ABetterInternet: Please help [RESOLVED]

Started by ajit , Mar 17 2006 07:14 PM

  • This topic is locked This topic is locked

#1
ajit
Posted 17 March 2006 - 07:14 PM

ajit

    New Member

  • Member
  • Pip
  • 7 posts
My laptop is infected with ABetterInternet. Please help. I am pasting the HijackThis log below:

Logfile of HijackThis v1.99.1
Scan saved at 7:10:34 PM, on 3/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\soft602\pdfSaver.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
C:\Program Files\D-Link\AirPlus G Wireless Adapter Utility\AirPlus.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
c:\sdwork\issimsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us8l.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://proxy.att.com:8000
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [ISSI EZUpdate Service] "c:\sdwork\issimsvc.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Program Files\Common Files\soft602\pdfSaver.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [pdfSaver3] "c:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - Global Startup: D-Link AirPlus G Wireless Utility.lnk = ?
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\avantail\connect\asnsp.dll
O10 - Unknown file in Winsock LSP: c:\avantail\connect\aslsp.dll
O10 - Unknown file in Winsock LSP: c:\avantail\connect\aslsp.dll
O10 - Unknown file in Winsock LSP: c:\avantail\connect\aslsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://us8l.hpwis.com
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - http://activation.rr...oad/tgctlcm.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.aajtak.co...er/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {95EEE69E-27B4-4D13-BD32-766617A16909} (NDTVVideo.MPlayer) - http://www.ndtv.com/...TVseekvideo.CAB
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real...ArcadeRdxIE.cab
O16 - DPF: {F5C90925-ABBF-4475-88F5-8622B452BA9E} (Compaq System Data Class) - http://h30155.www3.h...rt/SysQuery.cab
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSI EZUpdate (ISSIMon) - IBM Global Services - c:\sdwork\issimsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
  • 0

Advertisements

#2
Antartic-Boy
Posted 18 March 2006 - 10:31 AM

Antartic-Boy

    Visiting Staff

  • Visiting Consultant
  • 1,120 posts
Hi ajit, and welcome to Geeks to Go.

I'm currently analyzing your log, and will post instructions to start with the clean up soon :tazz: .
  • 0

#3
Antartic-Boy
Posted 18 March 2006 - 07:09 PM

Antartic-Boy

    Visiting Staff

  • Visiting Consultant
  • 1,120 posts
-----------------------1

Please follow the instructions provided, you may want to print out these instructions and use them as a reference.

Please download ewido anti-malware it is a free version of the program.
  • Install ewido anti-malware
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Launch ewido, there should be an icon on your desktop, double-click it.
  • The program will now open to the main screen.
  • When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  • The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

Once the updates are installed do the following:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido anti-malware.

-----------------------2

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

Now close all windows and browsers other than HiJackThis, then click Fix Checked.
Close HijackThis.

-----------------------3

Post me a fresh Hjt Log along with the Ewido Log..
  • 0

#4
ajit
Posted 19 March 2006 - 12:39 AM

ajit

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Thanks Antartic-Boy for your help.
I have installed 'Ewido' as per your suggestions but when I tried to update, it showed thE message "no update available". Then I did a complete scan using Ewido and then ran HijackThis to fix the R0 mentioned by you. I ran HijackThis again. Ewido and HijackThis logs are provided below:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:03:28 AM, 3/19/2006
+ Report-Checksum: 95028695

+ Scan result:

HKU\.DEFAULT\Software\_rtneg2 -> Adware.Begin2Search : Cleaned with backup
HKU\.DEFAULT\Software\_rtneg2\eeennn -> Adware.Begin2Search : Cleaned with backup
HKU\.DEFAULT\Software\_rtneg2\kkws -> Adware.Begin2Search : Cleaned with backup
HKU\.DEFAULT\Software\_rtneg2\ppops -> Adware.Begin2Search : Cleaned with backup
HKU\.DEFAULT\Software\_rtneg2\reel -> Adware.Begin2Search : Cleaned with backup
HKU\.DEFAULT\Software\_rtneg2\ssites -> Adware.Begin2Search : Cleaned with backup
HKU\S-1-5-18\Software\_rtneg2 -> Adware.Begin2Search : Cleaned with backup
HKU\S-1-5-18\Software\_rtneg2\eeennn -> Adware.Begin2Search : Cleaned with backup
HKU\S-1-5-18\Software\_rtneg2\kkws -> Adware.Begin2Search : Cleaned with backup
HKU\S-1-5-18\Software\_rtneg2\ppops -> Adware.Begin2Search : Cleaned with backup
HKU\S-1-5-18\Software\_rtneg2\reel -> Adware.Begin2Search : Cleaned with backup
HKU\S-1-5-18\Software\_rtneg2\ssites -> Adware.Begin2Search : Cleaned with backup
C:\WINDOWS\eeybzs.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\system32\70tovmto.ini -> Adware.Sahat : Cleaned with backup
C:\WINDOWS\system32\cache32_rtneg2 -> Adware.Begin2Search : Cleaned with backup
C:\WINDOWS\system32\u6f6uftuc.ini -> Adware.Sahat : Cleaned with backup
C:\WINDOWS\Temp\DrTemp\bho_prob.exe -> Adware.BetterInternet : Error during cleaning


::Report End
--------------------------------------------------------------------------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 12:12:19 AM, on 3/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\spoolsv.exe
c:\sdwork\issimsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\soft602\pdfSaver.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
C:\Program Files\D-Link\AirPlus G Wireless Adapter Utility\AirPlus.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us8l.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://proxy.att.com:8000
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [ISSI EZUpdate Service] "c:\sdwork\issimsvc.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Program Files\Common Files\soft602\pdfSaver.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [pdfSaver3] "c:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O4 - Global Startup: D-Link AirPlus G Wireless Utility.lnk = ?
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\avantail\connect\asnsp.dll
O10 - Unknown file in Winsock LSP: c:\avantail\connect\aslsp.dll
O10 - Unknown file in Winsock LSP: c:\avantail\connect\aslsp.dll
O10 - Unknown file in Winsock LSP: c:\avantail\connect\aslsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://us8l.hpwis.com
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - http://activation.rr...oad/tgctlcm.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.aajtak.co...er/tdserver.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {95EEE69E-27B4-4D13-BD32-766617A16909} (NDTVVideo.MPlayer) - http://www.ndtv.com/...TVseekvideo.CAB
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real...ArcadeRdxIE.cab
O16 - DPF: {F5C90925-ABBF-4475-88F5-8622B452BA9E} (Compaq System Data Class) - http://h30155.www3.h...rt/SysQuery.cab
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSI EZUpdate (ISSIMon) - IBM Global Services - c:\sdwork\issimsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
--------------------------------------------------------------------------------------------------------------------------

Please advise what should I do now ?
Thanks again,
Ajit
  • 0

#5
Antartic-Boy
Posted 19 March 2006 - 05:19 AM

Antartic-Boy

    Visiting Staff

  • Visiting Consultant
  • 1,120 posts
-----------------------1

Please download the Killbox by Option^Explicit.

Note: In the event you already have Killbox, this is a new version that I need you to download.
  • Save it to your desktop.
  • Please double-click Killbox.exe to run it.
  • Select:
    • Delete on Reboot
    • then Click on the All Files button.
  • Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

    C:\WINDOWS\Temp\DrTemp\bho_prob.exe

  • Return to Killbox, go to the File menu, and choose Paste from Clipboard.
  • Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).
If your computer does not restart automatically, please restart it manually.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.

-----------------------2

Please go HERE to run Panda's ActiveScan
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report along with a fresh Ewido Log..

  • 0

#6
ajit
Posted 19 March 2006 - 05:52 PM

ajit

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi Antartic-Boy,
I have received "PendingFileRenameOperations Registry Data has been Removed by External Process!" while running KillBox. Then I restarted my computer manually and scanned online using Panda as per your instructions.

ActiveScan log:
-----------------------------------------------------------------------------

Incident Status Location

Spyware:spyware/surfsidekick Not disinfected C:\Documents and Settings\AJIT BARNWAL\Local Settings\Temporary Internet Files\Ssk.log
Adware:adware/ipinsight Not disinfected C:\WINDOWS\INF\polall1r.inf
Adware:adware/virtualbouncer Not disinfected Windows Registry
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.toplist.cz/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.belnk.com/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.maxserving.com/]
Spyware:Cookie/go Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.go.com/]
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.azjmp.com/]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[hc2.humanclick.com/hc/24449606]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[hc2.humanclick.com/]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[hc2.humanclick.com/hc/24449606]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.atwola.com/]
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.did-it.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.bravenet.com/]
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[.fortunecity.com/]
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[landing.domainsponsor.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[searchportal.information.com/]
Spyware:Spyware/BetterInet Not disinfected C:\!KillBox\bho_prob.exe
Spyware:Spyware/BetterInet Not disinfected C:\!KillBox\bho_prob.exe( 1)
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[24449606]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[]
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[24449606]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt[]
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\LocalService\Cookies\system@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\LocalService\Cookies\system@888[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
Spyware:Cookie/BetterInet Not disinfected C:\Documents and Settings\LocalService\Cookies\system@a[2].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\LocalService\Cookies\system@cassava[1].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\LocalService\Cookies\system@offeroptimizer[2].txt
Spyware:Cookie/Transponder Not disinfected C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
Adware:Adware/Transponder Not disinfected C:\WINDOWS\inf\polall1r.inf
Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\system32\abasa5jrp.ini
Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\system32\hochkaod3.ini
Spyware:Spyware/Omi Not disinfected C:\WINDOWS\system32\msfdje.gif
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\Temp\DrTemp\bho_prob.exe


Fresh Ewido logs:
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 5:47:23 PM, 3/19/2006
+ Report-Checksum: 6366529

+ Scan result:

:mozilla.25:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.26:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.27:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\WINDOWS\Temp\DrTemp\bho_prob.exe -> Adware.BetterInternet : Error during cleaning

::Report End

Please let me know further action to do.
Thanks
  • 0

#7
Antartic-Boy
Posted 20 March 2006 - 12:12 AM

Antartic-Boy

    Visiting Staff

  • Visiting Consultant
  • 1,120 posts
I'll post my instructions later..

Edited by Antartic-Boy, 20 March 2006 - 12:14 AM.

  • 0

#8
Antartic-Boy
Posted 29 March 2006 - 03:25 AM

Antartic-Boy

    Visiting Staff

  • Visiting Consultant
  • 1,120 posts
Download and run this and post me a fresh Ewido Log..
  • 0

#9
ajit
Posted 30 March 2006 - 09:49 PM

ajit

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Thank God, you are back!

I have scanned my laptop online using FixBinet.exe. But after executing this, my internet configuration
was damaged and I was unable to browse internet so I restored back to a restore point(using windows XP feature).
Now browser is working agin. Logs from the FixBinet.exe is below:

-----------------------------------------------------------------------------------
Symantec Adware.BetterInternet Removal Tool 1.1.3


C:\System Volume Information: (not scanned)
C:\WINDOWS\Temp\ASHeuristic: (not scanned)
C:\WINDOWS\Temp\DrTemp\bho_prob.exe: (WARNING: not deleted for an unknown reason)

The Adware.BetterInternet removal was unsuccessful.
The tool could not delete one Adware.BetterInternet file from your PC.
Please boot into Safe mode and run this tool again.
Files that could not be repaired or deleted by this tool must be removed
manually. Check the log file for a list of files that could not be deleted.
If you need more information to assist you in performing any of the above tasks,
you may search our Knowledge Base at
http://www.symantec.com/search/

Here is the report:

The total number of the scanned files: 62542
The number of deleted files: 0
The number of threat processes terminated: 0
The number of registry entries fixed: 0
-----------------------------------------------------------------------------------

Then I executed Ewido. Sending the Ewido log below:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:25:52 PM, 3/29/2006
+ Report-Checksum: EB7B1F13

+ Scan result:

:mozilla.16:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.18:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.20:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.21:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.22:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.23:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.24:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.90:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.91:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.92:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.93:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.94:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.106:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned with backup
:mozilla.107:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned with backup
:mozilla.108:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.110:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.111:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.112:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.113:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.118:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.119:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.121:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.122:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.123:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.125:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.126:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.127:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.128:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.129:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.142:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.143:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.144:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.145:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.146:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.147:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.148:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.149:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.150:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.151:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.152:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.153:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.154:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.155:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.158:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.159:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.160:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.161:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.162:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.165:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.166:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.167:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.168:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.169:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.170:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.171:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.175:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.176:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.177:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.178:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.179:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.180:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.184:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.185:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.295:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.296:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.297:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.298:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.299:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.300:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.306:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.308:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.309:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.310:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.311:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.312:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.313:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.314:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.315:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.316:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.317:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.318:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.319:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.320:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.321:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.322:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.323:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.324:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.325:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.326:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.327:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.328:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.329:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.330:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.331:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.333:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.334:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.346:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.350:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.351:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.352:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.353:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.367:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.371:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.372:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.373:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.374:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.381:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.382:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.386:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.387:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.388:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.389:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.395:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.396:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.397:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.411:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.413:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.414:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.415:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.416:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.417:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.438:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.520:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.523:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.552:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.553:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.556:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.565:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.568:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.569:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.570:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.582:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.596:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.597:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.630:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.643:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.644:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.651:C:\Documents and Settings\AJIT BARNWAL\Application Data\Mozilla\Firefox\Profiles\4t60ve8p.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\WINDOWS\Temp\DrTemp\bho_prob.exe -> Adware.BetterInternet : Error during cleaning


::Report End
----------------------------------------------------------------------------------------------------------------------------

Please let me know next action.
Thanks,
  • 0

#10
Antartic-Boy
Posted 31 March 2006 - 05:29 AM

Antartic-Boy

    Visiting Staff

  • Visiting Consultant
  • 1,120 posts
Please download WebRoot SpySweeper from HERE (It's a 2 week trial):
  • Click Download Now to download the program.
  • Install it. Once the program is installed, it will open.
  • It will prompt you to update to the latest definitions, click Yes.
  • Once the definitions are installed, click Options on the left side.
  • Click the Sweep Options tab.
  • Under What to Sweep please put a check next to the following:
    • Sweep Memory
    • Sweep Registry
    • Sweep Cookies
    • Sweep All User Accounts
    • Enable Direct Disk Sweeping
    • Sweep Contents of Compressed Files
    • Sweep for Rootkits
    • Please UNCHECK Do not Sweep System Restore Folder.
  • Click Sweep Now on the left side.
  • Click the Start button.
  • When it's done scanning, click the Next button.
  • Make sure everything has a check next to it, then click the Next button.
  • It will remove all of the items found.
  • Click Session Log in the upper right corner, copy everything in that window.
  • Click the Summary tab and click Finish.
  • Paste the contents of the session log you copied into your next reply.

  • 0

#11
ajit
Posted 01 April 2006 - 11:39 PM

ajit

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi Antartic-Boy,
Thanks a ton for your patience and consistent help! I could remove ABetterInternet this time successfully using Webroot Spy Sweeper. Thank you very much once again.

Cheers,
Ajit
  • 0

#12
Antartic-Boy
Posted 02 April 2006 - 01:07 AM

Antartic-Boy

    Visiting Staff

  • Visiting Consultant
  • 1,120 posts
----------------------->

Great job it appears your logfile is clean. :whistling:

The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.
  • Spybot Search & Destroy - Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.
  • AdAware - Another very powerful tool which searches and kills nasties that infect your system. AdAware and Spybot Search & Destroy compliment each other very well.
  • SpywareBlaster - Great prevention tool to keep nasties from installing on your system.
  • SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.
  • IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
  • CleanUP! - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • Google Toolbar - Free google toolbar that allows you to use the powerful Google search engine from the bar, but also blocks pop up windows.
  • Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein
  • 0

#13
Antartic-Boy
Posted 02 April 2006 - 01:09 AM

Antartic-Boy

    Visiting Staff

  • Visiting Consultant
  • 1,120 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :whistling:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP