Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

TrojanSPM/LX


  • Please log in to reply

#16
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
We can fix that error I believe.


Open HijackThis-> Click "Do a System Scan Only" and put a check by these but DO NOT hit the Fix Checked button yet

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)

O2 - BHO: (no name) - {AD4F25AE-3F85-44FF-A6BC-DECBA5EB7134} - C:\WINDOWS\system32\mlljh.dll (file missing)

O2 - BHO: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)

O2 - BHO: (no name) - {F18F04B0-9CF1-4b93-B004-77A288BEE28B} - C:\WINDOWS\system32\lhsyulng.dll (file missing)

O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)

O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvjaz.dll,startup

Now Make sure ALL WINDOWS and BROWSERS are CLOSED and hit the Fix Checked Button



Scan fresh with ComboFix and Post that log in the next reply please.
  • 0

Advertisements


#17
GirlsDoItToo

GirlsDoItToo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Her Majesty - 06-11-12 17:52:41.68 Service Pack 2
ComboFix 06.11.9 - Running from: "C:\Documents and Settings\Her Majesty\My Documents\Stuff\Virus Fixes"

((((((((((((((((((((((((((((((( Files Created from 2006-10-12 to 2006-11-12 ))))))))))))))))))))))))))))))))))


2006-11-12 17:21 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-11-12 17:21 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-11-12 17:21 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-11-12 17:21 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-11-09 22:10 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-09 17:10 90,112 --a------ C:\WINDOWS\system32\mcrtl32.dll
2006-11-09 17:10 32,768 --a------ C:\WINDOWS\system32\instlsp.exe
2006-11-09 17:10 131,072 --a------ C:\WINDOWS\system32\mclsp.dll
2006-11-09 17:10 11,264 --a------ C:\WINDOWS\system32\sporder.dll
2006-11-07 15:14 40,973 ---hs---- C:\WINDOWS\system32\rqrqqpn.dll
2006-10-28 18:46 57,344 --a------ C:\WINDOWS\system32\Wnaspint.dll
2006-10-17 12:33 6,049,280 --------- C:\WINDOWS\system32\ieframe.dll
2006-10-17 12:33 50,688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-10-17 12:33 458,752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-10-17 12:33 180,736 --------- C:\WINDOWS\system32\ieui.dll
2006-10-17 12:05 206,336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 11:58 61,952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12,288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 266,752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:27 380,928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 18:54 56 -r-hs---- C:\WINDOWS\system32\078BE27FC8.sys
2006-10-13 18:54 4,182 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-12 17:51 -------- d-------- C:\Program Files\Mozilla Firefox
2006-11-12 17:51 -------- d-------- C:\Program Files\Hijackthis
2006-11-12 16:30 -------- d-------- C:\Program Files\Common Files
2006-11-12 16:25 -------- d-------- C:\Program Files\Mozilla Thunderbird
2006-11-12 02:18 -------- d-------- C:\Program Files\Common Files\Sonic Shared
2006-11-11 23:06 -------- d-------- C:\Program Files\Symantec
2006-11-11 23:06 -------- d-------- C:\Program Files\Norton Internet Security
2006-11-11 23:06 -------- d-------- C:\Program Files\Norton AntiVirus
2006-11-11 23:06 -------- d-------- C:\Program Files\Common Files\Symantec Shared(2)
2006-11-11 17:24 -------- d-------- C:\Program Files\WinZip
2006-11-09 23:50 -------- d-------- C:\Program Files\QuickTime
2006-11-09 23:45 -------- d-------- C:\Program Files\Internet Explorer
2006-11-09 23:45 -------- d-------- C:\Program Files\Digital Line Detect
2006-11-09 23:45 -------- d-------- C:\Program Files\Dell Support
2006-11-09 23:44 -------- d-------- C:\Program Files\Common Files\System
2006-11-09 22:20 -------- d-------- C:\Program Files\VSAdd-in
2006-11-09 22:10 -------- d-------- C:\Program Files\Grisoft
2006-11-09 18:41 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\Adobe
2006-11-09 18:13 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\Lavasoft
2006-11-09 18:10 -------- d-------- C:\Program Files\Lavasoft
2006-11-09 17:11 -------- d-------- C:\Program Files\McAfee.com
2006-11-08 13:26 -------- d-------- C:\Program Files\Common Files\Adobe
2006-11-08 13:24 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-08 13:24 -------- d-------- C:\Program Files\Adobe
2006-11-07 21:18 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\AdobeUM
2006-11-07 15:26 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\SearchToolbarCorp
2006-11-06 02:31 -------- d-------- C:\Program Files\iTunes
2006-11-06 02:31 -------- d-------- C:\Program Files\iPod
2006-10-28 19:51 -------- d-------- C:\Program Files\Acoustica MP3 CD Burner
2006-10-21 23:46 -------- d-------- C:\Program Files\Sonic
2006-10-21 15:04 -------- d-------- C:\Program Files\Apple Software Update
2006-10-17 12:33 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-10-17 12:33 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-10-17 12:33 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 12:01 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-10-17 12:01 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-10-17 12:01 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-10-17 12:01 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-10-17 12:01 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-10-17 12:01 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-10-17 12:00 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-10-17 12:00 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-10-17 12:00 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:23 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-10-17 01:54 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\Apple Computer
2006-10-13 18:54 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\Corel Photo Album
2006-10-08 19:34 -------- d---s---- C:\Documents and Settings\Her Majesty\Application Data\Microsoft
2006-10-08 14:40 -------- d-------- C:\Program Files\Windows Media Player
2006-10-08 14:40 -------- d-------- C:\Program Files\Windows Media Connect 2
2006-10-08 00:40 -------- d-------- C:\Program Files\JetAudio
2006-10-08 00:40 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\COWON
2006-10-03 23:40 1755136 --ahs---- C:\Program Files\ehthumbs.db
2006-10-03 18:04 -------- d-------- C:\Program Files\filesubmit
2006-10-03 14:15 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\McAfee.com Personal Firewall
2006-09-30 16:11 -------- d-------- C:\Program Files\Common Files\SWF Studio
2006-09-30 14:36 -------- d-------- C:\Program Files\Zone Labs
2006-09-30 14:30 -------- d-------- C:\Program Files\Outlook Express
2006-09-29 20:32 -------- d-------- C:\Program Files\Common Files\Blizzard Entertainment
2006-09-29 20:21 -------- d-------- C:\Program Files\Common Files\Adobe Systems Shared
2006-09-29 20:19 -------- d-------- C:\Program Files\WinRAR
2006-09-29 20:18 -------- d-------- C:\Program Files\Microsoft Office
2006-09-29 20:18 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-09-29 20:18 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-09-29 20:18 -------- d-------- C:\Program Files\Common Files\Designer
2006-09-29 19:34 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\Toshiba
2006-09-29 19:32 -------- d-------- C:\Program Files\PictureProject In Touch Downloader
2006-09-29 19:30 -------- d-------- C:\Program Files\Nikon
2006-09-29 19:29 -------- d-------- C:\Program Files\MSXML 4.0
2006-09-29 19:29 -------- d-------- C:\Program Files\Common Files\Nikon
2006-09-29 19:29 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\Nikon
2006-09-29 19:28 -------- d-------- C:\Program Files\Common Files\muvee Technologies
2006-09-29 19:26 -------- d-------- C:\Program Files\ArcSoft
2006-09-29 19:22 -------- d-------- C:\Program Files\SmartFTP Client 2.0 Setup Files
2006-09-29 19:22 -------- d-------- C:\Program Files\SmartFTP Client 2.0
2006-09-29 19:19 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\Skype
2006-09-29 19:17 -------- d-------- C:\Program Files\Skype
2006-09-29 19:13 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\Thunderbird
2006-09-29 19:11 -------- d-------- C:\Program Files\Common Files\COWON
2006-09-29 19:00 -------- d-------- C:\Program Files\Yahoo!
2006-09-29 18:56 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\Macromedia
2006-09-29 18:53 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\acccore
2006-09-29 18:52 -------- d-------- C:\Program Files\Common Files\AOL
2006-09-29 18:52 -------- d-------- C:\Program Files\AOL
2006-09-29 18:52 -------- d-------- C:\Program Files\AOD
2006-09-29 18:52 -------- d-------- C:\Documents and Settings\Her Majesty\Application Data\Mozilla
2006-09-29 18:46 -------- d-------- C:\Program Files\LimeWire
2006-09-29 18:46 -------- d-------- C:\Program Files\Java
2006-09-29 18:38 -------- d-------- C:\Program Files\Last.fm
2006-09-29 18:19 -------- d-------- C:\Program Files\Samsung
2006-09-29 16:07 -------- d-------- C:\Program Files\Common Files\Intuit
2006-09-29 16:04 -------- d-------- C:\Program Files\MUSICMATCH
2006-09-29 16:02 -------- d-------- C:\Program Files\Google
2006-09-13 00:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-06 16:43 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-08-25 10:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-24 21:42 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-08-24 21:42 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-08-24 21:30 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-08-24 21:30 990208 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-08-24 21:30 937984 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2006-08-24 21:30 8337920 --a------ C:\WINDOWS\system32\wmploc.dll
2006-08-24 21:30 790016 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-08-24 21:30 757248 --a------ C:\WINDOWS\system32\wmadmod.dll
2006-08-24 21:30 7168 --a------ C:\WINDOWS\system32\asferror.dll
2006-08-24 21:30 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-08-24 21:30 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-08-24 21:30 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-08-24 21:30 611840 --------- C:\WINDOWS\system32\wmpmde.dll
2006-08-24 21:30 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-08-24 21:30 537600 --a------ C:\WINDOWS\system32\blackbox.dll
2006-08-24 21:30 532992 --a------ C:\WINDOWS\system32\wmdrmsdk.dll
2006-08-24 21:30 428032 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-08-24 21:30 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-08-24 21:30 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-08-24 21:30 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-08-24 21:30 349184 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-08-24 21:30 347648 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-08-24 21:30 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-08-24 21:30 320512 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-08-24 21:30 316928 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-08-24 21:30 314368 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-08-24 21:30 305152 --------- C:\WINDOWS\system32\MSDelta.dll
2006-08-24 21:30 295424 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-08-24 21:30 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-08-24 21:30 276480 --a------ C:\WINDOWS\system32\audiodev.dll
2006-08-24 21:30 27648 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-08-24 21:30 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-08-24 21:30 2589184 --------- C:\WINDOWS\system32\WpdShext.dll
2006-08-24 21:30 258560 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-08-24 21:30 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-08-24 21:30 242176 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-08-24 21:30 228352 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-08-24 21:30 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2006-08-24 21:30 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-08-24 21:30 211968 --a------ C:\WINDOWS\system32\MFPLAT.dll
2006-08-24 21:30 210432 --a------ C:\WINDOWS\system32\qasf.dll
2006-08-24 21:30 204800 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-08-24 21:30 198144 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-08-24 21:30 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-08-24 21:30 175104 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-08-24 21:30 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-08-24 21:30 1660416 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-08-24 21:30 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-08-24 21:30 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-08-24 21:30 1539584 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-08-24 21:30 1532416 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-08-24 21:30 1392128 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-08-24 21:30 133120 --------- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-08-24 21:30 1327616 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-08-24 21:30 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-08-24 21:30 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-08-24 21:30 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-08-24 21:30 1118208 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-08-24 21:30 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-08-24 19:31 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-08-24 19:27 249344 --a------ C:\WINDOWS\system32\drmupgds.exe
2006-08-24 19:26 95288 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-08-24 19:26 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-08-24 18:19 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-08-24 18:19 145920 --------- C:\WINDOWS\system32\WudfHost.exe
2006-08-24 18:18 56320 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-08-24 18:18 168448 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-08-21 07:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 04:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-16 06:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ModemOnHold"="C:\\Program Files\\NetWaiting\\netWaiting.exe"
"DellSupport"="\"C:\\PROGRA~1\\DELLSU~1\\DSAgnt.exe\" /startup"
"Aim6"=""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
"igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_08\\bin\\jusched.exe\""
@=""
"IntelWireless"="C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe /tf Intel PROSet/Wireless"
"SigmatelSysTrayApp"="stsystra.exe"
"Dell QuickSet"="C:\\Program Files\\Dell\\QuickSet\\quickset.exe"
"DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask"
"OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="C:\\PROGRA~1\\mcafee.com\\agent\\McUpdate.exe"
"MSKDetectorExe"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MSKDetct.exe /startup"
"MSKAGENTEXE"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MskAgent.exe"
"VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1159573950\\ee\\AOLSoftware.exe"
"IPHSend"="C:\\Program Files\\Common Files\\AOL\\IPHSend\\IPHSend.exe"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"MPSExe"="c:\\PROGRA~1\\mcafee.com\\mps\\mscifapp.exe /embedding"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,02,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (MEGALOMANIAC-Her Majesty).job
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
C:\WINDOWS\tasks\Symantec NetDetect.job

Completion time: 06-11-12 17:53:45.14
C:\ComboFix.txt ... 06-11-12 17:53
C:\ComboFix2.txt ... 06-11-12 16:32
  • 0

#18
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Look in Add\Remove Programs and Remove VSAdd-in if found

Delete this folder--> C:\Program Files\VSAdd-in

  • Double-click VundoFix.exe to run it again.
  • Right Click inside the listbox (white box) and click add more files
  • Copy&Paste the entries below into the open boxes
    • C:\WINDOWS\system32\rqrqqpn.dll
  • Click Add Files and Click Close Window
  • Click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt

Note: It is possible that VundoFix encountered a file it could not remove.

In this case, VundoFix will run on reboot,allow the computer to reboot and VundoFix to load.

Just add the very same files as before and Click Remove Vundo.



Please run the F-Secure Online Scanner

Note: This Scanner is for Internet Explorer Only!
  • Follow the Instruction on the F-Secure page for proper installation.
  • Accept the License Agreement.
  • Once the ActiveX installs,Click Full System Scan
  • Once the download completes,the scan will begin automatically.
  • The scan will take some time to finish,so please be patient.
  • When the scan completes, click the Automatic cleaning (recommended) button.
  • Click the Show Report button and Copy&Paste the entire report in your next reply along with vundofix.txt

  • 0

#19
GirlsDoItToo

GirlsDoItToo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
VundoFix log:


VundoFix V6.2.8

Checking Java version...

Java version is 1.4.2.3

Java version is 1.5.0.8

Scan started at 4:48:45 PM 11/12/2006

Listing files found while scanning....

C:\WINDOWS\system32\winrkp32.dll
C:\WINDOWS\system32\mlljh.dll
C:\WINDOWS\system32\hjllm.ini
C:\WINDOWS\system32\hjllm.bak1
C:\WINDOWS\system32\hjllm.bak2
C:\WINDOWS\system32\hjllm.ini2
C:\WINDOWS\system32\hjllm.tmp

Beginning removal...

Attempting to delete C:\WINDOWS\system32\winrkp32.dll
C:\WINDOWS\system32\winrkp32.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mlljh.dll
C:\WINDOWS\system32\mlljh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hjllm.ini
C:\WINDOWS\system32\hjllm.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\hjllm.bak1
C:\WINDOWS\system32\hjllm.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\hjllm.bak2
C:\WINDOWS\system32\hjllm.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\hjllm.ini2
C:\WINDOWS\system32\hjllm.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\hjllm.tmp
C:\WINDOWS\system32\hjllm.tmp Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.2.8

Checking Java version...

Java version is 1.4.2.3

Java version is 1.5.0.8

Scan started at 7:28:58 PM 11/12/2006

Listing files found while scanning....

No infected files were found.


Beginning removal...

Attempting to delete C:\WINDOWS\system32\rqrqqpn.dll
C:\WINDOWS\system32\rqrqqpn.dll Has been deleted!

Performing Repairs to the registry.
Done!






F-Secure Log:

Scanning Report
Sunday, November 12, 2006 21:32:28 - 22:25:02

Computer name: MEGALOMANIAC
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\
Result: 3 malware found
Tracking Cookie (spyware)

* System (Disinfected)
* System
* System

Statistics
Scanned:

* Files: 35361
* System: 4856
* Not scanned: 5

Actions:

* Disinfected: 1
* Renamed: 0
* Deleted: 0
* None: 2
* Submitted: 0

Files not scanned:

* C:\HIBERFIL.SYS
* C:\PAGEFILE.SYS
* C:\WINDOWS\SYSTEM32\PROCESS.EXE
* C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
* C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3AD391678A806EC4D691E83AAA393B6F_24ADF822-76F7-4481-B30B-FF1B40F8687F

Options
Scanning engines:

* F-Secure Libra: 2.4.2, 2006-11-10
* F-Secure AVP: 7.0.171, 2006-11-10
* F-Secure Orion: 1.2.37, 2006-11-10
* F-Secure Blacklight: 1.0.31, 0000-00-00
* F-Secure Draco: 1.0.35, 2006-11-02
* F-Secure Pegasus: 1.19.0, 2006-08-29

Scanning options:

* Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX
* Use Advanced heuristics

Copyright © 1998-2006 Product support |Send virus sample to F-Secure
F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.
  • 0

#20
GirlsDoItToo

GirlsDoItToo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I did a virus scan with McAfee and it says that Vundo is a Trojan....
  • 0

#21
GirlsDoItToo

GirlsDoItToo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Also, I am unable to enable my virus protection. My guess is that it may have something to do with the Trojan.
  • 0

#22
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
It is possible you may need to uninstall and reinstall your Antivirus software as the trojans you had may have made some unwanted changes to disable it.


Please run the Bit Defender Online Scan
http://www.bitdefend...m/scan8/ie.html

You must use Internet Explorer for this scanner.

Install the ActiveX and Click on "Click here to Scan"

Allow it to update and Scan the Machine.

It should disinfect or delete whatever it finds that is infected.

Save the report in generates in a text format please and post it back here along with a fresh HijackThis log.
  • 0

#23
GirlsDoItToo

GirlsDoItToo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
BitDefender Online Scanner - Real Time Virus Report







Generated at: Mon, Nov 13, 2006 - 13:57:52









Scan Info







Scanned Files


494361

Infected Files


0















Virus Detected







No virus found.

























This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.








Logfile of HijackThis v1.99.1
Scan saved at 1:58:14 PM, on 11/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Common Files\AOL\1159573950\ee\AOLSoftware.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\FriendAdder Combo Pack\Friend Adder\FriendAdder.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://desktop.googl...back.html?hl=en
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1159573950\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [CleanUp] C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /cleanup
O4 - HKLM\..\RunOnce: [vsoupd.dll] rundll32.exe advpack.dll,RegisterOCX c:\PROGRA~1\mcafee.com\vso\vsoupd.dll
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-sec.../ols3/fscax.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NkPtpEnumP2 - Unknown owner - C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe" -a -d="C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpip.dll (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
  • 0

#24
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
I like those results,have you been able to resolve the issue with your antivirus?


Please update AVG Anti-Spyware with the latest definitions and restart the PC in Safe Mode.

Scan with AVG--> clean all it finds and be sure to save the report.


Restart in Normal mode and post that report please.
  • 0

#25
GirlsDoItToo

GirlsDoItToo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:34:44 PM 11/13/2006

+ Scan result:



:mozilla.326:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.327:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.328:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.335:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.336:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.337:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.338:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.339:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.340:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.341:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.395:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.482:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.725:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.263:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.264:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.265:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.266:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.363:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.502:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.750:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.275:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.276:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.277:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.278:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.279:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.280:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.289:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.290:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.318:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.377:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.378:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.384:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.385:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.405:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.409:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.411:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.440:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.493:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.528:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.557:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.558:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.712:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.734:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.735:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][2].txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.699:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.702:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.23:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.24:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.26:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.27:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.28:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.96:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.267:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][1].txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.726:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.449:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.71:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.72:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.73:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.74:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.75:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.76:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.77:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.78:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.79:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.353:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.604:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
:mozilla.610:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.611:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.612:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.613:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.98:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.296:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.297:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.298:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.299:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.56:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.57:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.58:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.59:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.60:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.61:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.62:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.534:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Hotlog : No action taken.
:mozilla.524:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.525:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.526:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.538:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.122:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][1].txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.499:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.247:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.248:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.249:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][1].txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.527:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Realtracker : No action taken.
:mozilla.506:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.508:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.509:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.510:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.511:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.445:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.324:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.325:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.329:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.330:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.331:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.332:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.333:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.334:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.535:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Spylog : No action taken.
:mozilla.254:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.255:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.362:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.364:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.365:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.366:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.367:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.368:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.123:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][1].txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.113:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.114:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.115:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.116:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.117:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.118:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.119:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.120:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.121:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][2].txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.63:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.64:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.65:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.66:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.67:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.68:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.69:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.70:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][2].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.554:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.45:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.46:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.47:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.48:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.49:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.50:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.51:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.52:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.53:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Her Majesty\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.420:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.421:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.427:C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cookies.txt -> TrackingCookie.Zedo : No action taken.


::Report end
  • 0

Advertisements


#26
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Open Firefox and Click Tools--> Options--> Privacy

Click Clear by everything but Saved Passwords


Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post along with a fresh HijackThis log.

  • 0

#27
GirlsDoItToo

GirlsDoItToo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I didn't get the option to save the text file. Then again, I wasn't home when it finished, but I would imagine that it would still be there once I got back.


1 virus found
4 infected objects
  • 0

#28
GirlsDoItToo

GirlsDoItToo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I re-scanned, and here's the report I got:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, November 13, 2006 11:17:00 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 14/11/2006
Kaspersky Anti-Virus database records: 241138
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 72428
Number of viruses found: 1
Number of infected objects: 4 / 0
Number of suspicious objects: 0
Duration of the scan process: 01:04:55

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\McAfee\SpamKiller\Logs\Filtering.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Logs\TaskScheduler\McTskshd000.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee.com\VSO\OASLogs\OAS.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee.com Personal Firewall\data\HwLocal.xdb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ad391678a806ec4d691e83aaa393b6f_24adf822-76f7-4481-b30b-ff1b40f8687f Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\cert8.db Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\history.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\key3.db Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\parent.lock Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Thunderbird\Profiles\xxdbxj60.default\abook.mab Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Thunderbird\Profiles\xxdbxj60.default\cert8.db Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Thunderbird\Profiles\xxdbxj60.default\key3.db Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Thunderbird\Profiles\xxdbxj60.default\Mail\Local Folders\Inbox.msf Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Thunderbird\Profiles\xxdbxj60.default\Mail\Local Folders\Junk.msf Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Thunderbird\Profiles\xxdbxj60.default\Mail\Local Folders\Templates.msf Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Thunderbird\Profiles\xxdbxj60.default\Mail\Local Folders\Trash.msf Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Thunderbird\Profiles\xxdbxj60.default\panacea.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\Application Data\Thunderbird\Profiles\xxdbxj60.default\parent.lock Object is locked skipped
C:\Documents and Settings\Her Majesty\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Her Majesty\Local Settings\Application Data\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\Application Data\Mozilla\Firefox\Profiles\o7jnp0ss.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\History\History.IE5\MSHist012006111320061114\index.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\Temp\Perflib_Perfdata_15c8.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\Temp\~DFAD0B.tmp Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\ntuser.dat Object is locked skipped
C:\Documents and Settings\Her Majesty\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\billing_Her Majesty.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\client_Her Majesty.log Object is locked skipped
C:\Program Files\Yahoo!\Messenger\logs\network_Her Majesty.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP62\A0016260.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP62\A0016938.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP62\A0017084.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP64\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{D0EAC0C4-C035-4BA7-A731-675F55243578}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{225F55EC-343A-4FBB-8B7F-382E9F55E573}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\sqlite_QNvcrUAaiJEE0fJ Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
  • 0

#29
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
That all looks OK,whats there is trapped inside System Restore and we will fix that before closing this post.


Please post an uninstall list,
  • Start HijackThis
  • Click on the Config button
  • Click on the Misc Tools button
  • Click on the Open Uninstall Manager button.
  • Click on the Save list... button and specify where you would like to save this file.
  • When you press Save button a notepad will open with the contents of that file.
  • Simply copy and paste the contents of that notepad into this topic please.

Please Install these 2 to add to the Security of the PC

SpywareBlaster:
http://www.javacools.../downloads.html
Update Immediatly!

WinHelp2002 Hosts File
http://www.mvps.org/...2002/hosts2.htm


How is the PC running today?
  • 0

#30
GirlsDoItToo

GirlsDoItToo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
So far things are running smoothly. Thank you so much for your help, you've been wonderful!


Acoustica MP3 CD Burner
Ad-Aware SE Personal
Adobe Acrobat - Reader 6.0.2 Update
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 9 ActiveX
Adobe Help Center 1.0
Adobe Photoshop
Adobe Photoshop CS2
Adobe Reader 6.0.1
Adobe Stock Photos 1.0
AOL Uninstaller (Choose which Products to Remove)
AOLIcon
Apple Software Update
ArcSoft Panorama Maker 3
AVG Anti-Spyware 7.5
Bluetooth Stack for Windows by Toshiba
Broadcom Management Programs
Conexant HDA D110 MDC V.92 Modem
Corel Photo Album 6
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Game Console
Dell Support 3.1
Digital Line Detect
ESPNMotion
FriendAdder Combo Pack
GemMaster Mystic
High Definition Audio Driver Package - KB835221
Hijackthis 1.99.1
HijackThis 1.99.1
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB915865)
Intel® Graphics Media Accelerator Driver for Mobile
Intel® PROSet/Wireless Software
Internal Network Card Power Management
iPod for Windows 2005-09-06
iTunes
J2SE Runtime Environment 5.0 Update 8
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_03
jetAudio Basic
Kaspersky Online Scanner
Last.fm 1.0.7
Learn2 Player (Uninstall Only)
LimeWire 4.12.6
Macromedia Flash Player
McAfee Uninstaller
mCore
MCU
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Beta2)
mIWA
mIWCA
mLogView
mMHouse
Mozilla Firefox (1.5.0.8)
Mozilla Thunderbird (1.5.0.8)
mPfMgr
mPfWiz
mProSafe
mSSO
MSXML 4.0 SP2 Parser and SDK
mToolkit
Musicmatch for Windows Media Player
mWlsSafe
mXML
mZConfig
NetZeroInstallers
Nikon Message Center
OIN
Otto
Panda ActiveScan
PictureProject
PictureProject In Touch Downloader 1.0
PowerDVD 5.5
QuickSet
QuickTime
RealPlayer Basic
Samsung USB Driver (MCCI 4.16)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Skype 2.5
SmartFTP Client 2.0
SmartFTP Client 2.0 Setup Files (remove only)
Sonic DLA
Sonic Encoders
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Synaptics Pointing Device Driver
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
VSAdd-in for Internet Explorer
WebCyberCoach 3.2 Dell
WildTangent Web Driver
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890927
Windows XP Media Center Edition 2005 KB908246
WinRAR archiver
WinZip
Wireless Camera Setup Utility
WordPerfect Office 12
World of Warcraft
Yahoo! Messenger
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP