Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I have antivermins


  • This topic is locked This topic is locked

#1
asoul576

asoul576

    Member

  • Member
  • PipPip
  • 46 posts
I have already read posts and did the things that have been recommended. Here are the logs I have ran.

Highjack this ...

Logfile of HijackThis v1.99.1
Scan saved at 9:24:58 PM, on 12/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1148429173\ee\AOLSoftware.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Documents and Settings\Roger Ferguson\Desktop\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Documents and Settings\Roger Ferguson\Desktop\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\New Folder\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1148429173\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Roger Ferguson\Desktop\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akama...ex/qtplugin.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h20278.www2.h...DataManager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} (AOL Content Update) - http://esupport.aol....oach_core_1.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Documents and Settings\Roger Ferguson\Desktop\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect Helper - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\rthlpsvc.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Smith Fraud fix ...

SmitFraudFix v2.130

Scan done at 16:20:33.71, Sun 12/17/2006
Run from C:\Documents and Settings\Roger Ferguson\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{3c767c6b-602d-4b9b-829d-a3dc5b2d89dd}"="haematobia"

[HKEY_CLASSES_ROOT\CLSID\{3c767c6b-602d-4b9b-829d-a3dc5b2d89dd}\InProcServer32]
@="C:\WINDOWS\system32\hjpprpu.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{3c767c6b-602d-4b9b-829d-a3dc5b2d89dd}\InProcServer32]
@="C:\WINDOWS\system32\hjpprpu.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{3c767c6b-602d-4b9b-829d-a3dc5b2d89dd}"="haematobia"

[HKEY_CLASSES_ROOT\CLSID\{3c767c6b-602d-4b9b-829d-a3dc5b2d89dd}\InProcServer32]
@="C:\WINDOWS\system32\hjpprpu.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{3c767c6b-602d-4b9b-829d-a3dc5b2d89dd}\InProcServer32]
@="C:\WINDOWS\system32\hjpprpu.dll"



»»»»»»»»»»»»»»»»»»»»»»»» End

AVG anti-spyware

AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:14:45 PM 12/17/2006

+ Scan result:



HKU\S-1-5-21-3114203540-3615075682-2210715209-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A1DDC19-5893-43AB-A73F-F41A0F34D115} -> Adware.Generic : Cleaned with backup (quarantined).
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Addynamix : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Adjuggler : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Adrevolver : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Adrevolver : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Adserver : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Bfast : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Bluestreak : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Burstnet : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Clickbank : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Clickzs : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Clickzs : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Clickzs : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Com : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Coremetrics : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Doubleclick : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Doubleclick : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Euroclick : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Falkag : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Fastclick : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Hitslink : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Hitslink : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Hotlog : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Linksynergy : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Liveperson : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Masterstats : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Mediaplex : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt -> TrackingCookie.Mediaplex : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Onestat : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Overture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Overture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Overture : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Paycounter : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Pointroll : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Qksrv : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Questionmarket : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt -> TrackingCookie.Questionmarket : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Realtracker : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Revenue : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Ru4 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Sexcounter : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Sexlist : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Sextracker : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Sextracker : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Specificclick : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Statcounter : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Tracking101 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt -> TrackingCookie.Tracking101 : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Tradedoubler : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Trafficmp : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Tribalfusion : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt -> TrackingCookie.Tribalfusion : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt -> TrackingCookie.Tribalfusion : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Valuead : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Valuead : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt -> TrackingCookie.Valueclick : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][3].txt -> TrackingCookie.Valueclick : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Weborama : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt -> TrackingCookie.Zedo : Cleaned.
F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt -> TrackingCookie.Zedo : Cleaned.


::Report end

I have followed all the steps that have been given to others and I still keep getting that pop-up, "System alertt; detected virus activity."

Please help?

Thank you,
Roger
  • 0

Advertisements


#2
asoul576

asoul576

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
This is the panda ...

Incident Status Location

Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][3].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Roger Ferguson\Desktop\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Roger Ferguson\Desktop\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][3].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt
Possible Virus. Not disinfected C:\WINDOWS\system32\hjpprpu.dll
Spyware:Cookie/adultfriendfinder Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt
Spyware:Cookie/Apmebf Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/Atwola Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt
Spyware:Cookie/Azjmp Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt
Spyware:Cookie/Belnk Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/Ccbill Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt
Spyware:Cookie/Cgi-bin Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][3].txt
Spyware:Cookie/360i Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/did-it Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/Belnk Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][2].txt
Spyware:Cookie/Humanclick Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/Screensavers Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/DomainSponsor Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/Searchportal Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/Toplist Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/Seeq Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/Xiti Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\roger [email protected][1].txt
Spyware:Cookie/FortuneCity Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][2].txt
Spyware:Cookie/RealMedia Not disinfected F:\Documents and Settings\Roger Ferguson\Cookies\[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][3].txt
Spyware:Cookie/Atwola Not disinfected F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt
Spyware:Cookie/Belnk Not disinfected F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][1].txt
Spyware:Cookie/Belnk Not disinfected F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt
Spyware:Cookie/OfferOptimizer Not disinfected F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt
Spyware:Cookie/RealMedia Not disinfected F:\Documents and Settings\Roger Ferguson\Local Settings\Temp\Cookies\roger [email protected][2].txt
  • 0

#3
Daemon

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Click here to download Pocket Killbox by Option^Explicit. Extract it from the zip file then double-click on Killbox.exe to run it.

Select the Delete on reboot option.

In the 'Full Path of File to Delete' box, copy and paste the following, clicking the 'Delete File' button (red circle with a white X) after pasting:

C:\WINDOWS\system32\hjpprpu.dll

It will prompt you to reboot, press the YES button.

Let me know if that stops it.
  • 0

#4
asoul576

asoul576

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Thank you Sir,

It appears the popup is gone. I do have more questions though if you would please answer them.

My internet explorer is pretty much toasted it just freezes up now. I was thinking about removing and then dowloading it again to fix the issues. Would you recommend I do that?

Also, what would you recommend to restore my windows to it's original operating condition. Should I do a "repair" from my system disks?

I would like to clean the whole computer out of the horrible things I have posted in there. I looked through some of my temporary internet files and I am truly a filthy man. I would like to clean my computer out and leave this situation far behind me.

Please advice me on what programs I could get to protect myself from myself. Maybe a good filter program?

Also, could you please advice me on what to do with all of these tools I have downloaded.

I know have:

Smithfraudfix

AVG

Webroot

Hijackthis

Killbox

I bought webroot and have a one year subscription although I find the thing hinders my startup. Is there a way I can stop it from booting automatically and make it so it only boots when I command it too?

Should I delete the other tools? Maybe best to keep them huh? I do sincerly apreciate your time and I am very greatful for the amount of knowledge you have taken the time and hardwork to acomplish. I would be in pretty big trouble if it weren't for your charity. Truly the trait of a good man.

Please let me know what you think?

THank you,
Roger
  • 0

#5
asoul576

asoul576

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Dear Dave,

I just wanted too assure you Sir that I am greatful enough to offer a donation to the cause. I am a college a student and money is tight but I gave what I could.

You can verify I would imagine and know that I did in fact give a donation for the help.

Thank you kindly.
Roger
  • 0

#6
asoul576

asoul576

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Advise*

I hate spelling stuff wrong haha
  • 0

#7
Daemon

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Roger

I have received the donation - thank you for your support, it is very much appreciated :whistling:

OK, your questions. This little (free) application will remove all traces of historical internet use - can be used as frequently as you wish. Click here to download System Security Suite. Extract it from the zip file into a folder and doubleclick on sss.exe. Check the boxes under the 'Items to Clear' tab and click 'Clear Selected Items'. You will be prompted to reboot, do so.

You can get rid of Smitfraudfix as it is being constantly updated. HJT and Killbox, it's up to you but there is no harm hanging on to them. You should keep Webroot and AVG. They run as services so will add a few seconds to your start up but will give you 'real time' protection. Provided your Norton is up to date, you should be adequately protected.

It's not possible to remove IE from your system and reinstall (I think you can remove the latest version but that will put you back on V6) as it is integral with Windows. As for 'repairing' Windows - that is just for fixing serious problems with the OS, it won't make Windows run like when you first got the machine. Only a reformat and reinstall will do that, but that is a step that needs careful planning as you will lose everything on your system.

You can stop some programs from starting when you boot which may help. In your HijackThis log, all the entries that are prefixed by O4 are the programs that Start when you turn your machine on. If you go here:

http://castlecops.com/StartupList.html

you can check each one individually. Any that have a U or N status then you can decide whether to stop them at Start-up.

To do this, click here to download Spybot Search & Destroy v1.4 - install, update, scan and fix all RED items it finds. Reboot when done. Open the program again, click Mode>Advanced mode>Tools>System Startup and disable the entries you no longer want by clicking the little box so that the checkmark is removed. Do not delete them and don't disable any system start-ups. Reboot. Let me know if this helps.
  • 0

#8
asoul576

asoul576

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Dave,

Thank you. Everything seems to be fine. I now have 5 programs protecting my computer. I don't know how much protection I need but I think I may have too much.

I have: webroot, AVG, Spybot, spyware blaster and Nortons ... protecting.

System security, Highjackthis, and Killbox to help clean.

Am I going to run into a conflict between these programs? I know if you have more than one anti-virus it messes things up I'm not sure about Spyware stuff.

My computer did speed up on startup but as soon as I loaded webroot it created another registry line. The other one was disabled but the new one was fully active. It appears webroot doesn't give you the choice of having it start or not at boot up.

And yeah because I had IE 7 I was able to take that updated version off and then re-install it. The explorer now functions properly. I am pleased about that. Although, it seems the explorer actually has to get permission from the spyware programs before it can run so it seems to hesitate but if I shut them down it pops right up.

If I have to pay the price of a bit of hesitation for the sake of not losing my investments on this in programs and peace of mind then so be it.

Just the one question then. Will having all of these programs running all at once cause an issue?

Thank you Sir and Merry Christmas!

Warm regards,
Roger

Edited by asoul576, 20 December 2006 - 10:52 PM.

  • 0

#9
Daemon

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
If you have them all 'scanning' at the same time as opposed to 'running' it will slow you down, but SpySweeper and AVG are the only two similar ones and they won't conflict. Spybot is an 'on demand' scanner and Spywareblaster makes registry mods so you won't notice those. I actually don't think you have too much - you have layered protection and that's the best approach.

Do you need any further assistance or should I close the topic?
  • 0

#10
asoul576

asoul576

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
You can close the topic.

Christmas is coming and although I am a fool there is a man who was not then and certaintly is not today.

Jesus the man/God was born and for Christmas we celebrate His birth. Be greatful and rejoice the Lord has set us free!

I sin (miss the mark) and I we know the wages of sin is death. Under the law (no other God before Him, no lying, no stealing, honor your parents ... the ten commandments) all people are guilty but because of the blood (In leviticus blood atones for sin) of Jesus we are offered Grace and Mercy ... PARDON from our disobedience.

Rejoice and be thankful this Christmas season for the wonderful thing our God has done!

Thank you my friend and be blessed.

Warm regards,
Roger
  • 0

#11
asoul576

asoul576

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
double posted on accident

Edited by asoul576, 21 December 2006 - 08:36 PM.

  • 0

#12
Daemon

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
You're welcome - glad to help :whistling:

To help keep you clean follow the recommendations in Tony's article here:

So how did I get infected in the first place?

Happy holidays!



As this problem has been resolved the topic will be closed. If you need this topic reopened, please email the moderating team - be sure to include the address of the thread and the name you posted under.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP