Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My Control Panel Vaporized

Started by volindistress , Jan 26 2008 10:30 AM

  • Please log in to reply

#1
volindistress
Posted 26 January 2008 - 10:30 AM

volindistress

    New Member

  • Member
  • Pip
  • 4 posts
My initial problem was my control panel disappeared.
I followed your tutorials and have apparently repaired my system.
Everything is working without a hitch so far. I had many trojan, purity, and highjacker
problems along with assorted viruses. I am providing an am providing a High jack this ComboFix and AVG spy ware
scan as requested. I appreciate all your help.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:10:17 AM, on 1/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.top-banne...to.php?id=VSLYL
O2 - BHO: (no name) - {25FBDE86-663B-42CF-B7B5-C3C3267BFD82} - \
O2 - BHO: (no name) - {350F3909-1252-45FE-9487-871A4E35DBA1} - \
O2 - BHO: (no name) - {508c059d-fa9a-415c-af2a-cf423a656f9d} - C:\WINDOWS\system32\ompgttr.dll (file missing)
O2 - BHO: (no name) - {5E62F47A-5232-4DDF-AD35-30644CD67AB8} - \
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B1E73F4B-BC9F-4416-91FE-C09EB3CDA331} - \
O2 - BHO: (no name) - {C9983E56-ABCF-D94E-E82E-F08A42F32FC0} - C:\WINDOWS\system32\ryiv.dll (file missing)
O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-1.dll (file missing)
O2 - BHO: (no name) - {F81B9C80-0E19-4F0F-B78E-70D141B540FA} - C:\Program Files\ComPlus Applications\mesowidy4444.dll (file missing)
O2 - BHO: (no name) - {F98A6595-5A40-4F4F-A046-323B925D7F1C} - \
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mebemu] C:\Program Files\Windows NT\mebemu77798.exe
O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKUS\S-1-5-21-3683455017-3248437449-1359331470-1009\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-3683455017-3248437449-1359331470-1016\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'DADADMIN')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - S-1-5-21-3683455017-3248437449-1359331470-1009 Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (User '?')
O4 - S-1-5-21-3683455017-3248437449-1359331470-1009 Startup: Registration .LNK = C:\Program Files\Ubisoft\Telltale Games\CSI-3 Dimensions of Murder\Registration\RegistrationReminder.exe (User '?')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\scieplugin.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip....tgameloader.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://activation.rr...ads/tgctlcm.cab
O16 - DPF: {09C6CAC0-936E-40A0-BC26-707480103DC3} - http://uproar.com/ap...pside_web18.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Big City Adventure\Images\stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...p1.0.0.15-3.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip....pGameLoader.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1005.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.pw.a...77/mcinsctl.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.updat...b?1201198014843
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1201233512250
O16 - DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} (Abx(gh) Control) - http://aolsvc.aol.co...eball/abxgh.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.pw.a...,18/mcgdmgr.cab
O16 - DPF: {C852B12E-3F08-4099-AF8E-32FD327B88EA} (msnloader Class) - http://rockstar.mess...om/rockstar.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Big City Adventure\Images\armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.game...aploader_v6.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://winfixer.com/...nnerInstall.cab
O20 - AppInit_DLLs: C:\PROGRA~1\DEFEND~1\DEFEND~1.0\adialhk.dll
O20 - Winlogon Notify: efccdcb - efccdcb.dll (file missing)
O20 - Winlogon Notify: efcdeef - efcdeef.dll (file missing)
O20 - Winlogon Notify: fccbxvw - fccbxvw.dll (file missing)
O20 - Winlogon Notify: hgghged - hgghged.dll (file missing)
O20 - Winlogon Notify: nnnkkjh - nnnkkjh.dll (file missing)
O20 - Winlogon Notify: rqrqpop - rqrqpop.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Defender Pro Internet Security (AVP) - Defender Pro - C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe (file missing)
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe (file missing)
O23 - Service: Spyware Terminator Clam Service (sp_clamsrv) - Crawler.com - C:\Program Files\WinClamAVShield\sp_clamsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 11694 bytes


ComboFix 08-01-23.1C - Ean 2008-01-25 9:23:26.2 - NTFSx86
Running from: C:\Documents and Settings\Ean\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\check_LSA7.txt
C:\Documents and Settings\All Users\Application Data\salesmonitor
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\Abbr
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\ProductCode
C:\Documents and Settings\HP_Owner\Application Data\WinAntiSpyware 2007
C:\Documents and Settings\HP_Owner\Application Data\WinAntiSpyware 2007\Logs\update.log
C:\Documents and Settings\HP_Owner\err.log
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon
C:\Documents and Settings\NetworkService\Application Data\NetMon\domains.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon\log.txt
C:\Program Files\Common Files\crosof~1.net
C:\Program Files\Common Files\download
C:\Program Files\Common Files\inetget
C:\Program Files\Common Files\inetget2
C:\Program Files\Common Files\inetget2\mc-67-525-0000166.exe
C:\Program Files\Common Files\winantispyware 2007
C:\Program Files\Common Files\WinAntiSpyware 2007\err.log
C:\Program Files\Common Files\windows
C:\Program Files\Common Files\windows\AutoIt3.exe
C:\Program Files\Common Files\windows\psapi.dll
C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
C:\Program Files\Common Files\Yazzle1549OinUninstaller.exe
C:\Program Files\E404 Helper
C:\Program Files\fnts~1
C:\Program Files\Insider
C:\Program Files\internet explorer\msimg32.dll
C:\Program Files\ISM2
C:\Program Files\ISM2\dictionary.gz
C:\Program Files\ISM2\ISMPack7.exe
C:\Program Files\ISM2\targets.gz
C:\Program Files\network monitor
C:\Program Files\outlook
C:\Program Files\sembly~1
C:\Program Files\Temporary
C:\Program Files\WinAble
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\temp\tn3
C:\Temp\xOe
C:\Temp\xOe\tOasF.log
C:\WINDOWS\cookies.ini
C:\WINDOWS\Downloaded Program Files\UERT_0001_D22M0110NetInstaller.exe
C:\WINDOWS\Downloaded Program Files\UWAS7_0001_N99M3108NetInstaller.exe
C:\WINDOWS\IA
C:\WINDOWS\system32\b1
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\f3PSSavr.scr
C:\WINDOWS\system32\fnqtxodp.ini
C:\WINDOWS\system32\hoolbppo.ini
C:\WINDOWS\system32\ldpackage.dll
C:\WINDOWS\system32\lqonwjio.dll
C:\WINDOWS\system32\m2
C:\WINDOWS\system32\mantec~1
C:\WINDOWS\system32\mantec~1\??mantec\
C:\WINDOWS\system32\model.dat
C:\WINDOWS\system32\oijwnoql.ini
C:\WINDOWS\system32\oppblooh.dll
C:\WINDOWS\system32\p1
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pdoxtqnf.dll
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\s9
C:\WINDOWS\system32\silc_dll.dll
C:\WINDOWS\system32\v2
C:\WINDOWS\system32\vMW02a
C:\WINDOWS\system32\vMW10a
C:\WINDOWS\system32\winnb58.dll
C:\WINDOWS\system32\ydwncfpa.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_FOPN
-------\LEGACY_NETWORK_MONITOR
-------\ApiMon
-------\DomainService


((((((((((((((((((((((((( Files Created from 2007-12-25 to 2008-01-25 )))))))))))))))))))))))))))))))
.

2008-01-25 09:14 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-25 06:51 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-01-25 06:51 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-01-25 06:39 . 2008-01-25 06:39 14,113,576 --a------ C:\avgas-setup-7.5.1.43-3339.exe
2008-01-25 05:42 . 2008-01-25 05:42 18,990,336 --a------ C:\CFP_Setup_3.0.15.277_XP_Vista_x64.exe
2008-01-24 23:11 . 2008-01-24 23:11 <DIR> d-------- C:\Program Files\SpywareBot
2008-01-24 23:11 . 2008-01-24 23:11 3,028,800 --a------ C:\setupxv.exe
2008-01-24 23:00 . 2008-01-24 23:00 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-24 19:49 . 2008-01-24 19:49 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-24 19:46 . 2008-01-24 19:47 20,907,376 --a------ C:\aaw2007.exe
2008-01-24 19:33 . 2008-01-24 19:33 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-24 19:01 . 2008-01-24 19:01 <DIR> d-------- C:\Program Files\Defender Pro
2008-01-24 16:41 . 2008-01-24 16:41 <DIR> d--hs---- C:\GA6P1
2008-01-24 16:33 . 2008-01-24 17:03 <DIR> d-------- C:\Program Files\AlfaAntivirus
2008-01-24 16:33 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-01-24 16:21 . 2008-01-24 16:28 2,950 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-24 16:20 . 2008-01-24 16:20 1,129,580 --a------ C:\SmitfraudFix.exe
2008-01-24 16:20 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-24 16:20 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-24 16:20 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-24 16:20 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-01-24 16:20 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-24 16:20 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-24 14:04 . 2008-01-24 14:04 1,242,416 --a------ C:\install_en.exe
2008-01-17 11:37 . 2008-01-17 11:37 <DIR> d-------- C:\Program Files\PlayMP3z
2008-01-17 11:37 . 2008-01-17 12:17 <DIR> d-------- C:\Program Files\BrowsingAdvisor
2008-01-06 19:55 . 2008-01-06 19:55 <DIR> d-------- C:\Program Files\FLV Player
2008-01-06 19:54 . 2008-01-08 01:01 <DIR> d-------- C:\Program Files\Quick Flash Player
2007-12-31 17:01 . 2007-12-31 17:01 <DIR> d-------- C:\Program Files\Common Files\DirectX
2007-12-26 15:59 . 2007-12-26 15:59 <DIR> d-------- C:\Program Files\Guitar Pro 5
2007-12-25 12:37 . 2008-01-25 09:44 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-25 12:37 . 2007-12-25 12:37 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-25 09:51 . 2008-01-25 05:50 <DIR> d--hs---- C:\found.000

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-25 10:50 --------- d-----w C:\Program Files\Incomplete
2008-01-14 00:46 --------- d-----w C:\Program Files\Spyware Terminator
2008-01-07 00:31 --------- d-----w C:\Program Files\HP Games
2007-12-30 14:24 --------- d-----w C:\Program Files\Crawler
2007-12-22 18:43 --------- d-----w C:\Program Files\Java
2007-12-13 00:05 --------- d-----w C:\Program Files\Lugaru
2007-12-07 18:54 --------- d-----w C:\Program Files\EMR
2007-12-06 22:20 --------- d-----w C:\Program Files\BraveTree
2007-12-06 20:08 --------- d-----w C:\Program Files\LimeWire
2007-12-05 02:53 --------- d-----w C:\Program Files\NovaLogic
2007-12-01 19:00 --------- d-----w C:\Program Files\Free iPod Video Converter
2007-11-30 00:04 --------- d-----w C:\Program Files\E404DHelper
2007-10-04 09:46 142 ----a-w C:\Program Files\page.html
2006-12-24 00:00 774,144 -c--a-w C:\Program Files\RngInterstitial.dll
2006-12-03 01:05 2,522 ----a-w C:\Program Files\func.js
2006-11-25 07:57 482 ----a-w C:\Program Files\Del.js
2006-06-08 07:02 2,048 ----a-w C:\Program Files\func.exe
2007-10-22 13:27 6,465 --sh--w C:\WINDOWS\system32\aybeg.bak1
2007-10-16 19:45 6,473 --sh--w C:\WINDOWS\system32\egjlm.bak1
2007-10-20 01:07 640,259 --sh--w C:\WINDOWS\system32\gfhkj.bak1
2007-10-22 11:58 6,513 --sh--w C:\WINDOWS\system32\gjkmp.bak2
2007-10-16 22:08 6,473 --sh--w C:\WINDOWS\system32\hhkmp.bak1
2007-10-03 00:05 6,473 --sh--w C:\WINDOWS\system32\jjllm.bak1
2007-10-15 19:36 628,147 --sh--w C:\WINDOWS\system32\jjllm.bak2
2007-10-22 12:21 6,465 --sh--w C:\WINDOWS\system32\qqstv.bak1
2007-06-15 16:43 1,827,811 -csh--w C:\WINDOWS\system32\xbadd.bak1
2007-06-18 00:07 1,818,557 -csh--w C:\WINDOWS\system32\xbadd.bak2
2007-06-18 00:09 1,810,087 -csh--w C:\WINDOWS\system32\xbadd.ini2
2007-10-15 19:41 628,091 --sh--w C:\WINDOWS\system32\yybeg.bak1
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25FBDE86-663B-42CF-B7B5-C3C3267BFD82}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26E45419-7205-4fac-BBFE-174BC7337A79}]
2007-10-17 07:44 155648 --a------ C:\WINDOWS\system32\nsa1B7.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{350F3909-1252-45FE-9487-871A4E35DBA1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{508c059d-fa9a-415c-af2a-cf423a656f9d}]
C:\WINDOWS\system32\ompgttr.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5E62F47A-5232-4DDF-AD35-30644CD67AB8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B1E73F4B-BC9F-4416-91FE-C09EB3CDA331}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C9983E56-ABCF-D94E-E82E-F08A42F32FC0}]
C:\WINDOWS\system32\ryiv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F1E96EDC-E0C8-BE98-1F15-C29DBED83B53}]
C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F81B9C80-0E19-4F0F-B78E-70D141B540FA}]
C:\Program Files\ComPlus Applications\mesowidy4444.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F98A6595-5A40-4F4F-A046-323B925D7F1C}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-10-29 14:34 171448]
"SpywareBot"="C:\Program Files\SpywareBot\SpywareBot.exe" [2008-01-24 17:22 6362352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 22:02 61440]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [ ]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 19:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 13:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-07 15:55 267064]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"mebemu"="C:\Program Files\Windows NT\mebemu77798.exe" [ ]
"MP10_EnsureFileVer"="C:\WINDOWS\inf\unregmp2.exe" [2004-08-04 14:00 208896]
"VTTimer"="VTTimer.exe" [2005-03-08 03:33 53248 C:\WINDOWS\system32\VTTimer.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-20 18:56 579072]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25 6731312]
"RegistryMechanic"="" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-22 18:29 219136]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efccdcb]
efccdcb.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efcdeef]
efcdeef.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccbxvw]
fccbxvw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgghged]
hgghged.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnkkjh]
nnnkkjh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqrqpop]
rqrqpop.dll

.
Contents of the 'Scheduled Tasks' folder
"2007-10-22 01:56:42 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-10-19 01:09:30 C:\WINDOWS\Tasks\HP Diagnostic Assistant.job"
- C:\PROGRA~1\HP\DIAGNO~1\bin\hprbevwr.exe
"2007-10-19 01:04:43 C:\WINDOWS\Tasks\HP PC System Recovery.job"
- C:\WINDOWS\SMINST\START.EXE
"2007-10-22 01:57:17 C:\WINDOWS\Tasks\New Task.job"
"2008-01-25 14:44:52 C:\WINDOWS\Tasks\SpywareBot Scheduled Scan.job"
- C:\Program Files\SpywareBot\SpywareBot.ex
- C:\Program Files\SpywareBot
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-25 09:44:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-25 9:49:02 - machine was rebooted [Ean]
ComboFix-quarantined-files.txt 2008-01-25 14:48:58
.
2008-01-24 02:48:43 --- E O F ---


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:02:38 AM 1/25/2008

+ Scan result:



C:\Documents and Settings\HP_Owner\Local Settings\Temp\tem11.tmp.exe -> Adware.Mirar : Ignored.
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP863\A0270733.exe -> Downloader.PurityScan.ey : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP842\A0266378.dll -> Dropper.Agent.ctx : Ignored.
C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\J2U5A6K0\pzxsdrefdytpoiuulivcwe[1].htm -> Dropper.Small.j : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP846\A0269513.exe -> Dropper.VB.lu : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP846\A0269514.exe -> Dropper.VB.lu : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP858\A0270586.exe -> Dropper.VB.lu : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP843\A0267410.exe -> Heuristic.Win32.Dialer : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP845\A0269473.exe -> Heuristic.Win32.Dialer : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP845\A0269472.exe -> Hijacker.Agent.hz : Ignored.
C:\Program Files\func.exe -> Hijacker.Small.jf : Ignored.
C:\Program Files\func.js -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP813\A0247607.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP813\A0248607.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP813\A0249619.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP814\A0249640.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP814\A0249650.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP814\A0249661.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP815\A0249675.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP841\A0265366.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP841\A0265378.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP842\A0267395.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP845\A0269471.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP846\A0269508.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP847\A0269556.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP848\A0269577.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP850\A0269644.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP850\A0269665.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP850\A0269678.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP851\A0269699.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP855\A0269906.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP855\A0269927.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP856\A0270055.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP858\A0270603.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP858\A0270644.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP858\A0270654.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270676.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270677.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270678.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270694.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP863\A0270721.exe -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270701.dll -> Not-A-Virus.Adware.AdBand : Ignored.
C:\Documents and Settings\HP_Owner\Shared\adobe flash player.zip/Setup.exe -> Not-A-Virus.Adware.Agent : Ignored.
C:\Program Files\PlayMP3z\PlayMP3.exe -> Not-A-Virus.Adware.Agent : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270700.dll -> Not-A-Virus.Adware.Agent : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270702.exe -> Not-A-Virus.Adware.Agent : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270703.exe -> Not-A-Virus.Adware.Agent : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270696.dll -> Not-A-Virus.Adware.BHO : Ignored.
C:\WINDOWS\system32\nsa1B7.dll -> Not-A-Virus.Adware.BHO : Ignored.
C:\Documents and Settings\HP_Owner\Local Settings\Temp\mit12.tmp.cab/Mirar_VC_Setup_876933.exe -> Not-A-Virus.Adware.Mirar : Ignored.
C:\RECYCLER\S-1-5-21-3683455017-3248437449-1359331470-1015\Dc1298.tmp/Mirar_VC_Setup_876933.exe -> Not-A-Virus.Adware.Mirar : Ignored.
C:\Documents and Settings\HP_Owner\Shared\[Full] guitar pro 5 with Bonus.zip/setup.exe -> Not-A-Virus.Adware.NewWeb : Ignored.
C:\Program Files\Common Files\Yazzle1549OinUninstaller.exe -> Not-A-Virus.Adware.PurityScan : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270679.exe -> Not-A-Virus.Adware.PurityScan : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270695.dll -> Not-A-Virus.Adware.PurityScan : Ignored.
C:\WINDOWS\system32\gldnbsll.dll -> Not-A-Virus.Adware.PurityScan : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270697.exe -> Not-A-Virus.Adware.TTC : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270698.exe -> Not-A-Virus.Adware.TTC : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270699.exe -> Not-A-Virus.Adware.TTC : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270704.exe -> Not-A-Virus.Downloader.Win32.Agent.q : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP859\A0270680.exe -> Not-A-Virus.Downloader.Win32.UltimateFix.e : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP863\A0270756.exe -> Not-A-Virus.Downloader.Win32.WinFixer.cr : Ignored.
C:\install_en.exe -> Not-A-Virus.Downloader.Win32.WinFixer.cr : Ignored.
C:\WINDOWS\Downloaded Program Files\UWAS7_0001_N99M3108NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.247realmedia : Ignored.
C:\Documents and Settings\Ean\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@aavalue[1].txt -> TrackingCookie.Aavalue : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Aavalue : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Aavalue : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Abcsearch : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adbrite[1].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Addynamix : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Adengage : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adrevolver[1].txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Adtrak : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@advertising[1].txt -> TrackingCookie.Advertising : Ignored.
C:\Documents and Settings\Ean\Cookies\ean@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@burstnet[1].txt -> TrackingCookie.Burstnet : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@casalemedia[2].txt -> TrackingCookie.Casalemedia : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Clickzs : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@commission-junction[2].txt -> TrackingCookie.Commission-junction : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Coremetrics : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dealtime[1].txt -> TrackingCookie.Dealtime : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Dealtime : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Directnetadvertising : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@doubleclick[2].txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@enhance[2].txt -> TrackingCookie.Enhance : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fastclick[2].txt -> TrackingCookie.Fastclick : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@findwhat[1].txt -> TrackingCookie.Findwhat : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Gemius : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@goclick[2].txt -> TrackingCookie.Goclick : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Hitslink : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Hitslink : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hotlog[2].txt -> TrackingCookie.Hotlog : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@info[1].txt -> TrackingCookie.Info : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Information : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Liveperson : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][3].txt -> TrackingCookie.Liveperson : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediaplex[2].txt -> TrackingCookie.Mediaplex : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Myaffiliateprogram : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Onestat : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@overture[1].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@pro-market[2].txt -> TrackingCookie.Pro-market : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Pstats : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@questionmarket[1].txt -> TrackingCookie.Questionmarket : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@realmedia[1].txt -> TrackingCookie.Realmedia : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Revenue : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@revsci[2].txt -> TrackingCookie.Revsci : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@statcounter[1].txt -> TrackingCookie.Statcounter : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Top-banners : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Tracking101 : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@trafficmp[1].txt -> TrackingCookie.Trafficmp : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@weborama[1].txt -> TrackingCookie.Weborama : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> TrackingCookie.Webtrends : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@yadro[1].txt -> TrackingCookie.Yadro : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Ignored.
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@zedo[1].txt -> TrackingCookie.Zedo : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP828\A0254983.exe -> Trojan.Zbot.co : Ignored.
C:\System Volume Information\_restore{E7B21304-9105-4D9D-AFAC-E7088FDCC6A0}\RP828\A0254984.exe -> Trojan.Zbot.co : Ignored.


::Report end
  • 0

Advertisements

#2
volindistress
Posted 27 January 2008 - 06:03 PM

volindistress

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
HOLD THE PHONE !!!!!!!
I do not believe my spyware programs are working.
I'll be sending another hijack this log.
I need help.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP