This topic is locked
Please help..It took me so long to download AVG and run all of the anti spyware programs before posting these logs because these relentless pop up ads are taking over my computer!!! Any help would be appreciated!!
AVG log:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 7:58:12 PM 1/30/2008
+ Scan result:
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0020228.exe -> Adware.CommAd : Cleaned.
C:\WINDOWS\Downloaded Program Files\vzbb.dll -> Adware.MegaSearch : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\M1C147Q5\tk58[1].exe -> Adware.ZQuest : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0020232.exe -> Adware.ZQuest : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0020242.exe -> Adware.ZQuest : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021251.exe -> Adware.ZQuest : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021261.exe -> Adware.ZQuest : Cleaned.
C:\WINDOWS\tk58.exe -> Adware.ZQuest : Cleaned.
C:\sysvxfc.exe -> Downloader.Agent.dmx : Cleaned.
C:\WINDOWS\b151.exe -> Downloader.Agent.fjn : Cleaned.
C:\sysbmqr.exe -> Downloader.Agent.ftu : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021271.exe -> Downloader.Small.buy : Cleaned.
C:\Program Files\Windows Media Player\zyqokuhde.html -> Hijacker.IFrame.dn : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\2LUZ6FQ1\83122[1].exe -> Hijacker.Small.jf : Cleaned.
C:\Program Files\Windows Media Player\vihivynu.dll -> Hijacker.StartPage : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021265.dll -> Hijacker.StartPage : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021266.dll -> Hijacker.StartPage : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021267.dll -> Hijacker.StartPage : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021268.dll -> Hijacker.StartPage : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021473.dll -> Hijacker.StartPage : Cleaned.
C:\Program Files\ISM\BndDrive3.dll -> Not-A-Virus.Adware.AdBand : Cleaned.
C:\Program Files\ISM\BndDrive6.dll -> Not-A-Virus.Adware.AdBand : Cleaned.
C:\Program Files\ISM\ism.exe -> Not-A-Virus.Adware.Agent : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GZYX27KP\TTC-4444[1].exe -> Not-A-Virus.Adware.TTC : Cleaned.
C:\Program Files\ComPlus Applications\ryvyci4444.dll -> Not-A-Virus.Adware.TTC : Cleaned.
C:\Program Files\ComPlus Applications\ryvyci83122.dll -> Not-A-Virus.Adware.TTC : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0020231.exe -> Not-A-Virus.Adware.TTC : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0020234.dll -> Not-A-Virus.Adware.TTC : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0020241.exe -> Not-A-Virus.Adware.TTC : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0020244.dll -> Not-A-Virus.Adware.TTC : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021250.exe -> Not-A-Virus.Adware.TTC : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021253.dll -> Not-A-Virus.Adware.TTC : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021260.exe -> Not-A-Virus.Adware.TTC : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0021522.dll -> Not-A-Virus.Adware.TTC : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP258\A0022259.exe -> Not-A-Virus.Adware.TTC : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP258\A0022261.dll -> Not-A-Virus.Adware.TTC : Cleaned.
C:\WINDOWS\TTC-4444.exe -> Not-A-Virus.Adware.TTC : Cleaned.
C:\WINDOWS\system32\knis6\enamd83122.exe -> Not-A-Virus.Adware.TTC : Cleaned.
C:\Documents and Settings\Owner\Local Settings\Temp\removalfile.bat -> Not-A-Virus.Adware.Virtumonde : Cleaned.
C:\Program Files\ISM\bndloader.exe -> Not-A-Virus.Downloader.Win32.Agent.q : Cleaned.
C:\Program Files\Network Monitor\netmon.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Abcsearch : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Adtrak : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@pro-market[2].txt -> TrackingCookie.Pro-market : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Searchingbooth : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Top-banners : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\Fifoed\A0020229.vbs -> Trojan.Small : Cleaned.
C:\WINDOWS\uninstall_nmon.vbs -> Trojan.Small : Cleaned.
::Report end
HiJack this log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:08:18 PM, on 1/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\fws.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\system32\lxdkcoms.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\WINDOWS\DOWNLO~1\vzbb.dll (file missing)
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [QdrModule12] "C:\Program Files\QdrModule\QdrModule12.exe"
O4 - HKCU\..\Run: [QdrPack12] "C:\Program Files\QdrPack\QdrPack12.exe"
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.imageservr.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.storageguardsoft.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O15 - Trusted Zone: *.imageservr.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.storageguardsoft.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O21 - SSODL: KbdVolume - {e8b77ec8-465a-40a4-8183-16925a8cc28b} - C:\WINDOWS\Installer\{e8b77ec8-465a-40a4-8183-16925a8cc28b}\KbdVolume.dll
O21 - SSODL: zip - {153b0fc1-810b-4ac5-849b-9e41c95c0f25} - C:\WINDOWS\Installer\{153b0fc1-810b-4ac5-849b-9e41c95c0f25}\zip.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxdkCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdkserv.exe
O23 - Service: lxdk_device - - C:\WINDOWS\system32\lxdkcoms.exe
O23 - Service: Intel NCS NetService (NetSvc) - Unknown owner - c:\Program Files\Intel\NCS\Sync\NetSvc.exe (file missing)
O23 - Service: (Network Monitor) - Unknown owner - C:\WINDOWS\.exe (file missing)
O23 - Service: Verizon Internet Security Suite Firewall (RP_FWS) - Radialpoint Inc. - C:\Program Files\Verizon\Verizon Internet Security Suite\fws.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\Windows Media Player\zyqokuhde.html
--
End of file - 4653 bytes
thanks,
alisha
Sign In
Create Account
