Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win32.WinAd.T and variants thereof... [CLOSED]

Started by smallbeer , May 27 2005 08:15 AM

  • This topic is locked This topic is locked

#1
smallbeer
Posted 27 May 2005 - 08:15 AM

smallbeer

    New Member

  • Member
  • Pip
  • 4 posts
Hi, two days of trying to rid my machine of these things have left me slightly frustrated. Any help you can give would be great. My log...

Logfile of HijackThis v1.99.1
Scan saved at 15:03:47, on 27/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\WINDOWS\system32\p2pnetworking.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org1.1.4\program\soffice.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\PROGRA~1\SPYWAR~1\swdoctor.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\Desktop\hijackthis\HijackThis.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\Documents and Settings\[email protected]\rebates.exe
C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP34.tmp\toolbar.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.massive.co.uk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\Program Files\Zend\ZendStudioClient-4.0.1\bin\ZendIEToolbar.dll
O3 - Toolbar: ISTbar - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - C:\Program Files\ISTbar\istbarcm.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [WinInet] winis.exe
O4 - HKLM\..\Run: [winupdate] C:\Program Files\winupdate\winupdate.exe /auto
O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\Run: [p2pnetworking] p2pnetworking.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [adqhytkr] C:\WINDOWS\adqhytkr.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\RunServices: [WinInet] winis.exe
O4 - HKLM\..\RunServices: [p2pnetworking] p2pnetworking.exe
O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP000.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup1] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP001.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup2] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP002.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup3] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP003.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup4] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP004.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup5] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP005.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup6] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP006.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup7] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP007.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup8] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP008.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup9] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP009.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup10] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP010.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup11] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP011.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup12] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP012.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup13] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP013.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup14] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP014.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup15] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP015.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup16] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP016.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup17] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP017.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup18] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP018.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup19] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP019.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup20] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP020.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup21] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP021.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup22] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP022.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup23] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP023.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup24] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP024.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup25] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP025.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup26] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP026.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup27] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP027.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup28] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP028.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup29] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP029.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup30] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP030.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup31] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP031.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup32] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP032.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup33] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP033.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup34] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP034.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup35] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP035.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup36] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP036.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup37] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP037.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup38] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP038.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup39] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP039.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup40] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP040.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup41] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP041.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup42] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP042.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup43] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP043.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup44] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP044.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup45] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP045.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup46] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP046.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup47] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP047.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup48] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP048.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup49] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP049.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup50] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP050.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup51] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP051.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup52] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP052.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup53] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP053.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup54] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP054.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup55] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP055.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup56] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP056.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup57] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP057.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup58] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP058.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup59] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP059.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup60] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP060.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup61] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP061.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup62] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP062.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup63] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP063.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup64] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP064.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup65] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP065.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup66] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP066.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup67] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP067.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup68] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP068.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup69] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP069.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup70] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP070.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup71] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP071.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup72] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP072.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup73] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP073.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup74] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP074.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup75] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP075.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup76] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP076.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup77] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP077.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup78] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP078.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup79] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP079.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup80] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP080.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup81] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP081.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup82] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP082.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup83] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP083.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup84] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP084.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup85] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP085.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup86] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP086.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup87] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP087.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup88] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP088.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup89] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP089.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup90] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP090.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup91] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP091.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup92] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP092.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup93] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP093.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup94] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP094.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup95] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP095.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup96] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP096.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup97] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP097.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup98] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP098.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup99] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP099.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup100] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP100.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup101] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP101.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup102] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP102.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup103] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP103.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup104] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP104.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup105] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP105.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup106] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP106.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup107] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP107.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup108] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP108.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup109] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP109.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup110] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP110.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup111] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP111.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup112] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP112.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup113] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP113.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup114] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP114.TMP\"
O4 - HKLM\..\RunOnce: [wextract_cleanup115] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP115.TMP\"
O4 - HKL
  • 0

Advertisements

#2
Metallica
Posted 31 May 2005 - 03:31 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
*Click Here to download Killbox by Option^Explicit.
*Extract the program to your desktop and double-click on its folder, then double-click on Killbox.exe to start the program.
*In the killbox program, select the Delete on Reboot option.
* Select this file to be deleted:
C:\Documents and Settings\[email protected]\rebates.exe
*Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.

You will probably get some errors when you reboot. Don't worry we'll take care of those.

Check the items listed below in HijackThis, close all windows except HijackThis and click Fix checked:

O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll

O3 - Toolbar: ISTbar - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - C:\Program Files\ISTbar\istbarcm.dll

O4 - HKLM\..\Run: [WinInet] winis.exe
O4 - HKLM\..\Run: [winupdate] C:\Program Files\winupdate\winupdate.exe /auto
O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\Run: [p2pnetworking] p2pnetworking.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [adqhytkr] C:\WINDOWS\adqhytkr.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\RunServices: [WinInet] winis.exe
O4 - HKLM\..\RunServices: [p2pnetworking] p2pnetworking.exe

+ {all these}

O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\JAMIE@~1.UK\LOCALS~1\Temp\IXP000.TMP\"

Reboot into safe mode and delete:
C:\Program Files\Power Scan <= entire folder
c:\program files\180solutions <= entire folder
C:\Program Files\ISTsvc <= entire folder

Then (still in safe mode) use the Disk Cleanup Utility to empty all your Temp folders.

Boot back to nromal and post a new HijackThis log.

Regards,
  • 0

#3
smallbeer
Posted 31 May 2005 - 04:03 AM

smallbeer

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Thanks for the reply. I've done as you asked, my new log file is below. Seems better so far.

Logfile of HijackThis v1.99.1
Scan saved at 11:00:22, on 31/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org1.1.4\program\soffice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\[email protected]\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.massive.co.uk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\Program Files\Zend\ZendStudioClient-4.0.1\bin\ZendIEToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudioClient-4.0.1\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudioClient-4.0.1\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.cclcomputers.co.uk
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuke...erInstaller.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.c...ers/play365.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{32570D55-C9AB-4C5F-9529-A753ED2A71ED}: NameServer = 62.31.144.39,195.188.53.175
O17 - HKLM\System\CS1\Services\Tcpip\..\{32570D55-C9AB-4C5F-9529-A753ED2A71ED}: NameServer = 62.31.144.39,195.188.53.175
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
  • 0

#4
Metallica
Posted 31 May 2005 - 04:26 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Your log looks much better indeed. :tazz:

Check the items listed below in HijackThis, close all windows except HijackThis and click Fix checked:

O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)

O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuke...erInstaller.exe

If there is a entry for SideFind under Add/Remove Software I'd advise you to use it.

And if you can find this file:
C:\WINDOWS\system32\p2pnetworking.exe
Delete it.

Let me know how your computer is behaving.

Regards,
  • 0

#5
smallbeer
Posted 31 May 2005 - 04:45 AM

smallbeer

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
OK so I've done that.

Managed to remove SideFind and couple of others in Add/Remove Programs but there is still one called "SlotchBar" which does nothing when I click "Change/Remove".

I couldn't find p2pnetworking.exe.

Everything seems to be working ok again as far as I can see.

Many thanks for this Pieter...a great service you're all providing here :tazz:
  • 0

#6
Metallica
Posted 31 May 2005 - 04:49 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Be glad that Slotchbar didn't work :tazz:

In HijackThis click Config > Misc Tools > Open Uninstall Manager > in the list find and select the slotchbar entry and click Delete this entry.

Please have a look at my site for some tips on how to remove and prevent spyware.

Regards,
  • 0

#7
Kat
Posted 26 August 2005 - 01:36 AM

Kat

    Retired

  • Retired Staff
  • 19,711 posts
  • MVP
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP