Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

psguard removal


  • Please log in to reply

#1
babyj_3205

babyj_3205

    New Member

  • Member
  • Pip
  • 1 posts
Hi, i have somehow gotten psguard on my computer. i ran windows in safe mode, did an ad aware scan, removed everything it came up with and restarted my computer. next i did the panda scan and the hijackthis. here are my two logs if someone can help me to figure out what ones to fix to get rid of this that would be great. thanks jennifer


Logfile of HijackThis v1.99.1
Scan saved at 1:21:33 AM, on 8/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\McAfee.com\VSO\mcshield.exe
C:\WINDOWS\etb\pokapoka62.exe
C:\WINDOWS\System32\apisvc.exe
C:\WINDOWS\sjeodll.EXE
C:\WINDOWS\System32\apisvc.exe
C:\WINDOWS\sjeoenc.EXE
C:\WINDOWS\System32\intel32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\freecell.exe
C:\WINDOWS\system32\mshearts.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\mshearts.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Documents and Settings\jamesandjennifer\Local

Settings\Temp\Temporary Directory 1 for

hijackthis[2].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =

Internet Explorer Provided by Cox High Speed Internet
R3 - Default URLSearchHook is missing
O1 - Hosts: localhost 127.0.0.1
O4 - HKLM\..\Run: [MSConfig]

C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [System service62] C:\WINDOWS\etb\pokapoka62.exe
O4 - HKLM\..\Run: [apisvc.exe] C:\WINDOWS\System32\apisvc.exe
O4 - HKLM\..\Run: [sjeodll] C:\WINDOWS\sjeodll.EXE
O4 - HKLM\..\Run: [sjeoenc] C:\WINDOWS\sjeoenc.EXE
O4 - HKLM\..\Run: [intel32.exe] C:\WINDOWS\System32\intel32.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKLM\..\Run: [MCUpdateExe]

C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\RunServices: [p2pnetworking] p2pnetworking.exe
O4 - HKLM\..\RunOnce: [Panda_cleaner_39194]

C:\WINDOWS\System32\ActiveScan\pavdr.exe 39194
O8 - Extra context menu item: &Google Search - res://c:\program

files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program

Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program

files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -

res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program

files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program

files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program

Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program

Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} -

C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -

{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program

Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\MSMSGS.EXE
O16 - DPF: JT's Blocks -

http://download.game...ts/y/blt1_x.cab
O16 - DPF: Tornado 21 -

http://download.game...s/y/t21t0_x.cab
O16 - DPF: Yahoo! Chat -

http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: Yahoo! Dominoes -

http://download.game...ts/y/dot8_x.cab
O16 - DPF: Yahoo! Klondike Solitaire -

http://presence.game...og/y/ks12_x.cab
O16 - DPF: Yahoo! MahJong Solitaire -

http://download.game...s/y/mjst4_x.cab
O16 - DPF: Yahoo! Pool 2 -

http://download.game...ts/y/pote_x.cab
O16 - DPF: Yahoo! Pyramids -

http://download.game...ts/y/pyt1_x.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -

http://www.mysticcol...sticActivia.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer

Class) - http://www.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}

(MsnMessengerSetupDownloadControl Class) -

http://messenger.msn...pDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object)

-

http://download.game...huzzle/popcaplo

ader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control

4.5) - http://chat.msn.com/...s/msnchat45.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{0510875F-8BD7-45D4-AABA-CAB77C9BEE80

}: NameServer = 195.95.218.1,85.255.112.7
O17 -

HKLM\System\CCS\Services\Tcpip\..\{716AE673-9B42-4951-A057-E6FD218C5662

}: NameServer = 195.95.218.1,85.255.112.7
O17 -

HKLM\System\CS1\Services\Tcpip\..\{0510875F-8BD7-45D4-AABA-CAB77C9BEE80

}: NameServer = 195.95.218.1,85.255.112.7
O17 -

HKLM\System\CS2\Services\Tcpip\..\{0510875F-8BD7-45D4-AABA-CAB77C9BEE80

}: NameServer = 195.95.218.1,85.255.112.7
O17 -

HKLM\System\CS3\Services\Tcpip\..\{0510875F-8BD7-45D4-AABA-CAB77C9BEE80

}: NameServer = 195.95.218.1,85.255.112.7
O23 - Service: Adobe LM Service - Unknown owner - C:\Program

Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner -

C:\Program Files\McAfee.com\VSO\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) -

Networks Associates Technology, Inc -

C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) -

Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA

Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Windows VisFx Components - Unknown owner -

C:\WINDOWS\moqwsvc.exe (file missing)



PANDA SCAN LOG



Incident Status Location

Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\132276_2596_1484_1540_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\2032198_2596_1484_2564_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\262604_2596_1484_2432_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\262590_2596_1484_708_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\2687550_2596_1484_320_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\2228862_2596_1484_1000_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\2556478_2596_1484_1332_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\2097790_2596_1484_2212_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\2425406_2596_1484_2124_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\1966718_2596_1484_2080_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\2294334_2596_1484_1736_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\1835646_2596_1484_1676_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\1245848_2596_1484_1656_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\1180230_2596_1484_140_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\1114694_2596_1484_4048_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\1442366_2596_1484_3936_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\590406_2596_1484_3860_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\786844_2596_1484_3792_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\1245796_2596_1484_3636_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\197286_2596_1484_3468_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\10813968_2596_1484_3268_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\328092_2596_1484_3168_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\393864_2596_1484_3000_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\197034_2596_1484_2728_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\196972_2596_1484_2708_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\196922_2596_1484_2636_62.41.tmp
Adware:Adware/PsGuard No disinfected C:\WINDOWS\System32\intel32.exe
Adware:Adware/EliteBar No disinfected C:\WINDOWS\etb\pokapoka62.exe
Adware:Adware/EliteBar No disinfected C:\DOCUME~1\JAMESA~1\LOCALS~1\Temp\262314_1728_1484_1568_62.41.tmp
Virus:W32/Smitfraud.C Disinfected Operating system
Adware:adware/consumeralertsystemNo disinfected C:\DOCUMENTS AND SETTINGS\JAMESANDJENNIFER\LOCAL SETTINGS\TEMP\cassetup.exe
Adware:adware/kingporn No disinfected C:\DOCUMENTS AND SETTINGS\JAMESANDJENNIFER\LOCAL SETTINGS\TEMP\ExtractDLL.dll
Adware:adware/wupd No disinfected C:\DOCUMENTS AND SETTINGS\JAMESANDJENNIFER\LOCAL SETTINGS\TEMP\MediaAccessInstPack.exe
Adware:adware/pacimedia No disinfected C:\DOCUMENTS AND SETTINGS\JAMESANDJENNIFER\LOCAL SETTINGS\TEMP\pcs_0005.exe
Adware:adware/psguard No disinfected C:\DOCUMENTS AND SETTINGS\JAMESANDJENNIFER\LOCAL SETTINGS\TEMP\PSGuardInstall.exe
Spyware:spyware/surfsidekick No disinfected C:\DOCUMENTS AND SETTINGS\JAMESANDJENNIFER\LOCAL SETTINGS\TEMP\SSK3_B5 Seedcorn 4.exe
Adware:adware/virtualbouncer No disinfected C:\DOCUMENTS AND SETTINGS\JAMESANDJENNIFER\LOCAL SETTINGS\TEMP\wrapperouter.exe
Spyware:spyware/wareout No disinfected C:\WINDOWS\SYSTEM32\loadctr32.exe
Adware:adware/mediatickets No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\MediaGatewayX.dll
Adware:adware/topspyware No disinfected C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\wmplayer.exe.tmp
Adware:adware/cws No disinfected C:\DOCUMENTS AND SETTINGS\ALL USERS\FAVORITES\AdultGambling.url
Adware:adware/popuper No disinfected C:\DOCUMENTS AND SETTINGS\ALL USERS\FAVORITES\Buy Viagra Online.url
Adware:adware/bookedspace No disinfected C:\WINDOWS\cfgmgr52.ini
Adware:adware/apropos No disinfected C:\PROGRAM FILES\Aprps
Adware:adware program No disinfected C:\WINDOWS\SYSTEM32\cache32dsrf4535dfs
Adware:adware/elitebar No disinfected C:\WINDOWS\EliteToolBar
Adware:adware/addestroyer No disinfected C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AdDestroyer
Spyware:spyware/betterinet No disinfected Windows Registry
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\10813968_2596_1484_3268_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\1114694_2596_1484_4048_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\1115528_3480_2428_2000_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\1180230_2596_1484_140_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\1245796_2596_1484_3636_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\1245848_2596_1484_1656_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\132276_2596_1484_1540_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\133200_3480_2428_748_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\133382_3480_2428_2840_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\133618_3480_2428_3716_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\133914_3480_2428_3544_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\1442366_2596_1484_3936_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\1835646_2596_1484_1676_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\1966718_2596_1484_2080_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\196922_2596_1484_2636_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\196972_2596_1484_2708_62.41.tmp
Virus:Trj/Kolweb.E Disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\197.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\197034_2596_1484_2728_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\197286_2596_1484_3468_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\198310_3480_2428_3004_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\198484_3480_2428_2296_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\2032198_2596_1484_2564_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\2097768_3480_2428_2348_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\2097790_2596_1484_2212_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\2228862_2596_1484_1000_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\2294334_2596_1484_1736_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\2425406_2596_1484_2124_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\2556478_2596_1484_1332_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\262314_1728_1484_1568_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\262590_2596_1484_708_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\262604_2596_1484_2432_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\263440_2596_1484_2152_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\2687550_2596_1484_320_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\328092_2596_1484_3168_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\329578_3480_2428_2400_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\330064_3480_2428_1188_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\393864_2596_1484_3000_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\394704_3480_2428_3044_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\395114_3480_2428_2160_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\395218_3480_2428_2628_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\525654_3480_2428_3640_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\526202_3480_2428_1272_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\526216_3480_2428_400_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\590406_2596_1484_3860_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\656792_3480_2428_3296_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\65762_644_1484_776_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\67802_3480_2428_3652_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\67984_3480_2428_2812_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\68226_3480_2428_4048_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\68380_3480_2428_1940_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\68442_3480_2428_1920_62.41.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\68504_3480_2428_2244_62.41.tmp
Virus:W32/Gaobot.GYZ.worm Disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\6D0.tmp
Adware:Adware/EliteBar No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\786844_2596_1484_3792_62.41.tmp
Adware:Adware/Apropos No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\auf2.exe
Adware:Adware/ConsumerAlertSystemNo disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\cassetup.exe
Spyware:Spyware/SafeSurf No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\ExtractDLL.dll
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\i23.tmp
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\i93F.tmp
Spyware:Spyware/SafeSurf No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\labpengs.tmp
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\nsh_104.exe
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\nsh_105.exe
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\nsh_111.exe
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\nsh_115.exe
Adware:Adware/Pacimedia No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\pcs_0005.exe
Adware:Adware/Pacimedia No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\ptf_0005.exe
Adware:Adware/Pacimedia No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\ptf_0006.exe
Adware:Adware/Pacimedia No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\ptf_0009.exe
Adware:Adware/Pacimedia No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\ptf_0011.exe
Spyware:Spyware/SurfSideKick No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\SSK3_B5 Seedcorn 4.exe
Adware:Adware/VirtualBouncer No disinfected C:\Documents and Settings\jamesandjennifer\Local Settings\Temp\wrapperouter.exe
Adware:Adware/Apropos No disinfected C:\Program Files\Aprps\ProxyStub.dll
Adware:Adware/SaveNow No disinfected C:\Program Files\BearShare\Installer\saveinstwm.exe
Adware:Adware/ConsumerAlertSystemNo disinfected C:\Program Files\Cas\Client\casclient.exe
Adware:Adware/ConsumerAlertSystemNo disinfected C:\Program Files\Cas\Client\casmf.dll
Adware:Adware/ConsumerAlertSystemNo disinfected C:\Program Files\Cas\Client\Uninstall.exe
Adware:Adware/ConsumerAlertSystemNo disinfected C:\Program Files\CasStub\casstub.exe
Adware:Adware/ConsumerAlertSystemNo disinfected C:\Program Files\CMAPP\Client\cmappmf.dll
Adware:Adware/Look2Me No disinfected C:\Program Files\Windows Media Player\wmplayer.exe.tmp
Adware:Adware/AdDestroyer No disinfected C:\Program Files\Yahoo!\YPSR\Quarantine\ppq36.tmp
Adware:Adware/AdDestroyer No disinfected C:\Program Files\Yahoo!\YPSR\Quarantine\ppq37.tmp
Adware:Adware/AdDestroyer No disinfected C:\Program Files\Yahoo!\YPSR\Quarantine\ppq38.tmp
Adware:Adware/AdDestroyer No disinfected C:\Program Files\Yahoo!\YPSR\Quarantine\ppq39.tmp
Adware:Adware/Apropos No disinfected C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8B.tmp
Adware:Adware/Apropos No disinfected C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8C.tmp
Adware:Adware/Look2Me No disinfected C:\Temp\Installer.exe
Adware:Adware/WUpd No disinfected C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\casino.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\dating.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\drugs.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\fav.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\virus.bmp
Adware:Adware/EliteBar No disinfected C:\WINDOWS\etb\pokapoka62.exe
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\etb\xml\images\casino.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\etb\xml\images\dating.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\etb\xml\images\drugs.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\etb\xml\images\fav.bmp
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\etb\xml\images\virus.bmp
Adware:Adware/EliteBar No disinfected C:\WINDOWS\etb\xud_62.dll
Adware:Adware/Apropos No disinfected C:\WINDOWS\system32\cdmtedit.exe
Adware:Adware/ClkOptimizer No disinfected C:\WINDOWS\system32\datadx.dll
Adware:Adware/ConsumerAlertSystemNo disinfected C:\WINDOWS\system32\dist001.exe
Adware:Adware/ClkOptimizer No disinfected C:\WINDOWS\system32\dkede.dll
Adware:Adware/ClkOptimizer No disinfected C:\WINDOWS\system32\fwkfkag.dll
Adware:Adware/PsGuard No disinfected C:\WINDOWS\system32\intel32.exe
Spyware:Spyware/SafeSurf No disinfected C:\WINDOWS\system32\jfmodlaa.dll
Spyware:Spyware/SafeSurf No disinfected C:\WINDOWS\system32\lanbrup.exe
Adware:Adware/BigTrafficNet No disinfected C:\WINDOWS\system32\nslE.dll
Adware:Adware/BigTrafficNet No disinfected C:\WINDOWS\system32\nsm918.dll
Adware:Adware/QuickWeb No disinfected C:\WINDOWS\system32\ntfsnlpa.exe
Adware:Adware/Pacimedia No disinfected C:\WINDOWS\system32\PSof1.exe
Adware:Adware/Findspy No disinfected C:\WINDOWS\system32\rdsndin.exe
  • 0

Advertisements


#2
Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
Please go here:

http://www.geekstogo..._Log-t2852.html

Run all the programmes as advised then post a current Hijack This Log to the Malware Team
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP