Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Freepod.com


  • Please log in to reply

#1
TBTSweety05

TBTSweety05

    New Member

  • Member
  • Pip
  • 9 posts
I need help desperately with my computer. Someone sent me a link on AIM and I clicked on it since I thought it was from my friend. Now my computer is going so slow. I've gone through the process with the clean up and ad-aware steps. The virus is still here. Whenever I sign on AIM it sends the virus to everyone on my buddy list. I've also tried uninstalling AIM and reinstalling it but I'm still having the same problem. Please! HELP!! :tazz:
  • 0

Advertisements


#2
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Hi TBTSweety05 and welcome to GeeksToGo!


If you are having malware issues, please got to the following site and follow all the instructions carefully.


You Must Read This Before Posting A Hijackthis Log

this will help you clean up to 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THIS thread.

Thanks,

:tazz:

Excal
  • 0

#3
TBTSweety05

TBTSweety05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
The problem is, I did all the things listed there adn I'm still having problems. I saw in response to another user, who was having the same problems as me, you gave a list of things to do. So I just followed that list. Here's a copy of my ewido and Hijack this log.

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 5:47:35 AM, 10/4/2005
+ Report-Checksum: 37788F3A

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} -> Spyware.MySearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC} -> Spyware.MyWay : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC} -> Spyware.MyWay : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\TypeLib\\ -> Spyware.NewDotNet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A} -> Spyware.BDE : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A}\TypeLib\\ -> Spyware.BrilliantDigital : Cleaned with backup
HKLM\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX\CLSID\\ -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX.1\CLSID\\ -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\Tldctl2.URLLink\CLSID\\ -> Spyware.NewDotNet : Cleaned with backup
HKLM\SOFTWARE\Classes\Tldctl2.URLLink.1\CLSID\\ -> Spyware.NewDotNet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\DelFin -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\DelFin\PromulGate -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\Homeland Network -> Spyware.Homelandnetwork : Cleaned with backup
HKLM\SOFTWARE\Homeland Network\CONFIG -> Spyware.Homelandnetwork : Cleaned with backup
HKLM\SOFTWARE\Homeland Network\UPDATE -> Spyware.Homelandnetwork : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ActiveInstall.dll\\.Owner -> Spyware.DownloadWare : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ActiveInstall.dll\\{EB6AFDAB-E16D-430B-A5EE-0408A12289DC} -> Spyware.DownloadWare : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DelFin Media Viewer -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaLoads Enhanced -> Spyware.Downloadware : Cleaned with backup
HKLM\SOFTWARE\Need2Find -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar\Partner -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-3978503659-2693076698-917563655-1009\Software\DNS -> Adware.Shorty : Cleaned with backup
HKU\S-1-5-21-3978503659-2693076698-917563655-1009\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} -> Spyware.MyWay : Cleaned with backup
HKU\S-1-5-21-3978503659-2693076698-917563655-1009\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} -> Spyware.MyWay : Cleaned with backup
HKU\S-1-5-21-3978503659-2693076698-917563655-1009\Software\RX Toolbar -> Spyware.RXToolbar : Cleaned with backup
HKU\S-1-5-21-3978503659-2693076698-917563655-1009\Software\Updater -> Spyware.KeenValue : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Munir Burney\Application Data\Mozilla\Profiles\default\z1k3rh0n.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Munir Burney\Application Data\Mozilla\Profiles\default\z1k3rh0n.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Munir Burney\Application Data\Mozilla\Profiles\default\z1k3rh0n.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.243:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\Default User\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.275:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.277:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.280:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.281:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.306:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.307:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.308:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.309:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.310:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.311:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.315:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.316:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.317:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.319:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.322:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.328:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.329:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.331:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.333:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.343:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.344:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.348:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.350:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.353:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.354:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.356:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.357:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.358:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.359:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.360:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.361:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.362:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.380:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.382:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.383:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.384:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Sabah\Local Settings\Application Data\Wildtangent\Cdacache\00\00\0F.dat/files\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
C:\Program Files\CdmFiles\assckkklgg.dll -> Spyware.SmartPops : Cleaned with backup
C:\Program Files\Common Files\system32.dll/gui.exe -> TrojanDownloader.Agent.rv : Cleaned with backup
C:\Program Files\COMPAQ\Netscape Custom NA XP\Plugins\npwthost.dll -> Spyware.WildTangent : Cleaned with backup
C:\Program Files\InetGet\Adperform180safull.exe -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Juno\bin\getjuno.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\Program Files\MediaLoads\v1\ML.exe -> Spyware.DownloadWare : Cleaned with backup
C:\Program Files\MyWay\myBar\1.bin\MY2NS.EXE -> Spyware.MyWay : Cleaned with backup
C:\Program Files\
  • 0

#4
TBTSweety05

TBTSweety05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I think it's fixed! As far as I know. I signed on to AIM today and it hasn't sent the virus to everyone on my buddy list again...yet. I think it's ok. Do the logs say it's ok?
  • 0

#5
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Download Aimfix to your desktop -Herehttp://jayloden.com/AIMFix.exe

Download and install CleanUp! Here*NOTE* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups.
We will use this program later.

Reboot into safe mode.


Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode

Run the program AimFix.exe

Open up and run Ewido:
  • Click on scanner
  • Click Complete System Scan and the scan will begin.
  • During the scan when it ask if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK
  • When the scan is finished, look at the bottom of the screen and click the Save report button.
  • Save the report to your desktop
Close Ewido

Run the program CleanUp!

Reboot into normal mode and please run this online virus scan: ActiveScan - Save the results from the scan!

Please post the Active scan log, Ewido log and a fresh HiJackThis log. Let me know how your computer is running.
  • 0

#6
TBTSweety05

TBTSweety05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I was having trouble wtih the active scan. I loaded it but nothing happened. I don't know why...here's the ewido log and the new hijack this log

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 6:18:27 PM, 10/4/2005
+ Report-Checksum: A5CA6F73

+ Scan result:

HKLM\SOFTWARE\Homeland Network -> Spyware.Homelandnetwork : Cleaned with backup
HKLM\SOFTWARE\Homeland Network\CONFIG -> Spyware.Homelandnetwork : Cleaned with backup
HKLM\SOFTWARE\Homeland Network\UPDATE -> Spyware.Homelandnetwork : Cleaned with backup
HKU\S-1-5-21-3978503659-2693076698-917563655-1009\Software\DNS -> Adware.Shorty : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Sabah\Application Data\Mozilla\Firefox\Profiles\default.t8y\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
C:\Documents and Settings\Sabah\Cookies\sabah@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Sabah\Cookies\sabah@internetfuel[1].txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
C:\Documents and Settings\Sabah\Local Settings\Temporary Internet Files\Content.IE5\5HJ8ITTM\maxifilesdns[1].zip/gui.exe -> TrojanDownloader.Agent.rv : Cleaned with backup
C:\Program Files\Common Files\system32.dll/gui.exe -> TrojanDownloader.Agent.rv : Cleaned with backup
C:\Program Files\DNS\gui.exe -> TrojanDownloader.Agent.rv : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318101.exe -> Trojan.EliteBar.d : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318103.dll -> Trojan.EliteBar.d : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318470.dll -> Spyware.SmartPops : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318471.dll/gui.exe -> TrojanDownloader.Agent.rv : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318472.dll -> Spyware.WildTangent : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318473.exe -> Spyware.WinAD : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318474.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318475.exe -> Spyware.DownloadWare : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318476.EXE -> Spyware.MyWay : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318477.DLL -> Spyware.MyWay : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318478.dll -> Spyware.WildTangent : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318479.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318480.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318482.exe -> Spyware.SurfAccuracy : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318483.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318484.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318485.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318486.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318487.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318488.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318489.exe -> Spyware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318490.exe -> Adware.BrilliantDigital : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318491.dll -> Spyware.SmartPops : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318492.exe -> Spyware.SmartPops : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318493.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318494.dll -> Spyware.WildTangent : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318495.dll -> Spyware.WildTangent : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318496.dll -> Spyware.WildTangent : Cleaned with backup
C:\System Volume Information\_restore{8238BFE6-44BD-4B25-B0F7-CE65B3815CC9}\RP433\A2318497.dll -> Spyware.WildTangent : Cleaned with backup


::Report End


Logfile of HijackThis v1.99.1
Scan saved at 6:35:21 PM, on 10/4/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HomelandNetwork\HomelandNetwork.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Creative\ShareDLL\MEDIADET.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\QUICKENW\QWDLLS.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\unzipped\hijackthis\HijackThis.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.ezwebsearching.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ezwebsearching.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ezwebsearching.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://store.presari...&c=1c02&lc=0409
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/.../search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://store.presari...&c=1c02&lc=0409
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://store.presari...&c=1c02&lc=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Compaq
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar_en_2.0.107-deleon.dll
O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program Files\DNS\Catcher.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar_en_2.0.107-deleon.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Homeland Network] "C:\Program Files\HomelandNetwork\HomelandNetwork.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB0_0_0
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\mc-110-12-0000080.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Billminder.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Advisor - {725EE957-17A7-463F-B8CD-8322FF3C173B} - C:\Program Files\COMPAQ\Compaq Advisor\bin\rbaLauncher.exe (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=1c02&lc=0409
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.googl...n/GoogleNav.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - http://download.weat...uginstaller.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
  • 0

#7
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft...&DisplayLang=en
Apply the update, reboot, and post a fresh Hijack This log.
  • 0

#8
TBTSweety05

TBTSweety05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Everytime I attempt to install the service pack 1a, my computer stops at Inspecting your current configuration. It just wont go past that...what should i do now?
  • 0

#9
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Please go HERE (Microsoft website) using Internet Explorer (not Firefox or any other browser as they won't work)
  • Click on Windows Validation Assistant
  • Click on the Validate Now button.
  • Be patient while the ActiveX loads, do not click on any links.
  • Read the instructions on this page while it's loading. You will be prompted to install - click YES.
  • Enter your product key then click continue
  • When it says "Validation Complete" please click Continue to return to your previous activity
  • Copy what it says and paste it here.

  • 0

#10
TBTSweety05

TBTSweety05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
After I rebooted my computer again I was able to install it...sorry about that. Here's the hijackthis log.

Logfile of HijackThis v1.99.1
Scan saved at 10:25:09 AM, on 10/7/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Creative\ShareDLL\MEDIADET.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HomelandNetwork\HomelandNetwork.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\QUICKENW\QWDLLS.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.ezwebsearching.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ezwebsearching.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ezwebsearching.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://store.presari...&c=1c02&lc=0409
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/.../search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://store.presari...&c=1c02&lc=0409
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://store.presari...&c=1c02&lc=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Compaq
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar_en_2.0.107-deleon.dll
O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program Files\DNS\Catcher.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar_en_2.0.107-deleon.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Homeland Network] "C:\Program Files\HomelandNetwork\HomelandNetwork.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB0_0_0
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\mc-110-12-0000080.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Billminder.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Advisor - {725EE957-17A7-463F-B8CD-8322FF3C173B} - C:\Program Files\COMPAQ\Compaq Advisor\bin\rbaLauncher.exe (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=1c02&lc=0409
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.googl...n/GoogleNav.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - http://download.weat...uginstaller.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
  • 0

Advertisements


#11
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Uninstall SpyKiller from the add/remove list in control panel. It is not a trusted antispyware program
http://www.spywarewa...nti-spyware.htm

A malicious .DLL file is disrupting the LSP chain on your computer. We need to get rid of it.

1. Please download LSPFix from here.
2. Run the LSPFix.exe that you have just finished downloading.
3. Check the I know what I'm doing box.
4. In the Keep box you should see one or more instances of newdotnet6_38.dll
5. Select every instance of newdotnet6_38.dll and move each one to the Remove box by clicking the >> button.
6. When you are done click Finish>>.
7. Reboot and please post a fresh HiJackThis log.
  • 0

#12
TBTSweety05

TBTSweety05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I went into the add/remove programs section of control panel and I didn't see any spykiller. There was also only one of the newdot files when i ran the LSPFix. Here's the new hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 5:05:38 PM, on 10/7/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Creative\ShareDLL\MEDIADET.EXE
C:\Program Files\HomelandNetwork\HomelandNetwork.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\QUICKENW\QWDLLS.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\LimeWire\LimeWire.exe
C:\unzipped\hijackthis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.ezwebsearching.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ezwebsearching.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ezwebsearching.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://store.presari...&c=1c02&lc=0409
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/.../search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://store.presari...&c=1c02&lc=0409
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://store.presari...&c=1c02&lc=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Compaq
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar_en_2.0.107-deleon.dll
O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program Files\DNS\Catcher.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar_en_2.0.107-deleon.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Homeland Network] "C:\Program Files\HomelandNetwork\HomelandNetwork.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [DNS] C:\Program Files\Common Files\mc-110-12-0000080.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Billminder.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Advisor - {725EE957-17A7-463F-B8CD-8322FF3C173B} - C:\Program Files\COMPAQ\Compaq Advisor\bin\rbaLauncher.exe (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=1c02&lc=0409
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.googl...n/GoogleNav.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - http://download.weat...uginstaller.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
  • 0

#13
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Newdotnet has reared its ugly head again.

First, Download LSPFix.exe to a convenient location. Do NOT run this program. This is only to be used if you lose Internet Access after removing NewDotNet.

To Get rid of NewDotNet, go to:

Start > Control Panel > Add or Remove Programs and remove the following:

New.Net Applications or New.Net Domains (anything that says New.Net)

If it is not there,Please run the following tool, NewDotNet Removal tool.

(ONLY if you can't find the New.Net in Add/Remove programs).

In the event that you lose Internet access after removing New.Net, please double-click LSPFix.exe that you downloaded earlier. You will see 2 panels. If there is any file listed in the "Remove" panel on the right-side, leave it as is and just click "Finish>>" then reboot your computer and you should now have access to the Internet.. If nothing is listed under the "Remove Panel", do NOT do anything - just close the program. You will need to use another computer to come back here for further instructions on what to do.

Please post back a fresh HiJackthis log.
  • 0

#14
TBTSweety05

TBTSweety05

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I just went to the add/remove programs section and it says that new.net has already been removed. Should I use the link u provided now to remove it?
  • 0

#15
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Yes
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP