Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot access regedit [RESOLVED]


  • This topic is locked This topic is locked

#1
Ash160480

Ash160480

    New Member

  • Member
  • Pip
  • 3 posts
Hi,

I'm in a bit of a fix. I can't seem to access regedit or sysedit. All I get is a dos prompt and a error message saying :

"the system file is not suitable for running MS-DOS and microsoft windows applicatoin 'close' to terminate the application"

I've ran microsoft antispyware and i've got ewido running at present. I'm not sure what the problem is or if its serious but i'm worried all the same.

Can someone offer some help please?

Thanks in advance.



Logfile of HijackThis v1.99.1
Scan saved at 12:04:21, on 05/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUMENTS AND SETTINGS\ASH\DESKTOP\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0

\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - c:\program files\180searchassistant\saishook.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001

\en-us\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-

us\msntb.dll
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON

Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [winupdate] C:\Program Files\winupdate\winupdate.exe /auto
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [sais] c:\program files\180searchassistant\sais.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0

\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A74CC0B7-5958-48C3-A14F-80C85A3D13CB}: NameServer = 205.188.146.145
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\fastload.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Common Files\element5

Shared\Service\Licence Manager ESD.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia

Shared\Service\Macromedia Licensing.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security

Center\SymWSC.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe






---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 10:50:45, 05/10/2005
+ Report-Checksum: B405280E

+ Scan result:

HKLM\SOFTWARE\YourSiteBar -> Spyware.ISTBar : Error during cleaning
HKLM\SOFTWARE\YourSiteBar\Historyfiles -> Spyware.ISTBar : Error during cleaning
HKLM\SOFTWARE\YourSiteBar\Historystring -> Spyware.ISTBar : Error during cleaning
HKU\S-1-5-21-3395209488-3651673726-2379787865-1006\Software\IST -> Spyware.ISTBar : Cleaned with backup
C:\Documents and Settings\All Users\Application Data\SecTaskMan\bargains.exe.q_1B52E004_q -> Spyware.BargainBuddy : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Pro-market : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.224:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.226:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
:mozilla.274:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.289:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.315:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.316:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.317:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.320:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\pscqbdgy.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Linkbuddies : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Ash\Application Data\Mozilla\Firefox\Profiles\qwthy461.ash\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Ash\Cookies\ash@122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ash\Cookies\ash@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Ash\Local Settings\Temp\jfgudk.exe -> TrojanDownloader.IstBar.lq : Cleaned with backup
C:\Documents and Settings\Ash\Local Settings\Temporary Internet Files\Content.IE5\E1GU2ZJE\istdownload[1].exe -> TrojanDownloader.IstBar.lq : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Praskash\Application Data\Mozilla\Firefox\Profiles\ktipqpj5.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Praskash\Application Data\Mozilla\Firefox\Profiles\ktipqpj5.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Praskash\Application Data\Mozilla\Firefox\Profiles\ktipqpj5.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Praskash\Application Data\Mozilla\Firefox\Profiles\ktipqpj5.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Praskash\Application Data\Mozilla\Firefox\Profiles\ktipqpj5.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Praskash\Application Data\Mozilla\Firefox\Profiles\ktipqpj5.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Praskash\Application Data\Mozilla\Firefox\Profiles\ktipqpj5.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Praskash\Application Data\Mozilla\Firefox\Profiles\ktipqpj5.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Praskash\Application Data\Mozilla\Firefox\Profiles\ktipqpj5.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Praskash\Application Data\Mozilla\Firefox\Profiles\ktipqpj5.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Praskash\aw.exe -> Worm.Wupeer.a : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@122.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@adopt.euroclick[2].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@adviva[1].txt -> Spyware.Cookie.Adviva : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@bfast[1].txt -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@counter15.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@doubleclick[2].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@ehg-hotgroup.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@fastclick[1].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@linksynergy[1].txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@revenue[1].txt -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@servedby.advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@targetnet[1].txt -> Spyware.Cookie.Targetnet : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@www.burstbeacon[1].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@www.sidefind[2].txt -> Spyware.Cookie.Sidefind : Cleaned with backup
C:\Documents and Settings\Praskash\Cookies\praskash@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temp\180sainstallersilsais1.exe/clientax.dll -> Spyware.180Solutions : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temp\180sainstallersilsais1.exe/clientax.dll -> Spyware.180Solutions : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temp\bb.exe -> TrojanDownloader.Adload.a : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temp\Del77.tmp -> TrojanDownloader.Small.asf : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temp\jfghjfgudk.exe -> TrojanDownloader.IstBar.lq : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temp\optimize.exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temp\res78.tmp -> Spyware.180Solutions : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temp\sidefind.exe -> TrojanDownloader.IstBar.jm : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\1CR9GNAY\optimize[1].exe -> TrojanDownloader.Dyfuca.ei : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\1CR9GNAY\sidefind[1].exe -> TrojanDownloader.IstBar.jm : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\2H6752PO\istsvc[1].exe -> TrojanDownloader.IstBar : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\2H6752PO\SAcc.prod.v1110.07sep2005.exe[1].cbb24cb3f875a3f41512d11e2ae33ba7 -> Spyware.SurfAccuracy : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\2H6752PO\sidefind13[1].dll -> Spyware.SideFind : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\2H6752PO\stubinstaller5041[1].ex_ -> TrojanDownloader.Small.asf : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\2H6752PO\wm[1].exe -> Worm.Wupeer.a : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\2H6752PO\ysb[1].dll -> Spyware.YourSiteBar : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\50EZ9PZI\istrecover[1].exe -> TrojanDownloader.IstBar.ij : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\50EZ9PZI\nem220[1].dll -> TrojanDownloader.Dyfuca : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\50EZ9PZI\power_remove[1].exe -> TrojanDownloader.IstBar.gi : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\50EZ9PZI\sacc_remove[1].exe -> Spyware.SurfAccuracy : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\50EZ9PZI\sfbho13[1].dll -> Spyware.SideFind : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\QFI38ZE1\bb[1].exe -> TrojanDownloader.Adload.a : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\QFI38ZE1\istdownload[1].exe -> TrojanDownloader.IstBar.lq : Cleaned with backup
C:\Documents and Settings\Praskash\Local Settings\Temporary Internet Files\Content.IE5\QFI38ZE1\powerscan[1].exe -> Spyware.PowerScan : Cleaned with backup
C:\Documents and Settings\Praskash\Start Menu\Programs\Power Scan -> Spyware.PowerScan : Cleaned with backup
C:\Documents and Settings\Praskash\Start Menu\Programs\Power Scan\Power Scan.lnk -> Spyware.PowerScan : Cleaned with backup
C:\Program Files\180searchassistant -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\180searchassistant\saisau.dat -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\180searchassistant\sais_gdf.dat -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\180searchassistant\sais_kyf.dat -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Media Access -> Adware.MediaAccess : Cleaned with backup
C:\Program Files\Media Access\Info.txt -> Adware.MediaAccess : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\B882E4C3-E3BB-4B00-B315-0B7370\1B13E4BA-287F-410A-9F49-DDDF15 -> Spyware.SideFind : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\C9159892-D841-4738-A031-058773\AEFEB1FC-512E-416F-923B-F1D485 -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\C9159892-D841-4738-A031-058773\D1AB4DAD-4388-42A6-A08E-64B607 -> Spyware.BargainBuddy : Cleaned with backup
C:\Program Files\Mozilla Firefox\plugins\npzango.dll -> Spyware.WinAD : Cleaned with backup
C:\Program Files\SurfAccuracy -> Adware.SurfAccuracy : Cleaned with backup
C:\Program Files\SurfAccuracy\SAcc.cfg -> Adware.SurfAccuracy : Cleaned with backup
C:\Program Files\SurfAccuracy\SAccU.exe -> Adware.SurfAccuracy : Error during cleaning
C:\Program Files\winupdates\a.tmp -> Worm.VB.an : Cleaned with backup
C:\Program Files\winupdates\a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc100.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1000.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1001.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1002.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1003.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1004.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1007.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1008.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1009.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc101.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1010.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1011.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1012.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1013.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1014.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1015.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1016.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1017.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1018.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1019.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc102.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1020.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1021.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1022.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1023.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1024.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1025.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1026.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1027.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1028.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1029.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc103.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1030.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1031.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1032.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1033.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1034.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1035.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1036.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1037.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1038.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1039.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc104.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1040.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1041.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1042.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1043.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1044.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1045.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1046.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1047.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1048.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1049.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc105.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1050.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1051.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1052.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1053.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1054.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1055.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1056.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1057.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc1058.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc106.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc107.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc108.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc109.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc11.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc110.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\RECYCLER\S-1-5-21-3395209488-3651673726-2379787865-1006\Dc111.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:
  • 0

Advertisements


#2
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Hi and welcome Ash160480

Please go to Add/Remove programs and remove the following please

winupdates
Media Access
SurfAccuracy
180searchassistant


Restart your computer

Next

Please restart HJT put a check next to the following, close all open windows and click “Fix Checked”

O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [winupdate] C:\Program Files\winupdate\winupdate.exe /auto
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [sais] c:\program files\180searchassistant\sais.exe




Next Reboot into SAFE MODE
Search for and delete the Folders highlighted in blue, Files highlighted in BOLD

C:\Program Files\winupdates\
C:\Program Files\Media Access\
C:\Program Files\SurfAccuracy\
c:\program files\180searchassistant\

Restart your computer, Post back a fresh log please
  • 0

#3
Ash160480

Ash160480

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Hi ya, here is the new log.


Logfile of HijackThis v1.99.1
Scan saved at 16:05:39, on 05/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ash\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - c:\program files\180searchassistant\saishook.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A74CC0B7-5958-48C3-A14F-80C85A3D13CB}: NameServer = 205.188.146.145
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\fastload.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
  • 0

#4
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Have HJT fix this
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - c:\program files\180searchassistant\saishook.dll (file missing)


reboot post back a fresh HJT log please,

How is the computer running now ?
  • 0

#5
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP