Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

"Your system is infected!" [RESOLVED]


  • This topic is locked This topic is locked

#1
gr8deadfan

gr8deadfan

    Member

  • Member
  • PipPip
  • 10 posts
Hello All,

I have the infamous "Your System Is Infected!" background, spelling errors and all. I have tried to rid my computer of this (by reading other posts here with the same issue) to no avail.

In total I have 3 problems:

1. "Your System Is Infected!" wallpaper
2. Unable to cut, copy or paste within Mozilla Firefox
3. Widows "XP style" taskbar now looks like a Windows 98 taskbar

I believe I am responsible for #3 as it was a direct result of me trying to fix #1. :tazz: Please let me know if this is a different issue and requires its own topic.

I have the following already downloaded and have run varoius combinations of all already:

CCleaner
CWShreder
CleanUp!
AdAware SE
LSPFix
LQfix
HSfix
Killbox
AboutBuster

Any help is appreciated. HJT log is attached.

Thanks!!!

Edited by gr8deadfan, 24 October 2005 - 06:31 PM.

  • 0

Advertisements


#2
gr8deadfan

gr8deadfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Anyone? Bueller? Bueller.....
  • 0

#3
gr8deadfan

gr8deadfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
$20 to the first person that can fix all three things listed above.

Attached is a fresh HJT log.

Attached Files


  • 0

#4
Maiestas

Maiestas

    eh...

  • Retired Staff
  • 1,481 posts
I'm working on your log, as soon as another staff member reviews it I'll post a reply. Thank you for your patience.

In the mean time please POST a Hijackthis log HERE as a reply by clicking the 'add reply' button.
  • 0

#5
gr8deadfan

gr8deadfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hi Leena,

Thank you. I was unable to paste the other day. Looks like I can now...


Logfile of HijackThis v1.99.1
Scan saved at 6:16:36 PM, on 10/28/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\spoolsv.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\Explorer.EXE
C:\WINDOWS2\System32\hkcmd.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS2\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\PROGRA~1\SPYCLE~1\SpyWatcher.exe
C:\WINDOWS2\BCMSMMSG.exe
C:\WINDOWS2\System32\rundll32.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\SlimServer\SlimTray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Red Chair Software\Deubox Explorer\deumgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS2\System32\wuauclt.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmjb.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_director.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\D-Link AirPlus\AIRPLUS.EXE
C:\WINDOWS2\System32\sysvcs.exe
C:\Program Files\SlimServer\server\slim.exe
C:\Program Files\Java\jre1.5.0_02\bin\jucheck.exe
C:\Program Files\Password Safe\pwsafe.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AIM\aim.exe
C:\Documents and Settings\Owner.ALAN-DESKTOP\Desktop\Spyware removal\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS2\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS2\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS2\System32\hkcmd.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS2\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS2\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Spy Watcher] "C:\PROGRA~1\SPYCLE~1\SpyWatcher.exe" -S
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [wupd] C:\WINDOWS2\System32\symcsvc.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Startup: Deubox Manager.lnk = C:\Program Files\Red Chair Software\Deubox Explorer\deumgr.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: D-Link AirPlus Utility.lnk = ?
O4 - Global Startup: SlimServer Tray Tool.lnk = C:\Program Files\SlimServer\SlimTray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS2\System32\shdocvw.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS2\SYSTEM32\igfxsrvc.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS2\System32\HPHipm11.exe
O23 - Service: SlimServer (slimsvc) - Unknown owner - C:\Program Files\SlimServer\server\slim.exe

Edited by gr8deadfan, 28 October 2005 - 04:17 PM.

  • 0

#6
Maiestas

Maiestas

    eh...

  • Retired Staff
  • 1,481 posts
First, Download LSPFix.exe to a convenient location. Do NOT run this program. This is only to be used if you lose Internet Access after removing NewDotNet.

To Get rid of NewDotNet, go to:

Start > Control Panel > Add or Remove Programs and remove the following:

New.Net Applications or New.Net Domains (anything that says New.Net)

If it is not there, go here and follow Procedure 4: NewDotNet Removal Procedure 4.

In the event that you lose Internet access after removing New.Net, please double-click LSPFix.exe that you downloaded earlier. You will see 2 panels. If there is any file listed in the "Remove" panel on the right-side, leave it as is and just click "Finish>>" then reboot your computer and you should now have access to the Internet. If nothing is listed under the "Remove Panel", do NOT do anything - just close the program. You will need to use another computer to come back here for further instructions on what to do.

Post a new Hijackthis Log, after.
  • 0

#7
gr8deadfan

gr8deadfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hi Leena,

I removed the new.net, but I don't think that was related to my main problem. Here is a current HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 8:35:11 PM, on 10/28/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\spoolsv.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\Explorer.EXE
C:\WINDOWS2\System32\hkcmd.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS2\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\PROGRA~1\SPYCLE~1\SpyWatcher.exe
C:\WINDOWS2\BCMSMMSG.exe
C:\Program Files\Logitech\Video\ManifestEngine.exe
C:\WINDOWS2\System32\symcsvc.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\D-Link AirPlus\AIRPLUS.EXE
C:\Program Files\SlimServer\SlimTray.exe
C:\Program Files\Red Chair Software\Deubox Explorer\deumgr.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS2\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS2\System32\wuauclt.exe
C:\Documents and Settings\Owner.ALAN-DESKTOP\Desktop\Spyware removal\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS2\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS2\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS2\System32\hkcmd.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS2\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS2\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Spy Watcher] "C:\PROGRA~1\SPYCLE~1\SpyWatcher.exe" -S
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [wupd] C:\WINDOWS2\System32\symcsvc.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Startup: Deubox Manager.lnk = C:\Program Files\Red Chair Software\Deubox Explorer\deumgr.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: D-Link AirPlus Utility.lnk = ?
O4 - Global Startup: SlimServer Tray Tool.lnk = C:\Program Files\SlimServer\SlimTray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS2\System32\shdocvw.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS2\SYSTEM32\igfxsrvc.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS2\System32\HPHipm11.exe
O23 - Service: SlimServer (slimsvc) - Unknown owner - C:\Program Files\SlimServer\server\slim.exe

I still have the "blue screen" as my wallpaper

Thanks,

~Alan
  • 0

#8
Maiestas

Maiestas

    eh...

  • Retired Staff
  • 1,481 posts
I know what issues you are having, but as you can tell from your last log you were hijacked by news.net, and that was one issue that I wanted outta the way. I've noted your problems and Ill get through them one by one. Lets Start.

Please read this post completely, it may make it easier for you if you copy and paste this post to a new text document or print it for reference later.


Please disable SpySweeper, as it may hinder the removal of some entries. You can re-enable it after you're clean.

To disable SpySweeper:

Open it click >Options over to the left then >Program Options >Uncheck "load at windows startup".
Over to the left click "shields" and uncheck all there.
Uncheck "home page shield".
Uncheck "automatically restore default without notification".



Download smitRem.exe and save the file to your desktop.
Double click on the file to extract it to it's own folder on the desktop.

Place a shortcut to Panda ActiveScan on your desktop.

Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/

Please read Ewido Setup Instructions
Install it, and update the definitions to the newest files. Do NOT run a scan yet.

If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Ad-Aware SE Setup
Don't run it yet!

Next, please reboot your computer in SafeMode by doing the following:
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
  • Instead of Windows loading as normal, a menu should appear
  • Select the first option, to run Windows in Safe Mode.
Now scan with HJT and place a checkmark next to each of the following items and click FIX CHECKED:
===================================================
O4 - HKCU\..\Run: [wupd] C:\WINDOWS2\System32\symcsvc.exe
===================================================

Close HiJackThis.


Find and delete these files (if they are still there):

C:\WINDOWS2\System32\symcsvc.exe

Find and delete these folders (if they are still there):

C:\Program Files\NewDotNet\


Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.


Open Ad-aware and do a full scan. Remove all it finds.


Run Ewido:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • NOTE: During some scans with ewido it is finding cases of false positives.
  • You will need to step through the process of cleaning files one-by-one.
  • If ewido detects a file you KNOW to be legitimate, select none as the action.
  • DO NOT select "Perform action on all infections"
  • If you are unsure of any entry found select none for now.
  • When the scan is finished, click the Save report button at the bottom of the screen.
  • Save the report to your desktop
Close Ewido

Next go to Control Panel click Display > Desktop > Customize Desktop > Web > Uncheck "Security Info" if present.

Reboot back into Windows and click the Panda ActiveScan shortcut.
- Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
- When download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Post the contents of the Panda scan report, along with a new HijackThis Log, the contents of smitfiles.txt and the Ewido Log by using Add Reply.
Let us know if any problems persist.
  • 0

#9
gr8deadfan

gr8deadfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hi Leena,

Thank you, the wallpaper has been restored to normal. Here are the current scans and logs:

Logfile of HijackThis v1.99.1
Scan saved at 12:06:18 PM, on 10/29/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\spoolsv.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Documents and Settings\Owner.ALAN-DESKTOP\Desktop\Spyware removal\security suite\ewidoctrl.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\Explorer.EXE
C:\WINDOWS2\System32\hkcmd.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS2\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS2\BCMSMMSG.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\D-Link AirPlus\AIRPLUS.EXE
C:\Program Files\SlimServer\SlimTray.exe
C:\Program Files\Red Chair Software\Deubox Explorer\deumgr.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS2\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner.ALAN-DESKTOP\Desktop\Spyware removal\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS2\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS2\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS2\System32\hkcmd.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS2\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS2\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Spy Watcher] "C:\PROGRA~1\SPYCLE~1\SpyWatcher.exe" -S
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: Deubox Manager.lnk = C:\Program Files\Red Chair Software\Deubox Explorer\deumgr.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: D-Link AirPlus Utility.lnk = ?
O4 - Global Startup: SlimServer Tray Tool.lnk = C:\Program Files\SlimServer\SlimTray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS2\System32\shdocvw.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS2\SYSTEM32\igfxsrvc.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: ewido security suite control - ewido networks - C:\Documents and Settings\Owner.ALAN-DESKTOP\Desktop\Spyware removal\security suite\ewidoctrl.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS2\System32\HPHipm11.exe
O23 - Service: SlimServer (slimsvc) - Unknown owner - C:\Program Files\SlimServer\server\slim.exe


smitRem © log file
version 2.7

by noahdfear

The current date is: Sat 10/29/2005
The current time is: 10:24:35.92

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~

SpySheriff


~~~ Shortcuts ~~~

Install.dat


~~~ Favorites ~~~



~~~ system32 folder ~~~

zlbw.dll


~~~ Icons in System32 ~~~



~~~ Windows directory ~~~

desktop.html


~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~



winstall.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Remaining Post-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~ Miscellaneous Files/folders ~~~




~~~ Wininet.dll ~~~

CLEAN! :tazz:


---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 11:33:00 AM, 10/29/2005
+ Report-Checksum: 86E6E014

+ Scan result:

C:\Documents and Settings\Alan Rickert\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-6fd9f626-72964775.class -> TrojanDownloader.Small.wv : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.251:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.281:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.282:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.301:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.315:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.340:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.341:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.342:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.343:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
:mozilla.344:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
:mozilla.347:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.354:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.361:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.362:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Firefox\Profiles\zqahlql0.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Cqcounter : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Owner.ALAN-DESKTOP\Application Data\Mozilla\Profiles\default\zp8keqa4.slt\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Spyware.Wheaterbug : Cleaned with backup
C:\Program Files\Common Files\Sony Shared\Visualizer\ExlGen.dll -> Dialer.Generic : Cleaned with backup
C:\RECYCLER\S-1-5-21-1644491937-1645522239-725345543-1003\Dc1.exe -> Trojan.Crypt.c : Cleaned with backup
C:\sys.exe -> Trojan.WebSearch.j : Cleaned with backup
C:\sys201433447.exe -> TrojanDownloader.Small.aub : Cleaned with backup
C:\sys214076805.exe -> TrojanDropper.Agent.ii : Cleaned with backup
C:\WINDOWS2\NDNuninstall6_38.exe -> Spyware.NewDotNet : Cleaned with backup
C:\WINDOWS2\ssmc.dll -> TrojanDropper.Small.aev : Cleaned with backup
C:\WINDOWS2\system32\csrsss.exe -> Trojan.PdPinch : Cleaned with backup
C:\WINDOWS2\system32\cssrs.exe -> TrojanSpy.PdPinch : Cleaned with backup
C:\WINDOWS2\system32\rand.exe -> Trojan.Lopata : Cleaned with backup
C:\WINDOWS2\system32\sysvcs.exe -> Trojan.Crypt.l : Cleaned with backup
C:\WINDOWS2\system32\win32.exe -> Trojan.Lopata : Cleaned with backup
C:\WINDOWS2\system32\~update.exe -> Trojan.Crypt.l : Cleaned with backup
C:\WINDOWS2\vr_sys.dll -> TrojanSpy.LdPinch.os : Cleaned with backup


::Report End


Incident Status Location

Adware:Adware/Startpage.JU No disinfected C:\Documents and Settings\Alan Rickert\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-487b52a0-7e94cc83.zip[Beyond.class]
Adware:Adware/Startpage.JU No disinfected C:\Documents and Settings\Alan Rickert\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-487b52a0-7e94cc83.zip[winmodem.exe]
Adware:Adware/Startpage.JK No disinfected C:\Documents and Settings\Alan Rickert\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-487b52a0-7e94cc83.zip[rundll32.exe]
Adware:Adware/StartPage.gen No disinfected C:\Documents and Settings\Alan Rickert\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\Counters.jar-18227042-76ff8eeb.zip[web.exe]
Virus:Trj/Shinwow.E Disinfected C:\Documents and Settings\Alan Rickert\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\showbanner.jar-228e1fd-4e4a966f.zip[Beyond.class]
Adware:Adware/P2PNetworking No disinfected C:\WINDOWS\SYSTEM32\P2P Networking\MARSHAL.DLL
Adware:Adware/P2PNetworking No disinfected C:\WINDOWS\SYSTEM32\P2P Networking v123.cpl
Spyware:Spyware/New.net No disinfected C:\WINDOWS2\NDNuninstall6_90.exe
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS2\system32\drivers\etc\hosts
Virus:Bck/Mxaccs.A Disinfected C:\WINDOWS2\v_sys.dll


The only item that remains is that eventhough I am running Windows XP, I only have "Windows Classic Style" as an option for the display of my windows and task bar. I think that I somehow did this when trying to remove the other problem myself. Should I start a new topic for this?

Thanks again,

~Alan
  • 0

#10
Maiestas

Maiestas

    eh...

  • Retired Staff
  • 1,481 posts
Hi,

Things are looking better. No need to start another topic. Like I said, I'll work through all your problems here in this thread till they're solved. :tazz:

First, let's get rid of those files that active scan found then we will get to the XP issue.



1) Please download the Killbox.
Unzip it to the desktop but do NOT run it yet.

2) Then please reboot into Safe Mode by restarting your computer and pressing F8 as your computer is booting up. Then select the Safe Mode option.

3) Once in Safe Mode, please run Killbox.

4) Select "Delete on Reboot".

5) Open the text file with these instructions in it, and copy the file names below to the clipboard by highlighting them and pressing Control-C:

C:\WINDOWS\SYSTEM32\P2P Networking\MARSHAL.DLL
C:\WINDOWS\SYSTEM32\P2P Networking v123.cpl
C:\WINDOWS2\NDNuninstall6_90.exe

6) Return to Killbox, go to the File menu, and choose "Paste from Clipboard".

7) Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, click here to download and run missingfilesetup.exe. Then try TheKillbox again..

Let the system reboot.


Now, Download Luna: http://greyknight17.com/spy/luna.zip

Unzip it to your desktop. Then using windows explorer MOVE the luna.msstyles to this folder:

C:\WINDOWS\Resources\Themes\Luna

Don't move it to anywhere other than that folder! *NOTE* luna.msstyles may still be there, but it needs to be replaced with this one.

When you have moved it there, rightclick on your desktop > properties and look to see if Windows XPstyle is now present. Choose apply and OK.

If not, reboot then try to select Windows XPstyle.


How are things running?
  • 0

Advertisements


#11
gr8deadfan

gr8deadfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hi Leena,

I have run Killbox from Safe mode and that seemed to go well. I also downlaoded Luna and put it in the proper folder, replacing the one that was there. The XP "theme" (wallpaper, ect...) is available in themes, but the windows and taskbar are still only available in classic in the "Appearance" tab I rebooted twice after the Kilbox app.

Thanks

~Alan
  • 0

#12
Maiestas

Maiestas

    eh...

  • Retired Staff
  • 1,481 posts
Can you see the luna folder?
C:\WINDOWS\Resources\Themes\Luna

If so:

Go to Start - run
Type “C:” press enter
Type “cd \windows\resources\themes\luna” press enter
Type “luna.msstyles” press enter
A box will appear (display properties)
Press 'apply' and "ok"
  • 0

#13
gr8deadfan

gr8deadfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Wow!! It works now! What was the issue that caused it to disapear like that?

Thank you so much for everything yesterday and today. Please let me know how I can pay you the $20.

Thanks again,

~Alan
  • 0

#14
Maiestas

Maiestas

    eh...

  • Retired Staff
  • 1,481 posts
Excellent! No need, I do this voluntarily :tazz:
Glad to have helped.

We have a couple of last steps to perform and then you're all set.

First, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion.* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View tab.
* Under the Hidden files and folders heading UNSELECT Show hidden files and folders.
* CHECK the Hide protected operating system files (recommended) option.
* Click Yes to confirm.
* Click OK.
Next, let's clean your restore points and set a new one:

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)1. Turn off System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Restart your computer.

3. Turn ON System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.
[/list]System Restore will now be active again.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
  • SpywareBlaster to help prevent spyware from installing in the first place.
  • SpywareGuard to catch and block spyware before it can execute.
  • IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email.
You should also have a good firewall. Here are 3 free ones available for personal use:and a good antivirus (these are also free for personal use):It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit monthly. And to keep your system clean run these free malware scanners weekly, and be aware of what emails you open and websites you visit.

To learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place?

Have a safe and happy computing day!
  • 0

#15
gr8deadfan

gr8deadfan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Lenna,

I have reset the system restore and re-hidden the files.

Thank you again so much for your help and advice!!!

~Alan
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP