Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problems installing SP2

Started by jaimejd007 , Feb 14 2006 09:01 PM

  • Please log in to reply

#1
jaimejd007
Posted 14 February 2006 - 09:01 PM

jaimejd007

    Member

  • Member
  • PipPipPip
  • 112 posts
For a while now, I've been having problems with my services and other stuff. I've scanned my computer many times with Spybot: Search & Destroy and Ad-Aware SE. I've also scanned it with ewido, AVG Anti-virus and Trend Housecall's online scanner. I've cleaned/deleted all I've found. I also scanned the computer with TrojanHunter, and Spyware Doctor. I have Spyware Blaster installed. After all that, I still got problems. I installed SP2 and it wouldn't work. The Service Center wouldn't launch and it said it was because the service hadn't started. I went to my services list and tried starting it myself, no luck. So yeah...any suggestions?

----
ewido log
----
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 6:42:17 AM, 2/14/2006
+ Report-Checksum: A70F835E

+ Scan result:

:mozilla.45:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.95:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.96:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.97:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.98:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.99:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.101:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.146:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.181:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.182:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.190:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.191:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.192:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.193:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.194:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.195:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.196:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.197:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.198:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.199:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.200:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.201:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.202:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.203:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.204:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.205:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.206:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.207:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.208:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.209:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.210:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.211:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.212:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.213:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.214:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.215:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.216:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.217:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.218:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.219:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.220:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.221:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.222:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.223:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.224:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.225:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.226:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.227:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.228:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.229:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.230:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.231:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.232:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.233:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.234:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.235:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.236:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.237:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.238:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.239:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.256:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.257:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.258:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.259:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.260:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.261:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.275:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.301:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.303:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.304:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.305:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.323:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.325:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.328:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.329:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.330:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.331:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.332:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.333:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.334:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.335:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.336:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.342:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.351:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.353:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.354:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.355:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.356:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.357:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.358:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.391:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.459:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.460:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.461:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.462:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.463:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.464:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.465:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.466:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.467:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.468:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.469:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.470:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.471:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.472:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.473:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.474:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.475:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.476:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.477:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.478:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.479:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.480:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.481:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.482:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.483:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.484:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.485:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.486:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.487:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.488:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.489:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.490:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.491:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.492:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.493:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.494:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.495:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.496:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.497:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.498:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.499:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.500:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.501:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.502:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.503:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.504:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.505:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.506:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.507:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.508:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.512:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.516:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.517:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.518:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.519:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.520:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.521:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.522:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.523:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.524:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.534:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.535:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.567:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.575:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.583:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.590:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.591:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.616:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.617:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.618:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.715:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.730:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.731:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.744:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.759:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.760:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.761:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.762:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.763:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.773:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.775:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.776:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.790:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.791:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.792:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.804:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Ne : Cleaned with backup
:mozilla.809:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.825:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.826:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.827:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.828:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.829:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.874:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.878:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.928:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.942:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.943:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.944:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.945:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.69:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.127:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.128:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.129:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.146:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.220:C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup


::Report End

---
HijackThis! log
---
Logfile of HijackThis v1.99.1
Scan saved at 9:53:30 PM, on 2/14/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\SPYWAR~2\swdoctor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HoverSnap v08\HoverSnap.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\jaimejd007\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O1 - Hosts: comments (such as these) may be inserted on individual
O1 - Hosts: 202.85.164.51 www.mirkx.com
O1 - Hosts: 202.85.164.51 mirkx.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DFE3772-E638-7B9E-8155-12557EF3204D} - C:\WINDOWS\system32\tha.dll (file missing)
O2 - BHO: (no name) - {3A971BD0-F778-C5C0-0410-848EAE40A460} - (no file)
O2 - BHO: (no name) - {47AE3C28-E416-59CC-DB56-6C550FA0266E} - C:\WINDOWS\System32\ses.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Spyware Doctor] C:\PROGRA~1\SPYWAR~2\swdoctor.exe /Q
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: HoverSnap.lnk = C:\Program Files\HoverSnap v08\HoverSnap.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O15 - Trusted Zone: www.myspace.com
O15 - Trusted Zone: *.myspace.com
O15 - Trusted Zone: http://*.myspace.com
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1129084557421
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DC8C0AE-7C1E-4263-9EFE-8F9DE52348F5}: NameServer = 65.32.5.74,65.32.5.76
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:/MySQL/bin/mysqld-nt.exe (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
--------------------------

Thanks in advance,
-jaimejd007
  • 0

Advertisements

#2
didom
Posted 16 February 2006 - 07:55 AM

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order in which they are mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.

Step #1

Scan again with HijackThis and check the following items:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: comments (such as these) may be inserted on individual
O1 - Hosts: 202.85.164.51 www.mirkx.com
O1 - Hosts: 202.85.164.51 mirkx.com

O2 - BHO: (no name) - {1DFE3772-E638-7B9E-8155-12557EF3204D} - C:\WINDOWS\system32\tha.dll (file missing)
O2 - BHO: (no name) - {3A971BD0-F778-C5C0-0410-848EAE40A460} - (no file)
O2 - BHO: (no name) - {47AE3C28-E416-59CC-DB56-6C550FA0266E} - C:\WINDOWS\System32\ses.dll (file missing)

O15 - Trusted Zone: www.myspace.com
O15 - Trusted Zone: *.myspace.com
O15 - Trusted Zone: http://*.myspace.com
After checking these items, close all browser windows except HijackThis and click "Fix checked".

Then reboot your computer.

Step #2

Download The Hoster
  • Unzip hoster to an own folder (C:\Hoster)
  • Start Hoster.exe
  • Click 'Restore Original Hosts' and click OK.
  • Close the program.
Step #3

Download: DelDomains.inf
  • Locate DelDomains.inf
  • Right-click and select "Install"
Step #4

Please go HERE to run Panda's ActiveScan
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report
Start HijackThis, perform a new scan and save the log file.

Use the Add Reply button to post your new logs back here along with details of any problems you encountered performing the above steps and I will review it when it comes in.

-----------------------

Does these IP's belong to your ISP/company:

O17 - HKLM\System\CCS\Services\Tcpip\..\{4DC8C0AE-7C1E-4263-9EFE-8F9DE52348F5}: NameServer = 65.32.5.74,65.32.5.76

?
  • 0

#3
jaimejd007
Posted 17 February 2006 - 05:47 AM

jaimejd007

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Incident Status Location

Spyware:spyware/betterinet Not disinfected C:\WINDOWS\INF\biini.inf
Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CLASSES_ROOT\CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239}
Potentially unwanted tool:application/myway Not disinfected HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\jaimejd007\Cookies\[email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\jaimejd007\Cookies\[email protected][2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\jaimejd007\Cookies\jaimejd007@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\jaimejd007\Cookies\[email protected][1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\jaimejd007\Cookies\jaimejd007@realmedia[2].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\cookies.txt[.bravenet.com/]
Spyware:Cookie/360i Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\cookies.txt[.ct.360i.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.com.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.casalemedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.realmedia.com/]
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.ask.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.xiti.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.belnk.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.bravenet.com/]
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.did-it.com/]
Spyware:Cookie/go Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.go.com/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.maxserving.com/]
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.target.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.terra.com.br/]
Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[.webpower.com/]
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[landing.domainsponsor.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[searchportal.information.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Firefox\Profiles\default.4ts\cookies.txt[]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\cookies.txt[]
Virus:W32/Netsky.P.worm Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\Mail\mail.getsuei-anime.com\Inbox[document.txt .exe]
Virus:W32/Netsky.Z.worm Not disinfected C:\Documents and Settings\jaimejd007\Application Data\Mozilla\Profiles\Default User\vjgopyol.slt\Mail\mail.getsuei-anime.com\Inbox[Notice.txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\jaimejd007\Cookies\[email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\jaimejd007\Cookies\[email protected][2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\jaimejd007\Cookies\jaimejd007@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\jaimejd007\Cookies\[email protected][1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\jaimejd007\Cookies\jaimejd007@realmedia[2].txt
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\INF\biini.inf
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\SYSTEM32\??chost.exe
Spyware:Spyware/Bridge Not disinfected C:\WINDOWS\tmpdata.reg
------------
Logfile of HijackThis v1.99.1
Scan saved at 6:45:23 AM, on 2/17/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HoverSnap v08\HoverSnap.exe
C:\PROGRA~1\SPYWAR~2\swdoctor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jaimejd007\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Spyware Doctor] C:\PROGRA~1\SPYWAR~2\swdoctor.exe /Q
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: HoverSnap.lnk = C:\Program Files\HoverSnap v08\HoverSnap.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1129084557421
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DC8C0AE-7C1E-4263-9EFE-8F9DE52348F5}: NameServer = 65.32.5.74,65.32.5.76
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:/MySQL/bin/mysqld-nt.exe (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe


I don't know if this is relevant in any way but, just so you know, I added the Mirkx entry to my HOSTS file, and I was the one who added MySpace.com to my trusted sites list. I removed those entries with HijackThis! like you told me anyways, I just thought you should know that I was the one who added them.
-jaimejd007
  • 0

#4
didom
Posted 18 February 2006 - 04:09 AM

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order in which they are mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.

Step #1

Please download Spybot Search & Destroy and AdAware.

Follow all the instructions on this website to run a scan with both of these softwares.

Step #2

We need to make sure all hidden files are showing so please:
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View tab.
  • Under the Hidden files and folders heading select Show hidden files and folders.
  • Uncheck the Hide file extensions for known types option.
  • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.
Step #3

Reboot Your System in Safe Mode:
  • Restart the computer.
  • As soon as BIOS is loaded begin tapping the F8 key until the Advanced Options menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Step #4

Find and delete these files and folders (if they are still there):
C:\WINDOWS\INF\biini.inf
C:\WINDOWS\INF\biini.inf
C:\WINDOWS\tmpdata.reg


Reboot your computer normally.

Step #5

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Step #6

Please go HERE to run Panda's ActiveScan
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report
Start HijackThis, perform a new scan and save the log file.

Use the Add Reply button to post your new logs back here along with details of any problems you encountered performing the above steps and I will review it when it comes in.
  • 0

#5
jaimejd007
Posted 18 February 2006 - 02:32 PM

jaimejd007

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Logfile of HijackThis v1.99.1
Scan saved at 3:27:21 PM, on 2/18/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\HoverSnap v08\HoverSnap.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\jaimejd007\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: HoverSnap.lnk = C:\Program Files\HoverSnap v08\HoverSnap.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1129084557421
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DC8C0AE-7C1E-4263-9EFE-8F9DE52348F5}: NameServer = 65.32.5.74,65.32.5.76
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:/MySQL/bin/mysqld-nt.exe (file missing)
--------------

So, after this...can I install SP2? Or not yet? Also, about the last post you made asking me if some of the IPs you listed were my ISP's IPs, how do I check that? Also, I don't know if this helps in any way, but I tried installing MySQL on my computer a while back just to experiment with databases and stuff, but I uninstalled it. I say this because I see entry O23 - Service: MySql - Unknown owner - C:/MySQL/bin/mysqld-nt.exe (file missing) in the HijackThis! log. So yeah, do you think I should remove that?

**Panda's ActiveScan log included as attachment.**

Thanks again,
-jaimejd007

Attached Files


  • 0

#6
jaimejd007
Posted 19 February 2006 - 12:05 AM

jaimejd007

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Oh and BTW, I have to HDDs, right? Well, when I installed the 2nd HDD (this was a while back), I pinned a shortcut of it to my Start Menu. I don't need that anymore so I trying to unpin it by right-clicking on it and hitting "Remove from this list" but that doesn't work. Any suggestions?

**Attached is a screenshot of what I'm talking about**

-jaimejd007

Attached Thumbnails

  • shot2_19_2006_1.05.39_AM.jpg

Edited by jaimejd007, 23 February 2006 - 10:50 PM.

  • 0

#7
didom
Posted 19 February 2006 - 04:40 AM

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
Please wait with installing SP-2 untill you are clean! You have to run another malware scan to remove the rest!

This is the "WHOIS information" about the IP

OrgName: Road Runner
OrgID: RRSW
Address: 13241 Woodland Park Road
City: Herndon
StateProv: VA
PostalCode: 20171
Country: US

Looks that familiar?

I don't need that anymore so I trying to unpin it by right-clicking on it and hitting "Remove from this list" but that doesn't work. Any suggestions?

Try going to this folder and delete the shortcut from there: C:\Documents and Settings\your username\Start Menu.

-----------------

Please follow the instructions provided, you may want to print out these instructions and use them as a reference.

Scan again with HijackThis and check the following items:
O23 - Service: MySql - Unknown owner - C:/MySQL/bin/mysqld-nt.exe (file missing)
After checking these items, close all browser windows except HijackThis and click "Fix checked".

Please open Ad-Aware SE.
Click on the‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware. Then close Ad-Aware.

Please download ewido anti-malware it is a free version of the program.
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Launch ewido, there should be an icon on your desktop, double-click it.
  • The program will now open to the main screen.
  • When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  • The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

Once the updates are installed do the following:

Reboot into Safe Mode, you can do this by restarting your computer, then contiunally tapping F8 until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.

Open Ad-aware and do a full scan. Remove all it finds.

Run Ewido:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido security suite.

Reboot into normal mode.

Then, please run this online virus scan: Panda ActiveScan

Save the scan log and post it along with a new HijackThis Log and the Ewido log in your next reply.
  • 0

#8
jaimejd007
Posted 19 February 2006 - 01:19 PM

jaimejd007

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Yes, Road Runner is my ISP. So yes, I recognize those IPs. Thanks for the WHOIS info, that helped. Oh and I tried the going to C:\Documents and Settings\your username\Start Menu thing, but it didn't work. I guess you didn't understand what I'm trying to remove. Look @ the screenshot, I'm trying to remove the pinned entry called "250GB HDD (D:)".

**I attached the logs for organization and convenience**

Thanks again for all your help,
-jaimejd007

Attached Files


Edited by jaimejd007, 23 February 2006 - 10:51 PM.

  • 0

#9
didom
Posted 19 February 2006 - 01:40 PM

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
I'm looking for a solution for your shortcut problem!

Please run Notepad and paste the following text into a new file:

REGEDIT4

[-HKEY_CLASSES_ROOT\CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239}]

[-HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}]

Save the file to the desktop as fix.reg and make sure the "Save as Type" field says "All Files".
This is how the reg file must look afterwards: Posted Image

Then please go to the desktop and double-click on fix.reg, and click Yes to merge it with the registry.

Then reboot your computer.

We need to make sure all hidden files are showing so please:
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View tab.
  • Under the Hidden files and folders heading select Show hidden files and folders.
  • Uncheck the Hide file extensions for known types option.
  • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.
Reboot Your System in Safe Mode:
  • Restart the computer.
  • As soon as BIOS is loaded begin tapping the F8 key until the Advanced Options menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Find and delete these files and folders (if they are still there):
C:\WINDOWS\SYSTEM32\??chost.exe <= this one has two strange looking things in the name! Make sure you DON'T delete svchost.exe!

Reboot your computer normally.

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Reboot your computer again.

Please go HERE to run Panda's ActiveScan
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report
Start HijackThis, perform a new scan and save the log file.

Use the Add Reply button to post your new logs back here along with details of any problems you encountered performing the above steps and I will review it when it comes in.
  • 0

#10
didom
Posted 19 February 2006 - 03:59 PM

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
Addition:

Oh and I tried the going to C:\Documents and Settings\your username\Start Menu thing, but it didn't work. I guess you didn't understand what I'm trying to remove. Look @ the screenshot, I'm trying to remove the pinned entry called "250GB HDD (D:)".

Go to this folder:

C:\Documents and Settings\Your Username\Application Data\Microsoft\Internet Explorer\Quick Launch

There you'll see the "250GB HDD (D:)" icon. Try to delete it from there!
  • 0

Advertisements

#11
jaimejd007
Posted 19 February 2006 - 11:15 PM

jaimejd007

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts

Addition:

Go to this folder:

C:\Documents and Settings\Your Username\Application Data\Microsoft\Internet Explorer\Quick Launch

There you'll see the "250GB HDD (D:)" icon. Try to delete it from there!


It's not there either. That's where my Quicklaunch icons are. Here, take a look at this screenshot.

-jaimejd007

Attached Thumbnails

  • shot2_20_2006_12.14.10_AM.jpg

Edited by jaimejd007, 23 February 2006 - 10:51 PM.

  • 0

#12
didom
Posted 20 February 2006 - 05:50 AM

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
Mm... :tazz:

Please first follow the instructions provided here: http://www.geekstogo...ndpost&p=571053

I'll see if I can find a solution!
  • 0

#13
jaimejd007
Posted 20 February 2006 - 09:42 AM

jaimejd007

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
I merged that entry you gave me to my registry as a .reg file. Then I made my hidden files show and I restarted my computer in Safe Mode. I found two svchost.exe files. But I'm sure one of them is a virus. Why? Because when I make Windows sort the files by name, the hidden svchost.exe file stays at the end of the list. Also, it's like the only file that's hidden. And it doesn't have any info on it. Like the other svchost.exe file is smaller, has some info about Microsoft Corp. and it's not hidden. Also, when I try to open that weird svchost.exe file in EditPlus, it gives me an error and then it tells me the file name of the file is ??chost.exe. So yeah, I'm pretty sure that's the file you want me to delete. But I don't want to mess anything up so I took a screenshot of both files. Let me know which one I need to delete, okay?

-jaimejd007

Attached Thumbnails

  • shot2_20_2006_10.26.55_AM.jpg
  • shot2_20_2006_10.27.05_AM.jpg

Edited by jaimejd007, 23 February 2006 - 10:51 PM.

  • 0

#14
didom
Posted 20 February 2006 - 11:56 AM

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts

Also, when I try to open that weird svchost.exe file in EditPlus, it gives me an error and then it tells me the file name of the file is ??chost.exe. So yeah, I'm pretty sure that's the file you want me to delete. But I don't want to mess anything up so I took a screenshot of both files.

You're right! You can delete that svchost.exe!
  • 0

#15
jaimejd007
Posted 20 February 2006 - 12:57 PM

jaimejd007

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Alright, I deleted the evil svchost.exe file. But hey, the link for the ATF Cleaner program is not working. Got an alternate link?

-jaimejd007

Edited by jaimejd007, 23 February 2006 - 10:51 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP