Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Spyware/trojan_crypt.T [RESOLVED]

Started by rp07 , Oct 13 2006 06:30 PM

  • This topic is locked This topic is locked

#1
rp07
Posted 13 October 2006 - 06:30 PM

rp07

    Member

  • Member
  • PipPip
  • 19 posts
Hi

My email a/c was recently hacked and some messages were sent as offliners from my messenger.Although I have an updated Norton Internet security installed in my computer it did not detect any viruses.
After the hacking incident I ran a check using Spydoctor, which came up with 850 infections.From 850 I have been able to bring it down to 177.but cant remove all.
I stumbled on your website and I have gone through all the steps given.
Please find the logs pasted below:-
Active scan results-

Incident Status Location

Adware:adware/cws Not disinfected C:\Documents and Settings\Compaq_Owner\Favorites\Technology
Adware:adware/dyfuca Not disinfected Windows Registry
Adware:adware/ncase Not disinfected Windows Registry
Adware:adware/ist.sidefind Not disinfected Windows Registry
Adware:adware/ist.yoursitebar Not disinfected Windows Registry
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.overture.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.perf.overture.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.phg.hitbox.com/]
Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.qksrv.net/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.revenue.net/]
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.rightmedia.net/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.searchportal.information.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.server.iad.liveperson.net/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.sexlist.com/]
Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.spylog.com/]
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.stat.onestat.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.stats1.reliablestats.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S0012-00-12-29-163158-46045]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S005-01-5-9-246403-73932]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S009-00-11-15-163158-36565]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S109826]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S117962]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S117963]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S123580]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S140286]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S142201]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S144556]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S147336]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S147759]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S150711]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S152518]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S152600]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S153949]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S154950]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.statse.webtrendslive.com/S155198]
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.targetnet.com/]
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.tickle.com/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.toplist.cz/]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.valueclick.com/]
Spyware:Cookie/Versiontracker Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.versiontracker.com/]
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.winfixer.com/]
Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.www.advnt01.com/]
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.www.myaffiliateprogram.com/]
Spyware:Cookie/web-stat Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.www.web-stat.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.z1.adserver.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt[.zedo.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\Cookies\compaq_owner@atdmt[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\Cookies\compaq_owner@casalemedia[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\Cookies\[email protected][2].txt
Potentially unwanted tool:Application/Pskill.A Not disinfected C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\pskill.exe
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/Pskill.A Not disinfected C:\WINDOWS\Motive\btbb\pskill.exe
HIJACK THIS LOG
Logfile of HijackThis v1.99.1
Scan saved at 01:13:59, on 14/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\pchbutton.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Documents and Settings\Compaq_Owner\Desktop\New Folder\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.iol.ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rediffmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.iol.ie
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.surething...amp;base=labels
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [7m4x] C:\WINDOWS\sbpdbjod.exe
O4 - HKLM\..\Run: [Gqswp] C:\Program Files\Zbzd\Eywhguf.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [pFrT3tQ] audngine.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\BROADB~1\SMARTB~1\BTHelpNotifier.exe
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [Yo03Rjcth] atmtmgr.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = C:\Program Files\BT Broadband Desktop Help\bin\matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Rediff Bol 7.0.lnk = C:\Program Files\Rediff Bol\RediffMessenger.exe
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O15 - Trusted Zone: www.naukri.com
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h20278.www2....DataManager.CAB
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivil...ve/makeover.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1160783544562
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgall..._1/axofupld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BADA82CB-BF48-4D76-9611-78E2C6F49F03} (BolDownloader Control) - http://in.rediff.com/newbol/Bol.CAB
O16 - DPF: {C8D77494-007F-4BD0-9B44-0C605B2C1A04} (RdHinIocCtrl Class) - http://immail.rediff...eX/rdhinioc.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - http://www.symantec....rl/SymAData.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

uninstall list

Adobe Acrobat 5.0
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.8
Agere Systems PCI Soft Modem
ATI Control Panel
ATI Display Driver
BT Broadband Desktop Help
BT Voyager 105 ADSL Modem
CC_ccProxyExt
ccCommon
ccPxyCore
First Step Guide
GdiplusUpgrade
Google Earth
Google Toolbar for Internet Explorer
HanDBase® for Pocket PC Plus v3.0
HanDBase® for Pocket PC v3.0
HanDBase® for Pocket PC v3.0
Help and Support Additions
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Imaging Device Functions 5.3
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
ImageMixer VCD2
InterVideo DiscLabel
InterVideo WinDVD Creator
InterVideo WinDVD Player
iPAQ WebReg
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
KBD
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Macromedia Flash Player
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft ActiveSync 3.7
Microsoft Office 2000 Standard
Microsoft Outlook 2002
Microsoft Word 2002
Microsoft Works
MSRedist
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus 2005
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2005 (Symantec Corporation)
Norton Security Center
Norton WMI Update
Norton WMI Update
Ofoto Easy Upload ActiveX Control
OLYMPUS CAMEDIA Master 4.2
Panda ActiveScan
PC-Doctor for Windows
Picture Package
PS2
Python 2.2 combined Win32 extensions
Python 2.2.1
QuickTime
RCA PC Logbook 6
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
SiS VGA Utilities
Sonic Express Labeler
Sonic RecordNow!
Sony USB Driver
SPBBC
Spybot - Search & Destroy 1.4
Spyware Doctor 4.0
Symantec Script Blocking Installer
SymNet
TypingMaster Pro
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Wanadoo Search Toolbar
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Yahoo! extras
Yahoo! Messenger with BT Communicator
Yahoo! Toolbar

Hope you will help me in rescuing my computer from these deadly viruses/trojans/spyware...etc.

Thanking you in anticipation
Recha

Edited by rp07, 14 October 2006 - 03:24 AM.

  • 0

Advertisements

#2
Mr_JAk3
Posted 15 October 2006 - 01:06 PM

Mr_JAk3

    Visiting Staff

  • Member
  • PipPip
  • 95 posts
Hi rp07 and welcome to GeeksToGo :blink:
You got infections there...

Please download F-Secure Blacklight and save it to your desktop

Doubleclick blbeta.exe, accept the agreement, click Scan, then click Next

You'll see a list what have been found. A log will appear to your desktop, it is named fsbl.xxxxxxx.log (xxxxxxx will be random numbers).

DON'T choose Rename if something was found!

Post the contents of fsbl.xxxx.log to here (blacklight log from your desktop) :whistling:
  • 0

#3
rp07
Posted 15 October 2006 - 04:40 PM

rp07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi Ya :help:

By this time I have run some more scans which have pretty much taken care of most things.F-secure didnt come up with anything.
Adware came up with some and got rid of them.

But Sypware Doctor still shows 177 infections??? :blink:
can you please shed some light on this.

Also...I have an updated version of Norton Anti Virus running, how come it wasnt able to detect anything?

This is the fsbl log I got......

10/15/06 23:27:57 [Info]: BlackLight Engine 1.0.47 initialized
10/15/06 23:27:57 [Info]: OS: 5.1 build 2600 (Service Pack 2)
10/15/06 23:27:57 [Note]: 7019 4
10/15/06 23:27:57 [Note]: 7005 0
10/15/06 23:27:59 [Note]: 7006 0
10/15/06 23:27:59 [Note]: 7011 1264
10/15/06 23:27:59 [Note]: 7026 0
10/15/06 23:27:59 [Note]: 7026 0
10/15/06 23:28:11 [Note]: FSRAW library version 1.7.1020
10/15/06 23:34:40 [Note]: 2000 1012
10/15/06 23:36:33 [Note]: 7007 0

Thanks for your help :whistling:
Its highly appreciated.
  • 0

#4
Mr_JAk3
Posted 15 October 2006 - 11:57 PM

Mr_JAk3

    Visiting Staff

  • Member
  • PipPip
  • 95 posts
Hi again, we'll continue :whistling:
You still need cleaning so that is why SpywareDoctor shows infections...

You should print these instructions or save these to a text file. Follow these instructions carefully.

Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
http://www.ewido.net/en/download/
  • Install AVG Anti-Spyware by double clicking the installer.
  • Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
  • On the main screen under Your Computer's security.
    • Click on Change state next to Resident shield. It should now change to inactive.
    • Click on Change state next to Automatic updates. It should now change to inactive.
    • Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
    • Wait until you see the Update succesfull message.
  • Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
  • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
If you are having problems with the updater, you can use this link to manually update ewido.
AVG Anti-Spyware manual updates.
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.

Download ATF Cleaner by Atribune to your desktop.
Do NOT run yet.

Disable SpywareDoctor's realtime protection.
  • Open Spyware Doctor
  • Click the "OnGuard" button on the left side.
  • Uncheck "Activate OnGuard".
  • Exit the program.
Then, make your hidden files visible:
  • Go to My Computer
  • Select the Tools menu and click Folder Options
  • Click the View tab.
  • Checkmark the "Display the contents of system folders"
  • Under the Hidden files and folders select "Show hidden files and folders"
  • Uncheck "Hide protected operating system files"
  • Click Apply and then the OK and close My Computer.
==================

Run HijackThis, click Do a system scan only, and check the box next to each of these entries if still present. Close all other windows and press Fix checked. If something isn't there, please continue with the next entry in the list. (Fix the blue entry too if you haven't added it to the trusted zone)

R3 - Default URLSearchHook is missing
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll (file missing)
O4 - HKLM\..\Run: [7m4x] C:\WINDOWS\sbpdbjod.exe
O4 - HKLM\..\Run: [Gqswp] C:\Program Files\Zbzd\Eywhguf.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [pFrT3tQ] audngine.exe
O4 - HKCU\..\Run: [Yo03Rjcth] atmtmgr.exe
O15 - Trusted Zone: www.naukri.com
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab

Restart your computer to the safe mode:
  • Restart your computer
  • Start tapping the F8 key when the computer restarts.
  • When the start menu opens, choose Safe mode
  • Press Enter. The computer then begins to start in Safe mode.
Go to the My Computer and delete the following files (if present):
C:\WINDOWS\sbpdbjod.exe

Go to the My Computer and delete the following folders (if present):
C:\Program Files\Zbzd

Use the Windows search
  • Start
  • Search
  • All files and folders
  • More advanced options
Checkmark these options:
  • "Search system folders"
  • "Search hidden files and folders"
  • "Search subfolders"
  • Search for this and delete if found: audngine.exe
  • Search for this and delete if found: atmtmgr.exe
Run ATF Cleaner Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.
  • Click on Scanner on the toolbar.
  • Click on the Settings tab.
    • Under How to act?
      • Click on Recommended Action and choose Quarantine from the popup menu.
    • Under How to scan?
      • All checkboxes should be ticked.
    • Under Possibly unwanted software:
      • All checkboxes should be ticked.
    • Under Reports:
      • Select Automatically generate report after every scan and uncheck Only if threats were found.
    • Under What to scan?
      • Select Scan every file.
  • Click on the Scan tab.
  • Click on Complete System Scan to start the scan process.
  • Let the program scan the machine.
  • When the scan has finished, follow the instructions below.
    IMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
    • Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
    • At the bottom of the window click on the Apply all Actions button. (3)
      Posted Image
  • When done, click the Save Scan Report button. (4)
    • Click the Save Report as button.
    • Save the report to your Desktop.
  • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
Reboot in Normal Mode.

================

When you're ready, post the following logs to here:
- AVG's report
- a fresh HijackThis log
  • 0

#5
rp07
Posted 16 October 2006 - 03:22 AM

rp07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi

Just a quick question before I start, I downloaded AVG but it would let me run it as I already have an updated version of Norton Anti Virus.
AVG wouldnt run untill I uninstall Norton Anti Virus.
Is there a way around it?
Cheers
Recha
  • 0

#6
Mr_JAk3
Posted 16 October 2006 - 07:48 AM

Mr_JAk3

    Visiting Staff

  • Member
  • PipPip
  • 95 posts
Hi again rp07.

The program that I need you to install is AVG Anti-Spyware, NOT AVG Anti-Virus.

Are you sure that you downloaded and tried to install AVG Anti-Spyware ? It should not have any conflicts with Norton.

I think that you tried to install AVG Anti-Virus. This would explain why got the warning.

Please try again and make sure that you download and install the Anti-Spyware from the following link ->
AVG Anti-Spyware

Then continue following my instructions :whistling:
  • 0

#7
rp07
Posted 16 October 2006 - 02:23 PM

rp07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi

I have done as told, I was doing pretty well..........untill the last step. :blink: Guess I have messed up a bit.

Towards the end in the AVG spyware,instead of quarantine I clicked on delete. :help:

I am hoping the damage is irreversible and I havent messed up big time :)

Please find the logs pasted below:-
AVG

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 21:05:22 16/10/2006

+ Scan result:



:mozilla.324:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.142:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.993:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.994:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.59:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.151:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.172:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.750:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.220:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.221:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.222:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.223:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.224:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.225:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.226:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.46:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.47:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.54:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.78:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.80:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.81:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.82:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.83:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.463:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.464:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.250:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.251:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.252:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.253:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.254:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.115:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.116:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.117:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.118:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.119:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.120:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.121:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.122:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.123:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.177:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.178:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.179:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.180:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.183:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.184:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.185:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.186:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.187:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.188:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.11:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.12:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.13:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.14:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.15:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.16:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.413:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.414:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.415:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.218:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.227:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.228:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.229:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.230:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.231:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.232:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.233:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.234:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.235:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.236:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.237:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.238:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.239:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.240:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.241:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.242:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.243:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.244:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.245:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.246:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.310:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.360:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.361:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.362:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.363:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.364:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.365:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.384:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.429:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.430:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.431:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.432:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.433:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.173:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.174:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.175:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.176:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.466:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.467:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.468:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.469:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.470:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.471:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.472:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.473:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.474:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.956:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.957:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.958:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.959:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.960:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.961:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.962:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.963:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.258:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.259:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.260:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.261:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.262:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.263:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.264:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.265:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.266:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.267:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.268:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.269:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.270:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.271:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.272:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.273:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.274:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.275:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.276:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.996:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\694n8ltt.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{37140189-68D5-4F78-8B0D-62A7FA0524E0}\RP500\A0048462.dll -> Trojan.Crypt.t : Cleaned.
C:\System Volume Information\_restore{37140189-68D5-4F78-8B0D-62A7FA0524E0}\RP500\A0048464.dll -> Trojan.Crypt.t : Cleaned.
C:\System Volume Information\_restore{37140189-68D5-4F78-8B0D-62A7FA0524E0}\RP500\A0048465.exe -> Trojan.Crypt.t : Cleaned.
C:\System Volume Information\_restore{37140189-68D5-4F78-8B0D-62A7FA0524E0}\RP500\A0048466.dll -> Trojan.Crypt.t : Cleaned.


::Report end

Fresh HijackThis
Logfile of HijackThis v1.99.1
Scan saved at 21:12:44, on 16/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\pchbutton.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\BT Broadband Desktop Help\bin\BTHelp.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\Motive\Common\MOTIVE~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Compaq_Owner\Desktop\New Folder\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.iol.ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rediffmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.iol.ie
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.surething...amp;base=labels
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\BROADB~1\SMARTB~1\BTHelpNotifier.exe
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\HPQ\XPXWWPP5\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = C:\Program Files\BT Broadband Desktop Help\bin\matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Rediff Bol 7.0.lnk = C:\Program Files\Rediff Bol\RediffMessenger.exe
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h20278.www2....DataManager.CAB
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivil...ve/makeover.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1160783544562
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BADA82CB-BF48-4D76-9611-78E2C6F49F03} (BolDownloader Control) - http://in.rediff.com/newbol/Bol.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C8D77494-007F-4BD0-9B44-0C605B2C1A04} (RdHinIocCtrl Class) - http://immail.rediff...eX/rdhinioc.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - http://www.symantec....rl/SymAData.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

:whistling: Hope you will come back with some good news!

Cheers
Recha
  • 0

#8
Mr_JAk3
Posted 17 October 2006 - 12:10 AM

Mr_JAk3

    Visiting Staff

  • Member
  • PipPip
  • 95 posts
Hi again, it is looking clean now :blink:
You didn't mess up, the computer is running fine ?

Now you can enable SpywareDoctor protection again.
  • Open Spyware Doctor
  • Click the "OnGuard" button on the left side.
  • Check "Activate OnGuard".
  • Exit the program.
Then you should update your Java to the latest version (5.0 update 9)
  • Start
  • Control Panel
  • Add/Remove Programs
  • Delete the old Java, Java 2 Runtime Environment, SE v1.4.2_03
  • Then we'll get the latest version of Java -> LINK
  • Scroll down to Java Runtime Environment (JRE) 5.0 Update 9
  • Download & install it
Now you can make your hidden files hidden again.
  • Go to My Computer
  • Select the Tools menu and click Folder Options
  • Click the View tab.
  • Checkmark the "Display the contents of system folders"
  • Under the Hidden files and folders select "Show hidden files and folders"
  • Check "Hide protected operating system files"
  • Click Apply and then the OK and close My Computer.
=============

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
  • Clear your system restore
    This will clear the system restore folders from possible malware that was left behind during the cleaning process.
  • Use ATF Cleaner
    Download and install ATF Cleaner. Clean your temporary files & folders with it regularly.
  • Use Ad-Aware
    Download and install Ad-Aware. Update it and scan your computer regularly with it.
  • Use AVG Anti-Spyware
    Update it and scan your computer regularly with it.
  • Use Spybot S&D
    Download and install Spybot S&D. Update it and scan your computer regularly with it.
  • Install SpywareBlaster
    SpywareBlaster will prevent spyware from being installed.
  • Install MVPS Hosts file
    This prevents your computer from connecting to harmful sites.
  • Use Firefox browser
    Firefox is faster, safer and better browser than Internet Explorer.
  • Keep your systen up-to-date
    Visit Windows Update regularly.
  • Keep your antivirus and firewall up-to-date
    Scan your computer regularly with your antivirus.
  • Read this article by TonyKlein
    So how did I get infected in the first place?
  • Stand Up and Be Counted !
    The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.
Stay clean and be safe :whistling:
  • 0

#9
rp07
Posted 17 October 2006 - 01:45 AM

rp07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
:whistling: Brilliant!!!!!!!!

Although my comp is running unbearably slow and spyware still shows infections :help:

Please Help :blink:

Cheers
Recha
  • 0

#10
Mr_JAk3
Posted 17 October 2006 - 03:53 AM

Mr_JAk3

    Visiting Staff

  • Member
  • PipPip
  • 95 posts

spyware still shows infections :whistling:

Hi again, I assume that you refer to SpywareDoctor ?

Could you please post the SpywareDoctor log to here ?
  • 0

Advertisements

#11
rp07
Posted 17 October 2006 - 03:12 PM

rp07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hiya :help:

Please find the Spyware Doctor log pasted.......53 infections still :blink:
Spyware Doctor Activity Report
Generated on 17/10/2006 19:51:24 Spyware Doctor Homepage PC Tools Homepage Technical Support


Scans (basic information only):

Scan Results:
scan start: 17/10/2006 19:52:24
scan stop: 17/10/2006 20:00:15
scanned items: 87904
found items: 53
found and ignored: 0
tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner



Infection Name Location Risk
Tracking Cookie(s) C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@123count[2].txt Low
Tracking Cookie(s) C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@atdmt[2].txt Low
Known Bad Sites cookies.txt - Line #16 High
Tracking Cookie(s) cookies.txt - Line #168 Low
Tracking Cookie(s) cookies.txt - Line #169 Low
Tracking Cookie(s) cookies.txt - Line #254 Low
Tracking Cookie(s) cookies.txt - Line #255 Low
Tracking Cookie(s) cookies.txt - Line #256 Low
Tracking Cookie(s) cookies.txt - Line #291 Low
Tracking Cookie(s) cookies.txt - Line #292 Low
Tracking Cookie(s) cookies.txt - Line #293 Low
Tracking Cookie(s) cookies.txt - Line #294 Low
Tracking Cookie(s) cookies.txt - Line #295 Low
Tracking Cookie(s) cookies.txt - Line #318 Low
Tracking Cookie(s) cookies.txt - Line #319 Low
Tracking Cookie(s) cookies.txt - Line #320 Low
Tracking Cookie(s) cookies.txt - Line #321 Low
Tracking Cookie(s) cookies.txt - Line #322 Low
Tracking Cookie(s) cookies.txt - Line #327 Low
Tracking Cookie(s) cookies.txt - Line #377 Low
Tracking Cookie(s) cookies.txt - Line #378 Low
Tracking Cookie(s) cookies.txt - Line #440 Low
Tracking Cookie(s) cookies.txt - Line #441 Low
WinFixer cookies.txt - Line #485 Elevated
WinFixer cookies.txt - Line #486 Elevated
Tracking Cookie(s) cookies.txt - Line #505 Low
Tracking Cookie(s) cookies.txt - Line #506 Low
Known Bad Sites cookies.txt - Line #52 High
7AdPower cookies.txt - Line #522 High
Tracking Cookie(s) cookies.txt - Line #611 Low
Tracking Cookie(s) cookies.txt - Line #612 Low
Tracking Cookie(s) cookies.txt - Line #71 Low
Tracking Cookie(s) cookies.txt - Line #72 Low
Affiliated with Browser Hijackers cookies.txt - Line #747 Elevated
Tracking Cookie(s) cookies.txt - Line #848 Low
Tracking Cookie(s) cookies.txt - Line #849 Low
Tracking Cookie(s) cookies.txt - Line #86 Low
Tracking Cookie(s) cookies.txt - Line #87 Low
Tracking Cookie(s) cookies.txt - Line #88 Low
Tracking Cookie(s) cookies.txt - Line #89 Low
Tracking Cookie(s) cookies.txt - Line #930 Low
Tracking Cookie(s) cookies.txt - Line #940 Low
Tracking Cookie(s) cookies.txt - Line #941 Low
Tracking Cookie(s) cookies.txt - Line #942 Low
Tracking Cookie(s) cookies.txt - Line #971 Low
Tracking Cookie(s) cookies.txt - Line #979 Low
Tracking Cookie(s) cookies.txt - Line #994 Low
AproposMedia HKCR\CurVer Medium
AproposMedia HKCR\CurVer## Medium
InternetOptimizer HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Optimizer High
InternetOptimizer HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Optimizer## High
InternetOptimizer HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Optimizer##Changed High
InternetOptimizer HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Optimizer##SlowInfoCache High


Other Sections:



:whistling:
Recha
  • 0

#12
Mr_JAk3
Posted 18 October 2006 - 02:15 AM

Mr_JAk3

    Visiting Staff

  • Member
  • PipPip
  • 95 posts
Hi again, good news :blink:

Those "infections" are just a few leftover registry entries and cookies.

We'll clean the leftovers:

Open Notepad (NOT WORDPAD!) and copy the following lines from the quote box below into a new document, leaving a blank line at the end. (don't forget to copy and paste the word REGEDIT4) :

REGEDIT4

[-HKEY_CURRENT_USER\CurVer]

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Optimizer]


Make sure there are NO blank lines before REGEDIT4
Make sure there IS one blank line at the end of the file.

Save the document to your desktop as Fix.reg and filetype: All Files
Go to your desktop and double click on the file to run Fix.reg and when it asks you if you want to merge the contents to the registry, click yes/ok.

Then you can clean the cookies by cleaning the FireFox cache and cookie folder.

You can do it easily with ATF Cleaner :

Run ATF Cleaner Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Otherwise it is looking good :whistling:
  • 0

#13
rp07
Posted 19 October 2006 - 12:15 PM

rp07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi :help:


Did as directed..!

this is the latest log....thus spyware doctor loves me to bits i guess! :blink:

Latest Log

Infection Name Location Risk
Tracking Cookie(s) C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@atdmt[1].txt Low
Advertising C:\Documents and Settings\Compaq_Owner\Cookies\[email protected][1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@zedo[1].txt Low
Known Bad Sites cookies.txt - Line #16 Low
Tracking Cookie(s) cookies.txt - Line #168 Low
Tracking Cookie(s) cookies.txt - Line #169 Low
Tracking Cookie(s) cookies.txt - Line #254 Low
Tracking Cookie(s) cookies.txt - Line #255 Low
Tracking Cookie(s) cookies.txt - Line #256 Low
Tracking Cookie(s) cookies.txt - Line #291 Low
Tracking Cookie(s) cookies.txt - Line #292 Low
Tracking Cookie(s) cookies.txt - Line #293 Low
Tracking Cookie(s) cookies.txt - Line #294 Low
Tracking Cookie(s) cookies.txt - Line #295 Low
Tracking Cookie(s) cookies.txt - Line #318 Low
Tracking Cookie(s) cookies.txt - Line #319 Low
Tracking Cookie(s) cookies.txt - Line #320 Low
Tracking Cookie(s) cookies.txt - Line #321 Low
Tracking Cookie(s) cookies.txt - Line #322 Low
Tracking Cookie(s) cookies.txt - Line #327 Low
Tracking Cookie(s) cookies.txt - Line #377 Low
Tracking Cookie(s) cookies.txt - Line #378 Low
Tracking Cookie(s) cookies.txt - Line #440 Low
Tracking Cookie(s) cookies.txt - Line #441 Low
WinFixer cookies.txt - Line #485 Low
WinFixer cookies.txt - Line #486 Low
Tracking Cookie(s) cookies.txt - Line #505 Low
Tracking Cookie(s) cookies.txt - Line #506 Low
Known Bad Sites cookies.txt - Line #52 Low
7AdPower cookies.txt - Line #522 Low
Tracking Cookie(s) cookies.txt - Line #611 Low
Tracking Cookie(s) cookies.txt - Line #612 Low
Tracking Cookie(s) cookies.txt - Line #71 Low
Tracking Cookie(s) cookies.txt - Line #72 Low
Affiliated with Browser Hijackers cookies.txt - Line #747 Low
Tracking Cookie(s) cookies.txt - Line #848 Low
Tracking Cookie(s) cookies.txt - Line #849 Low
Tracking Cookie(s) cookies.txt - Line #86 Low
Tracking Cookie(s) cookies.txt - Line #87 Low
Tracking Cookie(s) cookies.txt - Line #88 Low
Tracking Cookie(s) cookies.txt - Line #89 Low
Tracking Cookie(s) cookies.txt - Line #930 Low
Tracking Cookie(s) cookies.txt - Line #940 Low
Tracking Cookie(s) cookies.txt - Line #941 Low
Tracking Cookie(s) cookies.txt - Line #942 Low
Tracking Cookie(s) cookies.txt - Line #971 Low
Tracking Cookie(s) cookies.txt - Line #979 Low
Tracking Cookie(s) cookies.txt - Line #994 Low
AproposMedia HKCR\CurVer Medium
AproposMedia HKCR\CurVer## Medium

Do you think they are potential threats :whistling:

Please advise

Cheers :)
Recha
  • 0

#14
Mr_JAk3
Posted 20 October 2006 - 04:55 AM

Mr_JAk3

    Visiting Staff

  • Member
  • PipPip
  • 95 posts
Ok, I don't that they're real threats....Cookies are easy to deal with :whistling:

You can clean thoe cookies by using AFT Cleaner or by cleaning the cache and the cookies from your browser.
Then you can prevent those cookies from installing by using MVPs Hosts file and SpywareBlaster. (Instructions and links in my earlier message)

Do you have any other problems ?
  • 0

#15
rp07
Posted 20 October 2006 - 04:56 PM

rp07

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi :help:

Nah, thts pretty much it! Thanks a ton, you have been a great Help :whistling:


Although you could leave me with a tip to a faster computer navigation.At the moment its a bit slow.


Apart from that.............Thanks for all your help!


Much Appreciated :blink:



Cheers
RP
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP