Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

win anti virus pro pop ups!

Started by Robbos , Oct 17 2006 12:57 AM

  • Please log in to reply

#16
Robbos
Posted 19 October 2006 - 09:37 PM

Robbos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
2nd attempt computer crashed again. Scan stopped @ C:\xPos: txt time changed to 19:30:54 hr remaining.

Cursor weirded out kept dropping volume icons over screen. Computer painfully slow HD light on constantly.

:whistling:
  • 0

Advertisements

#17
Wizard
Posted 20 October 2006 - 01:17 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Open HijackThis and access the Misc Tools section by one of the 2 methods below.

Open HijackThis and click on "Open the Misc Tools Section"

Open HijackThis and click on "Config" and then click on "Misc Tools"

Once in the Misc Tools Section--> Click on the "Open ADS Spy" tab

UNcheck the 2 boxes to the top left:

Quick Scan (Windows base folders only)

Ignore safe system info streams

Clicks Scan and once completed,click Save Log.

Post that log in the next reply.


Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • CloseCureIt and Reboot the Machine

Post the ADS Spy scan log and the CureIt log in the next reply please.

Edited by Cretemonster, 20 October 2006 - 01:19 AM.

  • 0

#18
Robbos
Posted 20 October 2006 - 04:56 AM

Robbos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hi there, as you requested.



C:\Documents and Settings\Administrator\Desktop\webUpgrade_Windows_USB_R3.0.1.5\SpeedTouchUSB-3.0.1.0.12.exe : Zone.Identifier (26 bytes)
C:\Documents and Settings\Administrator\Desktop\webUpgrade_Windows_USB_R3.0.1.5.zip : Zone.Identifier (26 bytes)
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\SentItems\S-1-5-21-212580986-813958858-990148481-1003$201c52066923755.tif : Xj1phwzh5qcwungrN45kt3kiCe (756 bytes)
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\SentItems\S-1-5-21-212580986-813958858-990148481-1003$201c52066923755.tif : {4c8cc155-6c1e-11d1-8e41-00c04fb9386d} (0 bytes)
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\SentItems\S-1-5-21-212580986-813958858-990148481-1003$201c544a7e77d41.tif : Xj1phwzh5qcwungrN45kt3kiCe (692 bytes)
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\SentItems\S-1-5-21-212580986-813958858-990148481-1003$201c544a7e77d41.tif : {4c8cc155-6c1e-11d1-8e41-00c04fb9386d} (0 bytes)
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\Desktop\aproposfix.exe : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\Desktop\combofix.exe : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\Desktop\HijackThis\HijackThis.exe : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\Desktop\HijackThis.zip : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\Desktop\VundoFix.exe : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\232_2x05x200350749PM.exe : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\308_16x06x200514913PM.EXE : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\ESale.pdf : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\Image Transfer\'04_12_06_01\DCIM\101MSDCF\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\Image Transfer\'04_12_20_01\DCIM\101MSDCF\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\Image Transfer\'05_03_20_01\DCIM\101MSDCF\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\Image Transfer\'05_03_24_01\DCIM\101MSDCF\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\Image Transfer\'05_03_26_01\DCIM\101MSDCF\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\Image Transfer\'05_07_07_01\DCIM\101MSDCF\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\Image Transfer\'05_07_10_01\DCIM\101MSDCF\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\Mel & Chris\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\Mel & Chris\web_fuze_2005_02_18_IMG_8126.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Music\From Internet\JohnLawsArabs - Aug 15, 2006 12.38.14.mp3 : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Music\From Internet\JohnLawsArabs - Aug 15, 2006 17.21.02.mp3 : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Music\From Internet\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\100_2813.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\100_2819.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Cleveland\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Disc\applyingsoap2.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Disc\components.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Disc\coolingspray.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Disc\disc.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Disc\highspot.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Disc\runnindisc.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Disc\shrunk.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Disc\soapondisc.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Disc\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\House Pics\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Bec, Rachel,Mel, Chris, Erin _ me.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Chris _ me 2.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Chris, Me _ Biggie.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Chris, me _ rachel.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Chris.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Erin, Adrian, me _ Chris.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Me - wildboys.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Me _ Erin 2.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Me _ Mario.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Me _ Stacey 2.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Me, Chris _ Stacey.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\mels pic1 003.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\mels pic1 004.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\mels pic1 008.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Race Day - Chris Bday 3.12.05 003.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\The gals!!!.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Mels pics\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\OIL\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_0078_00.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_0080_00.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_0081_00.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_0082_00.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1846.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1847.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1848.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1849.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1850.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1851.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1852.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1853.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1854.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1855.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1856.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1857.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1858.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1860.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1861.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_1862.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_2531.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_2816.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_2818.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\100_2820.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\2003_1113Image0001.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\2003_1113Image0002.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\2005_0226Image0004.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\270_16x06x200420316PM\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\276_16x06x200421331PM.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\304_15x06x2005102310AM.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\car pics 005.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\car pics 006.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\car pics 007.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\car pics 008.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\coupe 1.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSC01162.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSC01173.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSC01178.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSC02681.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSC02682.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSC02689.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCF0447.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCF0448.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCF0449.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCF0450.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCF0452.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCF0980.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCF1112.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCF1114.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCF1116.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCF1118.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\DSCN0810.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Ebay Pics 008.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Ebay Pics 053.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Engine bay Oct 2005.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\GTHO front spoiler 001.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\GTHO front spoiler 002.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\GTHO front spoiler 003.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\GTHO sway bar 001.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\GTHO sway bar 002.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Heater 1.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Heater.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Heater.jpg 3.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Heater.jpg 4.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\HO undercarriage.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\HO undercarriage3.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\HO undercarriage4.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\HO undercarriage5.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\IMGP0402.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\left b.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Mvc-001f.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Mvc-005f.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Mvc-006f.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Mvc-009f.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Mvc-014f.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Mvc-016f.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Mvc-017f.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 055.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 056.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 059.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 062.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 063.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 065.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 069.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 070.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 071.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 072.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 073.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 074.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 078.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 079.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 080.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 081.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\myxwgt 082.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\newphoto 030.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\newphoto 031.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\newphoto 032.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\newphoto 037.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\newphoto 039.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\newphoto 040.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\nice.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1000542.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1000609.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1000613.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1000698.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1000792.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1000822.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1000823.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010076.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010077.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010078.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010081.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010082.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010083.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010272.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010273.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010274.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010275.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010276.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010383.JPGResize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010384.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010386.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010387.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010393.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010394.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010395.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010399.JPGresize.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010481.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010482.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\P1010484.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Ph3 Wing1.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Rear-Axle-End-Flange-chart-.gif : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Rear-axle-flange-chart-2.gif : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\rear.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\RHR Oct 2005.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Robbos GT 128 (1).jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Robbos GT 128 (3).jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Robbos GT 128 (4).jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Robbos GT 128.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\SAGT 24.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\SAGT 25.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\SAGT 26.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\trunk.JPG : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\XW GT Falcon.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\XYGT LOCKDOWN 001.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Other cars\XYGT LOCKDOWN 003.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\SAM BDAY\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\My Pictures\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\My Received Files\182.jpg : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\My Videos\Thumbs.db : encryptable (0 bytes)
C:\Documents and Settings\Owner\My Documents\Temp1.doc : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\Temp2.doc : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\Temp3.doc : Zone.Identifier (26 bytes)
C:\Documents and Settings\Owner\My Documents\tint Auto Instructions 1.doc : Zone.Identifier (26 bytes)
C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP834\A0055032.exe : Zone.Identifier (26 bytes)
C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP834\A0055047.psf : Zone.Identifier (26 bytes)
C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP834\A0055070.exe : Zone.Identifier (26 bytes)
C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP835\A0056080.exe : Zone.Identifier (26 bytes)
C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP835\A0056081.inf : Zone.Identifier (26 bytes)
C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP847\A0058605.exe : Zone.Identifier (26 bytes)
C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP857\A0061788.exe : Zone.Identifier (26 bytes)
C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP858\A0061850.exe : Zone.Identifier (26 bytes)
C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP858\A0061859.exe : Zone.Identifier (26 bytes)
  • 0

#19
Robbos
Posted 20 October 2006 - 05:01 AM

Robbos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
And Cure it

A0056084.exe;C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP835;Tool.Prockill;;
  • 0

#20
Wizard
Posted 20 October 2006 - 02:31 PM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Was there anything below these entries in the ADS Spy Scan?

C:\System Volume Information\_restore{3DC486C2-B453-4FD7-AAF7-B8827D1BED82}\RP858\A0061859.exe : Zone.Identifier (26 bytes)



Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

  • 0

#21
Robbos
Posted 20 October 2006 - 09:24 PM

Robbos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hi there mate,

No that was the entire ADS Spy scan.


When you say this Kaspersky scanner takes time I have had it running now for over 2.5 hrs and has only scanned 2%.

Computer is still slow e.g 7 min to open up this page.

Sorry for posting without post but it appears to be stalled?
  • 0

#22
Wizard
Posted 21 October 2006 - 02:26 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Im not exactly sure whats going on and why these scans are failing.

Scan fresh with ComboFix and post that log please.
  • 0

#23
Robbos
Posted 21 October 2006 - 04:09 AM

Robbos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
OK that I can do. Kaspersky failed even after three more attempts.

Owner - 06-10-21 20:01:09.29 Service Pack 2
ComboFix 06.10.16 - Running from: "C:\Documents and Settings\Owner\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-09-21 to 2006-10-21 ))))))))))))))))))))))))))))))))))


2006-09-24 23:03 51,072 --a------ C:\WINDOWS\SYSTEM32\drivers\ikhlayer.sys
2006-09-24 23:03 30,592 --a------ C:\WINDOWS\SYSTEM32\drivers\ikhfile.sys
2006-09-24 21:25 970,752 --a------ C:\WINDOWS\SYSTEM32\VchReg.dll
2006-09-23 18:39 28,672 --a------ C:\WINDOWS\SYSTEM32\drivers\CO_Mon.sys


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-21 18:43 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-21 18:34 -------- d-------- C:\Program Files\eBay
2006-10-21 04:39 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2006-10-20 03:18 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-10-17 19:17 -------- d---s---- C:\Documents and Settings\Owner\Application Data\Microsoft
2006-10-17 18:44 -------- d-------- C:\Program Files\LimeWire
2006-10-17 18:41 -------- d-------- C:\Program Files\Java
2006-10-17 18:32 -------- d-------- C:\Program Files\Common Files\Java
2006-10-17 18:32 -------- d-------- C:\Program Files\Common Files
2006-10-17 14:45 -------- d-------- C:\Program Files\Spyware Doctor
2006-10-16 19:24 -------- d-------- C:\Program Files\Norton SystemWorks
2006-10-04 14:06 -------- d-------- C:\Program Files\Enigma Software Group
2006-09-28 17:07 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-09-26 14:52 -------- d-------- C:\Documents and Settings\Owner\Application Data\Real
2006-09-26 14:40 -------- d-------- C:\Program Files\Common Files\xing shared
2006-09-26 14:40 -------- d-------- C:\Program Files\Common Files\Real
2006-09-26 14:37 -------- d-------- C:\Program Files\Real
2006-09-25 09:25 -------- d-------- C:\Program Files\Common Files\InstallShield
2006-09-24 23:02 -------- d-------- C:\Documents and Settings\Owner\Application Data\PC Tools
2006-09-23 23:01 -------- d-------- C:\Program Files\Symantec
2006-09-23 20:09 -------- d-------- C:\Program Files\Norton Internet Security
2006-09-15 22:04 48816 --a------ C:\WINDOWS\SYSTEM32\S32EVNT1.DLL
2006-09-15 22:04 109744 --a------ C:\WINDOWS\SYSTEM32\drivers\SYMEVENT.SYS
2006-09-13 15:01 1084416 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll
2006-09-12 10:19 -------- d-------- C:\Program Files\QuickTime
2006-09-11 16:30 275112 --a------ C:\WINDOWS\SYSTEM32\drivers\srtspl.sys
2006-09-11 16:30 243368 --a------ C:\WINDOWS\SYSTEM32\drivers\srtsp.sys
2006-09-11 16:30 24232 --a------ C:\WINDOWS\SYSTEM32\drivers\srtspx.sys
2006-09-11 12:51 -------- d-------- C:\Program Files\Destroyer Command
2006-09-04 18:29 -------- d-------- C:\Documents and Settings\Owner\Application Data\Apple Computer
2006-09-04 18:20 -------- d-------- C:\Program Files\iPod
2006-09-03 05:35 613056 --a------ C:\WINDOWS\SYSTEM32\SymNeti.dll
2006-09-03 05:35 36032 --a------ C:\WINDOWS\SYSTEM32\drivers\symndisv.sys
2006-09-03 05:35 239808 --a------ C:\WINDOWS\SYSTEM32\SymRedir.dll
2006-09-03 05:35 186048 --a------ C:\WINDOWS\SYSTEM32\drivers\symtdi.sys
2006-09-03 05:34 39104 --a------ C:\WINDOWS\SYSTEM32\drivers\symids.sys
2006-09-03 05:34 33216 --a------ C:\WINDOWS\SYSTEM32\drivers\symndis.sys
2006-09-03 05:34 26432 --a------ C:\WINDOWS\SYSTEM32\drivers\symredrv.sys
2006-09-03 05:34 144832 --a------ C:\WINDOWS\SYSTEM32\drivers\symfw.sys
2006-09-03 05:34 11968 --a------ C:\WINDOWS\SYSTEM32\drivers\symdns.sys
2006-08-26 01:45 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll
2006-08-22 17:08 -------- d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2006-08-21 22:21 16896 --a------ C:\WINDOWS\SYSTEM32\fltlib.dll
2006-08-21 19:14 23040 --a------ C:\WINDOWS\SYSTEM32\fltmc.exe
2006-08-21 19:14 128896 --------- C:\WINDOWS\SYSTEM32\drivers\fltmgr.sys
2006-08-16 21:58 100352 --a------ C:\WINDOWS\SYSTEM32\6to4svc.dll
2006-07-27 23:24 679424 --a------ C:\WINDOWS\SYSTEM32\inetcomm.dll
2006-07-21 18:24 72704 --a------ C:\WINDOWS\SYSTEM32\hlink.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"KBD"="C:\\HP\\KBD\\KBD.EXE"
"WorksFUD"="C:\\Program Files\\Microsoft Works\\wkfud.exe"
"Microsoft Works Portfolio"="C:\\Program Files\\Microsoft Works\\WksSb.exe /AllUsers"
"Microsoft Works Update Detection"="C:\\Program Files\\Microsoft Works\\WkDetect.exe"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"NvCplDaemon"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize"
"IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"Share-to-Web Namespace Daemon"="C:\\Program Files\\Hewlett-Packard\\HP Share-to-Web\\hpgs2wnd.exe"
"SpeedTouch USB Diagnostics"="\"C:\\Program Files\\Alcatel\\SpeedTouch USB\\Dragdiag.exe\" /icon"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"osCheck"="\"C:\\Program Files\\Norton Internet Security\\osCheck.exe\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_08\\bin\\jusched.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoDrives"=dword:00000000
"NoViewOnDrive"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Owner.job
C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
C:\WINDOWS\tasks\Symantec Drmc.job

Completion time: 06-10-21 20:05:07.93
C:\ComboFix.txt ... 06-10-21 20:05
C:\ComboFix2.txt ... 06-10-18 19:33
C:\ComboFix3.txt ... 06-10-17 20:53
  • 0

#24
Wizard
Posted 22 October 2006 - 05:16 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Im gonna contend for a few possibilities that may be preventing these scans from running.

What exactly happened with the F-Secure and Kaspersky scans?


Right-Click Here and Click "Save As" to download DelDomains.inf to your desktop.

Right Click DelDomains.inf on your desktop and select "Install"

It will perform a silent process>Give it a minute to run


Download The Hoster from here:
http://www.funkytoad...load/hoster.zip

Right Click the Zip Folder and Select "Extract All"

Open Hoster and Make sure that the "Make Hosts Writable?" button in the upper right corner is Enabled

Click "Back up Host files"

Press "Restore Original Hosts" and press "OK"

Exit the Program.


Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.


Restart the Machine and Click Start--> Click Run--> Type in cmd and click OK.

At the command prompt window--> Type in cd\ and hit enter.


Type in or copy&paste each of the commands below,one at a time into the command prompt and hit Enter.

ipconfig /release

ipconfig /flushdns

ipconfig /renew


Check each option in this link to ensure all the IE settings are as they should be.
http://www.microsoft...rity/setup.mspx


Try this,Open IE and Click Tools-> Internet Options-> Programs and then click "Reset Web Settings"

Now go back and Click the Advanced Tab and then Click "Restore Defaults"


Lets also check some of the IE Settings

1. From within Internet Explorer click the Tools menu and then click on Internet Options.
2. Click once on the Security tab
3. Click once on the Internet icon so it becomes highlighted.
4. Click once on the Custom Level button.A.) Change the Download signed ActiveX controls to Prompt
B.) Change the Download unsigned ActiveX controls to Disable
C.) Change the Initialize and script ActiveX controls not marked as safe to Disable
D.) Change the File Download to Prompt
E.) Change the Installation of desktop items to Prompt
F.) Change the Launching programs and files in an IFRAME to Prompt
G.) Change the Navigate sub-frames across different domains to Prompt
5. Click 'OK' and save the settings if prompted.
6. Click Apply and then 'OK' to exit the Internet Properties page.



Try once more the Kaspersky scanner.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP