Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Strange, Uknown, Returning Hijack Spyware [RESOLVED]

Started by Midnight364 , Oct 27 2005 03:18 PM

  • This topic is locked This topic is locked

#16
Danny
Posted 02 November 2005 - 07:16 PM

Danny

    Visiting Staff

  • Member
  • PipPipPip
  • 684 posts
Hi,

Close any programs you have open since this step requires a reboot.

From the l2mfix folder on your desktop, double click l2mfix.bat and select option #2 for Run Fix by typing 2 and then pressing enter, then press any key to reboot your computer. After a reboot, your desktop and icons will appear, then disappear (this is normal). L2mfix will continue to scan your computer and when it's finished, notepad will open with a log. Copy the contents of that log and paste it back into this thread, along with a new hijackthis log.

[color="red"]IMPORTANT: Do NOT run any other files in the l2mfix folder unless you are asked to do so!

Danny :tazz:
  • 0

Advertisements

#17
Midnight364
Posted 02 November 2005 - 07:32 PM

Midnight364

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
I did what you said, but L2mfix didn't bring up a log in Notepad after I rebooted.
I ran second.bat, since I've used that method with the L2mfix to fix a friend's computer when nothing happened after it rebooted, but it gave me an error this time...
  • 0

#18
Danny
Posted 03 November 2005 - 07:56 PM

Danny

    Visiting Staff

  • Member
  • PipPipPip
  • 684 posts
Can you post a new HijackThis log please?
  • 0

#19
Midnight364
Posted 03 November 2005 - 10:00 PM

Midnight364

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Logfile of HijackThis v1.99.1
Scan saved at 8:00:51 PM, on 11/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\devldr32.exe
C:\Documents and Settings\Midnight\Desktop\Shortcuts\KeyCount\KeyCount.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ATWTUSB.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\TBLMOUSE.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Norton AntiVirus\OPScan.exe
C:\Documents and Settings\Midnight\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O1 - Hosts: 68.3.107.49 l2authd.lineage2.com
O1 - Hosts: 205.238.40.1 winmx.com
O1 - Hosts: 205.238.40.1 www.winmx.com
O1 - Hosts: 205.238.40.1 err.winmx.com
O1 - Hosts: 205.238.40.1 c3310.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3311.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3313.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3314.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3310.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3311.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3313.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3314.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3310.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3311.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3313.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3314.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3310.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3311.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3313.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3314.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3310.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3311.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3313.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3314.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1305.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1305.winmx.com
O1 - Hosts: 205.238.40.1 c3310.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3311.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3313.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3314.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3315.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3316.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3317.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3318.z1306.winmx.com
O1 - Hosts: 82.195.155.5 c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3528.z1301.winmx.com
O1 - Hosts: 82.195.155.5 c3529.z1301.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3528.z1302.winmx.com
O1 - Hosts: 82.195.155.5 c3529.z1302.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3527.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3528.z1303.winmx.com
O1 - Hosts: 82.195.155.5 c3529.z1303.winmx.com
O1 - Hosts: 205.238.40.1 c3520.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3521.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3523.z1304.winmx.com
O1 - Hosts: 205.238.40.1 c3524.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3525.z1304.winmx.com
O1 - Hosts: 82.195.155.5 c3526.z1304.winmx.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -noicon
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Atwtusb] RUNDLL32 FuncKey.DLL,ExtFuncCall AA
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - HKLM\..\Run: [wtadd_KeyCount.exe] C:\Documents and Settings\Midnight\Desktop\Shortcuts\KeyCount\KeyCount.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Notmad Manager.lnk = C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe
O4 - Startup: Registration Prince of Persia Warrior Within.LNK = C:\Program Files\UBISOFT\Prince of Persia Warrior Within\Support\Register\RegistrationReminder.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ImageFox.lnk.disabled
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microtek Scanner Finder.lnk = C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Program Files\Free Surfer\FS20.exe
O9 - Extra 'Tools' menuitem: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Program Files\Free Surfer\FS20.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chess - http://download.game...nts/y/ct0_x.cab
O16 - DPF: Yahoo! Literati - http://download.game...nts/y/tt0_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/potc_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...ry/msgrchkr.cab
O16 - DPF: {05717986-A8C7-11D7-A03D-00104BCD089B} (W3IP Control) - http://www.w3ip.com/W3ip.cab
O16 - DPF: {12F7F128-B36C-4843-8AA4-A5F71A969331} (Launcher Control) - https://horizons.ist...ls/launcher.ocx
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...MineSweeper.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg...v43/yacscom.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...StatsClient.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.del...t/TLIEFlash.CAB
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn...eUC/MsnUpld.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab27513.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {BD5FBD60-8AA3-4060-92B9-A868B9FF2FCC} (Reversi Control) - http://mirror.worldw...rsi/reversi.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca04.righ...l/java/RntX.cab
O18 - Protocol: bw+0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {04ABCCDD-203A-40B2-9737-695F13122640} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: CWShredder Service - InterMute, Inc. - C:\Documents and Settings\Midnight\Desktop\cwshredder.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySQL - Unknown owner - C:\mysql\bin\mysqld-nt.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)
  • 0

#20
Danny
Posted 09 November 2005 - 04:07 PM

Danny

    Visiting Staff

  • Member
  • PipPipPip
  • 684 posts
Hi,

We have a couple of last steps to perform and then you're all set.

First, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion.
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View tab.
  • Under the Hidden files and folders heading UNSELECT Show hidden files and folders.
  • CHECK the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.
Next, let's clean your restore points and set a new one:

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Restart your computer.

3. Turn ON System Restore.

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.

System Restore will now be active again.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
  • SpywareBlaster to help prevent spyware from installing in the first place.
  • SpywareGuard to catch and block spyware before it can execute.
  • IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email.
You should also have a good firewall. Here are 3 free ones available for personal use:and a good antivirus (these are also free for personal use):It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visitmonthly. And to keep your system clean run these free malware scannersweekly, and be aware of what emails you open and websites you visit.

To learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place?

Have a safe and happy computing day!

Danny :tazz:
  • 0

#21
Danny
Posted 09 November 2005 - 04:22 PM

Danny

    Visiting Staff

  • Member
  • PipPipPip
  • 684 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP