Options

Problems with Mozilla Firefox? HJT log attached

Unknown
edited July 2005 in Spyware & Virus Removal
Today I was using firefox when it just closed for no reason. When I tried to open it again nothing happened. I tried re-installing it but this didn't help either. I don't know what could be causing it. Here is my HJT log. Thanks ahead of time for any help.
PhillyMac

Logfile of HijackThis v1.99.1
Scan saved at 9:40:23 PM, on 7/14/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dtdr.exe
C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bellsouth.net/
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\aoapna.exe reg_run
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! MLB StatTracker - http://aud13.sports.sc5.yahoo.com/java/y/mlbst8402_x.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8DD6302-D559-4127-984B-6D5428E133A0}: NameServer = 205.152.37.254 205.152.132.235
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: OPXPGina - C:\Program Files\Softex\OmniPass\opxpgina.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe

Comments

  • SpywareShooterSpywareShooter 127.0.0.1
    edited July 2005
    O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\aoapna.exe reg_run

    Fix that entry then find and delete the following file:
    C:\WINDOWS\System32\aoapna.exe

    Then reboot your computer and post a new log.
  • PhillyMac
    edited July 2005
    I have been trying to find and delete that file or variations of it for months now. I can never find it to delete it. I have tried everything everyone has ever said to find it. It keeps changing form from time to time. I haven't posted a new log because until I find that file it looks the same as the previous log. What can I do?
    Thanks,
    PhillyMac
  • SpywareShooterSpywareShooter 127.0.0.1
    edited July 2005
    Run a free Panda antivirus scan. There may be some files that it cannot remove. Post the log of those files here.

    http://www.pandasoftware.com/activescan/
  • PhillyMac
    edited July 2005
    Here is the log from the panda activescan.



    Incident Status Location
    Virus:Trj/Qoologic.G Disinfected Operating system
    Possible Virus. No disinfected C:\WINDOWS\System32\flfksjk.dll
    Spyware:spyware/bargainbuddy No disinfected C:\WINDOWS\SYSTEM32\angelex.exe
    Adware:adware/exactsearch No disinfected C:\WINDOWS\SYSTEM32\exdl1.exe
    Adware:adware/alwaysupdatednewsNo disinfected C:\WINDOWS\SYSTEM32\Free Cell Phone.ico
    Adware:adware/wupd No disinfected C:\WINDOWS\SYSTEM32\ide21201.vxd
    Adware:adware/portalscan No disinfected C:\WINDOWS\SYSTEM32\winupdt.008
    Adware:adware/apropos No disinfected C:\WINDOWS\SYSTEM32\CACHE\cxtpls_loader.exe
    Adware:adware/searchtheweb No disinfected C:\WINDOWS\SYSTEM32\CACHE\mswinstall.exe
    Adware:adware/mediatickets No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\MediaTicketsInstaller.ocx
    Adware:adware/sahagent No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\sporder_.dll
    Adware:adware/ncase No disinfected C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\180sainstaller.exe
    Adware:adware/transponder No disinfected C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\dummy.htm
    Adware:adware/elitebar No disinfected C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\suicidetb.exe
    Adware:adware/midaddle No disinfected C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\uppicsvr.exe
    Adware:adware/wintools No disinfected C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\WToolsB.dll
    Adware:adware/ipinsight No disinfected C:\WINDOWS\INF\farmmext.inf
    Spyware:spyware/betterinet No disinfected C:\WINDOWS\ceres.dll
    Adware:adware/bookedspace No disinfected C:\WINDOWS\cfgmgr51.dll
    Adware:adware/savenow No disinfected C:\PROGRAM FILES\VVSN
    Adware:adware/delfinmedia No disinfected C:\WINDOWS\SYSTEM32\nsvsvc
    Adware:adware/twain-tech No disinfected C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\THI1073.tmp
    Adware:adware/cws.homesearchasisstantNo disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HSA
    Spyware:spyware/localnrd No disinfected HKEY_CURRENT_USER\SOFTWARE\LOCALNRD
    Adware:adware/powerscan No disinfected HKEY_CURRENT_USER\SOFTWARE\POWERSCAN
    Adware:adware/e2give No disinfected HKEY_CURRENT_USER\SOFTWARE\PTECH
    Spyware:spyware/dyfuca No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\POLICIES\AVENUE MEDIA
    Adware:adware/purityscan No disinfected HKEY_CLASSES_ROOT\TYPELIB\{46605C8C-D306-4E2D-B367-9B53690CB867}
    Adware:adware/searchaid No disinfected HKEY_CLASSES_ROOT\CLSID\{676575DD-4D46-911D-8037-9B10D6EE8BB5}
    Adware:adware/mssearch No disinfected HKEY_CLASSES_ROOT\CLSID\{D34F08C5-4F18-477C-86CB-1A9BEECFE37B}
    Adware:adware/sidefind No disinfected HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\EXTENSIONS\CMDMAPPING\{10E42047-DEB9-4535-A118-B3F6EC39B807}
    Adware:adware/cws No disinfected HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\extensions\CmdMapping\{10e42047-deb9-4535-a118-b3f6ec39b807}
    Adware:adware/brilliantdigitalNo disinfected HKEY_CLASSES_ROOT\Interface\{48E59292-9880-11CF-9754-00AA00C00908}
    Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-793fe9c2-1dfa4f88.RB0[GetAccess.class]
    Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-793fe9c2-1dfa4f88.RB0[InsecureClassLoader.class]
    Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-793fe9c2-1dfa4f88.RB0[Dummy.class]
    Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-793fe9c2-1dfa4f88.RB0[Installer.class]
    Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Owner\Application Data\wtta.exe
    Adware:Adware/SearchAid No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20041124-175618-575.dll
    Adware:Adware/WUpd No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050113-104833-923.dll
    Spyware:Spyware/IESearchToolbarNo disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050429-124547-200.dll
    Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050429-124547-228.dll
    Adware:Adware/MyWay No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050429-124547-237.dll
    Adware:Adware/eZula No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050429-124547-327.dll
    Spyware:Spyware/BargainBuddy No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050429-124547-622.dll
    Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050429-124547-837.dll
    Adware:Adware/ExactSearch No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050429-124547-911.dll
    Spyware:Spyware/IESearchToolbarNo disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050429-131256-843.dll
    Adware:Adware/nCase No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050429-234441-892.dll
    Adware:Adware/nCase No disinfected C:\Documents and Settings\Owner\Desktop\HijackThis\backups\backup-20050429-234441-892.inf
    Adware:Adware/nCase No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\180sainstaller.exe
    Virus:Trj/Qoologic.G Disinfected C:\Documents and Settings\Owner\Local Settings\Temp\D4.tmp
    Virus:Trj/Downloader.BYZ Disinfected C:\Documents and Settings\Owner\Local Settings\Temp\Del14.tmp
    Adware:Adware/nCase No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\Del5.tmp
    Spyware:Spyware/BetterInet No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\DrTemp\thin-144-1-x-x.exe
    Adware:Adware/E2Give No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\ei.exe
    Adware:Adware/ClkOptimizer No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\f6943906.exe
    Virus:Trj/Multidropper.XI Disinfected C:\Documents and Settings\Owner\Local Settings\Temp\razor_media_2_1.exe
    Adware:Adware/nCase No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\res15.tmp
    Adware:Adware/DelFinMedia No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\rm05040901.Stub.exe
    Adware:Adware/EliteBar No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\suicidetb.exe
    Adware:Adware/IPInsight No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\THI1073.tmp\farmmext.inf
    Adware:Adware/IPInsight No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\THI1073.tmp\farmmext.ini
    Spyware:Spyware/BetterInet No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\THI4C56.tmp\ceres.cab
    Spyware:Spyware/BetterInet No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\THI4C56.tmp\ceres.cab[ceres.inf]
    Spyware:Spyware/BetterInet No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\THI4C56.tmp\ceres.cab[ceres.dll]
    Spyware:Spyware/BetterInet No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\THI4C56.tmp\ceres.dll
    Spyware:Spyware/BetterInet No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\THI4C56.tmp\ceres.inf
    Adware:Adware/DelFinMedia No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\uppicsvr.exe
    Adware:Adware/MyWebSearch No disinfected C:\Documents and Settings\Owner\Local Settings\Temp\WToolsB.dll
    Adware:Adware/nCase No disinfected C:\Program Files\180search Assistant\saap.exe
    Adware:Adware/nCase No disinfected C:\Program Files\180search Assistant\saaphook.dll
    Adware:Adware/SearchAid No disinfected C:\Program Files\Common Files\submit2.exe
    Adware:Adware/DelFinMedia No disinfected C:\Program Files\Common Files\Uninstall Information\RemoveDisplayUtility.exe
    Spyware:Spyware/ClearSearch No disinfected C:\Program Files\tz19l2sa\2hj5dkr8.DLL
    Spyware:Spyware/ClearSearch No disinfected C:\Program Files\tz19l2sa\5zv6gnth.DLL
    Adware:Adware/WeatherCast No disinfected C:\Program Files\VVSN\VVSN.exe
    Adware:Adware/SearchAid No disinfected C:\WINDOWS\atlmq32.dll
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\autoheal.exe
    Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\ceres.dll
    Adware:Adware/MyWay No disinfected C:\WINDOWS\cfgmgr51.dll
    Adware:Adware/SearchAid No disinfected C:\WINDOWS\d3ty32.dll
    Adware:Adware/SAHAgent No disinfected C:\WINDOWS\Downloaded Program Files\lkir8l2gm_.dll
    Adware:Adware/MediaTickets No disinfected C:\WINDOWS\Downloaded Program Files\MediaTicketsInstaller.ocx
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\casino-ico.bmp
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\casino.bmp
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\dating-ico.bmp
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\dating.bmp
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\drugs-ico.bmp
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\drugs.bmp
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\fav-ico.bmp
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\fav.bmp
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\EliteToolBar\xml\images\virus.bmp
    Adware:Adware/SearchAid No disinfected C:\WINDOWS\hsgzx.dll
    Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\inf\ceres.inf
    Adware:Adware/IPInsight No disinfected C:\WINDOWS\inf\farmmext.inf
    Adware:Adware/BookedSpace No disinfected C:\WINDOWS\kuybmkyv.exe
    Adware:Adware/SearchAid No disinfected C:\WINDOWS\lhwpp.dll
    Adware:Adware/SearchAid No disinfected C:\WINDOWS\sdkqh32.dll
    Virus:Trj/Downloader.BYZ Disinfected C:\WINDOWS\system32\1800414.dll
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\angelex.exe
    Virus:Trj/Downloader.BOD Disinfected C:\WINDOWS\system32\Cache\AUNIcons.exe
    Adware:Adware/Apropos No disinfected C:\WINDOWS\system32\Cache\cxtpls_loader.exe
    Adware:Adware/PortalScan No disinfected C:\WINDOWS\system32\Cache\InstallAPS.exe
    Virus:Trj/Multidropper.XI Disinfected C:\WINDOWS\system32\Cache\installer.exe
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\Cache\installer_MARKETING17.exe
    Adware:Adware/E2Give No disinfected C:\WINDOWS\system32\Cache\pi1_51.exe
    Adware:Adware/VirtualBouncer No disinfected C:\WINDOWS\system32\Cache\wrapperouter.exe
    Virus:Trj/Prutec.M Disinfected C:\WINDOWS\system32\crytof.exe
    Possible Virus. No disinfected C:\WINDOWS\system32\datadx.dll
    Adware:Adware/ClkOptimizer No disinfected C:\WINDOWS\system32\dbdea.dll
    Adware:Adware/DelFinMedia No disinfected C:\WINDOWS\system32\delfin0414.dll
    Virus:Trj/Prutec.M Disinfected C:\WINDOWS\system32\dllsen.exe
    Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\exclean.exe
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\exdl1.exe
    Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\exul1.exe
    Possible Virus. No disinfected C:\WINDOWS\system32\flfksjk.dll
    Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\goldnew2b0414.dll
    Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\ieeq32.exe
    Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\javexulm.vxd
    Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\kuqvg.dll
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[msbe.dll]
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[Uninstall.exe]
    Possible Virus. No disinfected C:\WINDOWS\system32\mac80ex.idf[bargains.exe]
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[adv.exe]
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[adx.exe]
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mqexdlm.srg
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\msbe.dll
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\msexreg.exe
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\netut80ex.vxd[exdl.exe]
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\netut80ex.vxd[mqexdlm.srg]
    Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[exul.exe]
    Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[javexulm.vxd]
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\netut80ex.vxd[msexreg.exe]
    Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[exclean.exe]
    Adware:Adware/DelFinMedia No disinfected C:\WINDOWS\system32\nsvsvc\nsv.ocx
    Adware:Adware/DelFinMedia No disinfected C:\WINDOWS\system32\nsvsvc\nsvs.dll
    Adware:Adware/DelFinMedia No disinfected C:\WINDOWS\system32\nsvsvc\nsvsvc.exe
    Adware:Adware/Adultlt No disinfected C:\WINDOWS\system32\oisikav.dll
    Virus:Trj/Qoologic.G Disinfected C:\WINDOWS\system32\qvqwu.dat
    Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\scdor.dll
    Virus:Trj/Prutec.M Disinfected C:\WINDOWS\system32\skytown.exe
    Adware:Adware/AdBehavior No disinfected C:\WINDOWS\system32\supdate.dll
    Adware:Adware/SearchAid No disinfected C:\WINDOWS\sysyh32.exe
    Spyware:Spyware/Dyfuca No disinfected C:\WINDOWS\wsem302.dll
    Adware:Adware/SearchAid No disinfected C:\WINDOWS\ytnkt.dll
    Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\zeta.exe
  • SpywareShooterSpywareShooter 127.0.0.1
    edited July 2005
    Try booting into Safe Mode (with networking on) and run the scan. Then run it again in Normal Mode and post the log.
Sign In or Register to comment.