[inactive]HiJackThis log - lezlow
YOU URGENTLY REQUIRE SHOOT THE MESSENGER get it online or send me contact to reply i will forward to you [email removed due to spam bots] [/email]also on mess?
So heres the problem.
My computer has so much spyware and junk on it, that i can't navigate through a single web page without at least three pop up windows, well, popping up.
Ive ran adaware several times in the past to try and fix the problem, but it doesnt do much.
I know one of the problems is winpro2006, (or something similar to that), because it get endless pop-ups from them. ALSO, recently, a toolbar (vs toolbar i think) has shown up, unexplained, and wont leave.
My computer is so bogged down from all this junk. I did download all the programs, ran all the scans, and have all of my logs handy. If anyone can help me out, i would GREATLY appreciate it!! I have a cable modem, and my computer runs like dialup from 95.
I did the activescan, kaspersky, and panda, and was able to save all the logs, except for the panda.
When it finished, i went to save the log file, and go figure, my computer froze up on me. I didnt have the patience to run another 2.5 hour scan.
The kaspersky log file was WAY too long for me to post, but if it will be of any help, i can provide the results.
THANKS SO MUCH!!!
HiJack this log...
Logfile of HijackThis v1.99.1
Scan saved at 6:44:18 PM, on 11/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton\navapsvc.exe
C:\Program Files\Norton\AdvTools\NPROTECT.EXE
C:\Program Files\Norton\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {6355FE44-F11F-43DF-87F3-F24B754F9073} - C:\WINDOWS\system32\hnebwxex.dll
O2 - BHO: (no name) - {BB62073C-E9B8-4583-87AA-E841ACE1DACb} - C:\WINDOWS\system32\hnebwxex.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton\NavShExt.dll
O2 - BHO: MSEvents Object - {CE70731D-F28D-4D81-9D61-C8EE60378401} - C:\WINDOWS\system32\awvvs.dll
O2 - BHO: (no name) - {F18F04B0-9CF1-4b93-B004-77A288BEE28B} - C:\WINDOWS\system32\dtckfgvb.dll
O2 - BHO: (no name) - {F745E180-8911-4EC3-AA48-5440E646B8Af} - C:\WINDOWS\system32\hnebwxex.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton\NavShExt.dll
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [vmlib] vmlib.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: http://scanner.sysprotect.com
O15 - Trusted Zone: http://*.systemdoctor.com
O15 - Trusted Zone: http://www.winantivirus.com
O15 - Trusted Zone: http://www.winantiviruspro.com
O15 - Trusted Zone: http://download.cdn.winsoftware.com
O15 - Trusted IP range: http://202.67.220.225
O15 - Trusted IP range: http://59.148.220.121
O15 - Trusted IP range: http://62.4.84.53
O15 - Trusted IP range: http://82.98.235.58
O15 - Trusted IP range: http://85.12.25.90
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c420.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} - http://pictures02.aim.com/ygp/aol/plugin/upf/AOLUPF.en-US-AIM.9.5.1.7.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: awvvs - C:\WINDOWS\system32\awvvs.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: ithmjfyj - ithmjfyj.dll (file missing)
O20 - Winlogon Notify: mljge - mljge.dll (file missing)
O20 - Winlogon Notify: pmnno - C:\WINDOWS\system32\pmnno.dll (file missing)
O20 - Winlogon Notify: rvohewbh - rvohewbh.dll (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Active scan log
Incident Status Location
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.adultfriendfinder.com/]
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.winantivirus.com/]
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[stats1.reliablestats.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.atwola.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.zedo.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[server.iad.liveperson.net/hc/31953349]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[server.iad.liveperson.net/]
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Shannon\Application Data\Mozilla\Firefox\Profiles\1y5cwmf8.default\cookies.txt[stats1.reliablestats.com/]
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Shannon\Application Data\Mozilla\Firefox\Profiles\1y5cwmf8.default\cookies.txt[winantivirus.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@ad.yieldmanager[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@advertising[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@atdmt[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@com[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@realmedia[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@stats1.reliablestats[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@tradedoubler[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@trafficmp[1].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@www.myaffiliateprogram[2].txt
Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Documents and Settings\Shannon\Local Settings\Application Data\Mozilla\Firefox\Profiles\1y5cwmf8.default\Cache\B23E4567d01
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[winantivirus.com/]
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[.winantivirus.com/]
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[stats1.reliablestats.com/]
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[www.winantivirus.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[.drivecleaner.com/]
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[.errorsafe.com/]
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[www.systemdoctor.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[stats.drivecleaner.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[.fastclick.net/]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Tim\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-18022163-75b07a18.zip[Dummy.class]
Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Documents and Settings\Tim\Local Settings\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\Cache\004982A7d01
Potentially unwanted tool:Application/SystemDoctor2006 Not disinfected C:\Documents and Settings\Tim\Local Settings\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\Cache\069CD5C0d01
Potentially unwanted tool:Application/Zango Not disinfected C:\Documents and Settings\Tim\Local Settings\Temp\ZangoToolbarInstaller.exe[ZangoInstaller.exe]
Adware:Adware/Trymedia Not disinfected C:\Downloads\PrisonTycoonSetup-dm[1].exe
Adware:Adware/Trymedia Not disinfected C:\Downloads\WormsArmageddon-dm[1].exe
Potentially unwanted tool:Application/Zango Not disinfected C:\Program Files\Mozilla Firefox\plugins\npclntax.dll
Adware:adware/ncase Not disinfected C:\temp\salmau.dat
Adware:Adware/EliteBar Not disinfected C:\WINDOWS\blocklist.reg
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\aopnjvti.exe
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\awvvs.dll
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\baondxjb.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\cnohdnym.exe
Adware:Adware/Popuper Not disinfected C:\WINDOWS\SYSTEM32\dbeeogmo.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\dimidpbh.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\djbvsswk.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\SYSTEM32\egpmahlt.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\fxxdgbhq.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\ihkartxe.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\ioujjgpb.exe
Virus:Trj/ChampMailer.C Disinfected C:\WINDOWS\SYSTEM32\ithmjfyj.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\jtoqynwk.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\SYSTEM32\jxvxfwik.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\kabkggof.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\SYSTEM32\komapgyc.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\lhcurvqp.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\lnxyphrl.exe
Adware:Adware/Popuper Not disinfected C:\WINDOWS\SYSTEM32\mskwpdxf.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\nixgsnpk.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\ofmagxam.exe
Adware:Adware/StartPage.AIW Not disinfected C:\WINDOWS\SYSTEM32\pmnnk.dll
Adware:Adware/Popuper Not disinfected C:\WINDOWS\SYSTEM32\qivmofjd.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\rbuyfxgh.exe
Adware:Adware/Popuper Not disinfected C:\WINDOWS\SYSTEM32\rqifajuv.exe
Virus:Trj/ChampMailer.C Disinfected C:\WINDOWS\SYSTEM32\rvohewbh.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\sclhcmcb.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\uhyuvdru.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\SYSTEM32\vlnkbgrm.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\vtutr.dll
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\xnijsvlq.exe[/QUOTE]
So heres the problem.
My computer has so much spyware and junk on it, that i can't navigate through a single web page without at least three pop up windows, well, popping up.
Ive ran adaware several times in the past to try and fix the problem, but it doesnt do much.
I know one of the problems is winpro2006, (or something similar to that), because it get endless pop-ups from them. ALSO, recently, a toolbar (vs toolbar i think) has shown up, unexplained, and wont leave.
My computer is so bogged down from all this junk. I did download all the programs, ran all the scans, and have all of my logs handy.
If anyone can help me out, i would GREATLY appreciate it!! I have a cable modem, and my computer runs like dialup from 95. I did the activescan, kaspersky, and panda, and was able to save all the logs, except for the panda.
When it finished, i went to save the log file, and go figure, my computer froze up on me. I didnt have the patience to run another 2.5 hour scan.
The kaspersky log file was WAY too long for me to post, but if it will be of any help, i can provide the results.
THANKS SO MUCH!!!
HiJack this log...
Logfile of HijackThis v1.99.1
Scan saved at 6:44:18 PM, on 11/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton\navapsvc.exe
C:\Program Files\Norton\AdvTools\NPROTECT.EXE
C:\Program Files\Norton\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {6355FE44-F11F-43DF-87F3-F24B754F9073} - C:\WINDOWS\system32\hnebwxex.dll
O2 - BHO: (no name) - {BB62073C-E9B8-4583-87AA-E841ACE1DACb} - C:\WINDOWS\system32\hnebwxex.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton\NavShExt.dll
O2 - BHO: MSEvents Object - {CE70731D-F28D-4D81-9D61-C8EE60378401} - C:\WINDOWS\system32\awvvs.dll
O2 - BHO: (no name) - {F18F04B0-9CF1-4b93-B004-77A288BEE28B} - C:\WINDOWS\system32\dtckfgvb.dll
O2 - BHO: (no name) - {F745E180-8911-4EC3-AA48-5440E646B8Af} - C:\WINDOWS\system32\hnebwxex.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton\NavShExt.dll
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [vmlib] vmlib.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: http://scanner.sysprotect.com
O15 - Trusted Zone: http://*.systemdoctor.com
O15 - Trusted Zone: http://www.winantivirus.com
O15 - Trusted Zone: http://www.winantiviruspro.com
O15 - Trusted Zone: http://download.cdn.winsoftware.com
O15 - Trusted IP range: http://202.67.220.225
O15 - Trusted IP range: http://59.148.220.121
O15 - Trusted IP range: http://62.4.84.53
O15 - Trusted IP range: http://82.98.235.58
O15 - Trusted IP range: http://85.12.25.90
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c420.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} - http://pictures02.aim.com/ygp/aol/plugin/upf/AOLUPF.en-US-AIM.9.5.1.7.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: awvvs - C:\WINDOWS\system32\awvvs.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: ithmjfyj - ithmjfyj.dll (file missing)
O20 - Winlogon Notify: mljge - mljge.dll (file missing)
O20 - Winlogon Notify: pmnno - C:\WINDOWS\system32\pmnno.dll (file missing)
O20 - Winlogon Notify: rvohewbh - rvohewbh.dll (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Active scan log
Incident Status Location
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.adultfriendfinder.com/]
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.winantivirus.com/]
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[stats1.reliablestats.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.atwola.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.zedo.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[server.iad.liveperson.net/hc/31953349]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Erin\Application Data\Mozilla\Firefox\Profiles\hyppdtkj.default\cookies.txt[server.iad.liveperson.net/]
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Shannon\Application Data\Mozilla\Firefox\Profiles\1y5cwmf8.default\cookies.txt[stats1.reliablestats.com/]
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Shannon\Application Data\Mozilla\Firefox\Profiles\1y5cwmf8.default\cookies.txt[winantivirus.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@ad.yieldmanager[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@advertising[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@atdmt[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@com[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@realmedia[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@stats1.reliablestats[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@tradedoubler[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@trafficmp[1].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Shannon\Cookies\shannon@www.myaffiliateprogram[2].txt
Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Documents and Settings\Shannon\Local Settings\Application Data\Mozilla\Firefox\Profiles\1y5cwmf8.default\Cache\B23E4567d01
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[winantivirus.com/]
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[.winantivirus.com/]
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[stats1.reliablestats.com/]
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[www.winantivirus.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[.drivecleaner.com/]
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[.errorsafe.com/]
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[www.systemdoctor.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[stats.drivecleaner.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Tim\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\cookies.txt[.fastclick.net/]
Hacktool:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Tim\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-18022163-75b07a18.zip[Dummy.class]
Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Documents and Settings\Tim\Local Settings\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\Cache\004982A7d01
Potentially unwanted tool:Application/SystemDoctor2006 Not disinfected C:\Documents and Settings\Tim\Local Settings\Application Data\Mozilla\Firefox\Profiles\hp2hxdq1.default\Cache\069CD5C0d01
Potentially unwanted tool:Application/Zango Not disinfected C:\Documents and Settings\Tim\Local Settings\Temp\ZangoToolbarInstaller.exe[ZangoInstaller.exe]
Adware:Adware/Trymedia Not disinfected C:\Downloads\PrisonTycoonSetup-dm[1].exe
Adware:Adware/Trymedia Not disinfected C:\Downloads\WormsArmageddon-dm[1].exe
Potentially unwanted tool:Application/Zango Not disinfected C:\Program Files\Mozilla Firefox\plugins\npclntax.dll
Adware:adware/ncase Not disinfected C:\temp\salmau.dat
Adware:Adware/EliteBar Not disinfected C:\WINDOWS\blocklist.reg
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\aopnjvti.exe
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\awvvs.dll
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\baondxjb.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\cnohdnym.exe
Adware:Adware/Popuper Not disinfected C:\WINDOWS\SYSTEM32\dbeeogmo.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\dimidpbh.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\djbvsswk.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\SYSTEM32\egpmahlt.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\fxxdgbhq.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\ihkartxe.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\ioujjgpb.exe
Virus:Trj/ChampMailer.C Disinfected C:\WINDOWS\SYSTEM32\ithmjfyj.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\jtoqynwk.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\SYSTEM32\jxvxfwik.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\kabkggof.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\SYSTEM32\komapgyc.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\lhcurvqp.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\lnxyphrl.exe
Adware:Adware/Popuper Not disinfected C:\WINDOWS\SYSTEM32\mskwpdxf.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\nixgsnpk.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\ofmagxam.exe
Adware:Adware/StartPage.AIW Not disinfected C:\WINDOWS\SYSTEM32\pmnnk.dll
Adware:Adware/Popuper Not disinfected C:\WINDOWS\SYSTEM32\qivmofjd.exe
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\rbuyfxgh.exe
Adware:Adware/Popuper Not disinfected C:\WINDOWS\SYSTEM32\rqifajuv.exe
Virus:Trj/ChampMailer.C Disinfected C:\WINDOWS\SYSTEM32\rvohewbh.dll
Adware:Adware/SecurityError Not disinfected C:\WINDOWS\SYSTEM32\sclhcmcb.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\uhyuvdru.dll
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\SYSTEM32\vlnkbgrm.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\SYSTEM32\vtutr.dll
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\SYSTEM32\xnijsvlq.exe[/QUOTE]
0
This discussion has been closed.
Comments
Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
http://www.ewido.net/en/download/
- Install AVG Anti-Spyware by double clicking the installer.
- Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
- On the main screen under Your Computer's security.
- Click on Change state next to Resident shield. It should now change to inactive.
- Click on Change state next to Automatic updates. It should now change to inactive.
- Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
- Wait until you see the Update succesfull message.
- Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
- Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
If you are having problems with the updater, you can use this link to manually update ewido.AVG Anti-Spyware manual updates.
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.
Reboot your computer in Safe Mode.
- If the computer is running, shut down Windows, and then turn off the power.
- Wait 30 seconds, and then turn the computer on.
- Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
- Ensure that the Safe Mode option is selected.
- Press Enter. The computer then begins to start in Safe mode.
- Login on your usual account.
Once in Safe Mode:Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.
- Click on Scanner on the toolbar.
- Click on the Settings tab.
- Under How to act?
- Click on Recommended Action and choose Quarantine from the popup menu.
- Under How to scan?
- All checkboxes should be ticked.
- Under Possibly unwanted software:
- All checkboxes should be ticked.
- Under Reports:
- Select Automatically generate report after every scan and uncheck Only if threats were found.
- Under What to scan?
- Select Scan every file.
- Click on the Scan tab.
- Click on Complete System Scan to start the scan process.
- Let the program scan the machine.
- When the scan has finished, follow the instructions below.
- Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
- At the bottom of the window click on the Apply all Actions button. (3)
- When done, click the Save Scan Report button. (4)
- Click the Save Report as button.
- Save the report to your Desktop.
- Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
Reboot back into Normal Mode please post back the AVG log and new HJT logIMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
Infections can change and fresh instructions will now need to be given. This topic is now closed, if you still require assistance then please start a new topic in the Spyware & Virus Removal Forum
If you wish this topic reopened, please send a Private Message (PM) to one of the Spyware Mods with a link to your thread.
Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required.
If you are not the user who started this thread, you must start a new Thread instead