Need help, computer acting very, very messed up.
ok my symptoms are:
Takes forever for my computer to restart all of a sudden. Takes like 3 minutes.
My bookmarks are gone.
Firefox wont save bookmarks anymore.
Very sluggish now.
Here is a logfile for HijackThis. Im tired of my computer always getting messed up too, so if you could, could you give me some advice on how to keep it clean. Like are there any free programs or anything that you would suggest to help me out. I used to F-Disk every 3-4 months because my comp would get so messed up. Now I don't want to because it would take way....way...way to long to get everything back and more than half the stuff wont fit on a CD. PLEASE HELP ME! Thanks to who ever does I really do appreciate it.
Logfile of HijackThis v1.99.1
Scan saved at 4:31:58 PM, on 1/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\AIM\AIMWDI~1.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bryan\Desktop\Virus Protectors\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AIMWDInstallFilename] C:\PROGRA~1\AIM\AIMWDI~1.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Takes forever for my computer to restart all of a sudden. Takes like 3 minutes.
My bookmarks are gone.
Firefox wont save bookmarks anymore.
Very sluggish now.
Here is a logfile for HijackThis. Im tired of my computer always getting messed up too, so if you could, could you give me some advice on how to keep it clean. Like are there any free programs or anything that you would suggest to help me out. I used to F-Disk every 3-4 months because my comp would get so messed up. Now I don't want to because it would take way....way...way to long to get everything back and more than half the stuff wont fit on a CD. PLEASE HELP ME! Thanks to who ever does I really do appreciate it.
Logfile of HijackThis v1.99.1
Scan saved at 4:31:58 PM, on 1/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\AIM\AIMWDI~1.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bryan\Desktop\Virus Protectors\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AIMWDInstallFilename] C:\PROGRA~1\AIM\AIMWDI~1.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
0
Comments
Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
http://www.ewido.net/en/download/
- Install AVG Anti-Spyware by double clicking the installer.
- Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
- On the main screen under Your Computer's security.
- Click on Change state next to Resident shield. It should now change to inactive.
- Click on Change state next to Automatic updates. It should now change to inactive.
- Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
- Wait until you see the Update succesfull message.
- Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
- Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
If you are having problems with the updater, you can use this link to manually update ewido.AVG Anti-Spyware manual updates.
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.
Reboot your computer in Safe Mode.
- If the computer is running, shut down Windows, and then turn off the power.
- Wait 30 seconds, and then turn the computer on.
- Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
- Ensure that the Safe Mode option is selected.
- Press Enter. The computer then begins to start in Safe mode.
- Login on your usual account.
Once in Safe Mode:Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.
- Click on Scanner on the toolbar.
- Click on the Settings tab.
- Under How to act?
- Click on Recommended Action and choose Quarantine from the popup menu.
- Under How to scan?
- All checkboxes should be ticked.
- Under Possibly unwanted software:
- All checkboxes should be ticked.
- Under Reports:
- Select Automatically generate report after every scan and uncheck Only if threats were found.
- Under What to scan?
- Select Scan every file.
- Click on the Scan tab.
- Click on Complete System Scan to start the scan process.
- Let the program scan the machine.
- When the scan has finished, follow the instructions below.
- Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
- At the bottom of the window click on the Apply all Actions button. (3)
- When done, click the Save Scan Report button. (4)
- Click the Save Report as button.
- Save the report to your Desktop.
- Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
Reboot back into Normal Mode please post back the AVG log and new HJT logIMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
Scan saved at 8:18:10 PM, on 1/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\AIM\AIMWDI~1.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Documents and Settings\Bryan\Desktop\Virus Protectors\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AIMWDInstallFilename] C:\PROGRA~1\AIM\AIMWDI~1.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\Bryan\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\Bryan\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
__________________________________________
AVG Anti-Spyware - Scan Report
+ Created at: 8:14:03 PM 1/31/2007
+ Scan result:
C:\Documents and Settings\Bryan\Desktop\Virus Protectors\kill2me.zip/Kill2Me.exe -> Adware.LookMe : Cleaned with backup (quarantined).
:mozilla.71:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.76:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.77:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.78:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.79:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.180:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.181:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.183:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.184:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.185:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.186:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.30:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.31:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.32:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.40:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.41:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Bryan\Cookies\bryan@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Bryan\Cookies\bryan@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.162:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.220:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.221:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.222:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.223:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.224:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Bryan\Cookies\bryan@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.218:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.257:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.43:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Bryan\Cookies\bryan@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.44:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.45:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.46:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.47:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.48:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.34:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.35:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.36:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.37:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.268:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.269:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.270:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.271:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.89:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.90:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Bryan\Cookies\bryan@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.104:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.52:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.60:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.66:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.113:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.114:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.115:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.179:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.182:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.169:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.175:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.176:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.177:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.178:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.238:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.239:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.170:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.171:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.172:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.173:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.174:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Bryan\Cookies\bryan@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.155:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.80:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.81:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.82:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.83:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.84:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.85:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.86:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.87:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.88:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.51:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.262:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.11:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.12:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.13:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.240:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.241:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.242:C:\Documents and Settings\Bryan\Application Data\Mozilla\Firefox\Profiles\ngh59heq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
thanks for the help.
- Double-click ATF-Cleaner.exe to run the program.
- Click Select All found at the bottom of the list.
- Click the Empty Selected button.
If you use Firefox browser, do this also:- Click Firefox at the top and choose Select All from the list.
- Click the Empty Selected button.
- NOTE : If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser, do this also:- Click Opera at the top and choose Select All from the list.
- Click the Empty Selected button.
- NOTE : If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.then reboot post new HJT, how's the computer now?
Scan saved at 10:51:25 PM, on 1/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\AIM\AIMWDI~1.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Bryan\Desktop\Virus Protectors\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AIMWDInstallFilename] C:\PROGRA~1\AIM\AIMWDI~1.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\Bryan\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\Bryan\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
______________________________
Its sort of working better. Firefox still wont let me save bookmarks the correct way and when I do save them there is no text telling you what it is. There is just an avatar there so you kind of know what it is. Its still pretty slow starting up and what not.
I dont know, I think my computer might be un-fixable.