Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Bad dll file that I cannot kill

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Bad dll file that I cannot kill

Unread postby ndmmxiaomayi » November 14th, 2007, 9:56 am

Sorry for that. Some thing isn't quite right and I'm trying to figure out that.
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am
Advertisement
Register to Remove

Re: Bad dll file that I cannot kill

Unread postby ndmmxiaomayi » November 14th, 2007, 12:49 pm

Hi Jamie. :)

Step 1

Please open Notepad and copy and paste the following in the Code box into Notepad:

Code: Select all
FileLook::
C:\WINDOWS\system32\MuteHook.dll
C:\WINDOWS\system32\MyCfHook.dll


Click on File > Save As....

In the File Name box, copy and paste in CFScript.txt. You will be prompted that this file already exists and if you want to overwrite it. Click Yes. Do not change the file name.

Click Save.

Referring to the picture below, drag CFScript into Combofix.

Image

Combofix will start running. Please post back the Combofix log and a new HijackThis log in your next reply.
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am

Re: Bad dll file that I cannot kill

Unread postby DrPostman » November 14th, 2007, 6:17 pm

AVG caught two virus while ComboFix ran. Here are the results:

ComboFix:

ComboFix 07-11-08.1 - Jamie 2007-11-14 15:56:24.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.181 [GMT -6:00]
Running from: C:\Documents and Settings\Jamie\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Jamie\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-10-14 to 2007-11-14 )))))))))))))))))))))))))))))))
.

2007-11-14 02:51 10,368 --------- C:\WINDOWS\system32\drivers\iviaspi.sys
2007-11-14 02:50 10,368 --a------ C:\WINDOWS\system32\iviaspi.sys
2007-11-14 02:49 <DIR> d-------- C:\Program Files\Sandisk
2007-11-12 18:36 <DIR> d-------- C:\Program Files\Virtual Laguna Beach
2007-11-11 02:47 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-10 06:47 <DIR> d-------- C:\Documents and Settings\Jamie\Application Data\TrojanHunter
2007-11-10 05:14 <DIR> d-------- C:\Program Files\TrojanHunter 5.0
2007-11-09 01:02 208,996 --a------ C:\WINDOWS\system32\MuteHook.dll
2007-11-09 01:00 208,997 --a------ C:\WINDOWS\system32\MyCfHook.dll
2007-11-06 23:16 <DIR> d-------- C:\Program Files\VirtualDJ
2007-11-06 06:52 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-10-26 19:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2007-10-23 00:30 <DIR> d-------- C:\Program Files\Crocodile 2.0
2007-10-20 15:58 <DIR> d-------- C:\Program Files\SuperWebcam
2007-10-20 15:57 31,872 --a------ C:\WINDOWS\system32\drivers\superwebcam.sys
2007-10-18 00:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2007-10-18 00:25 <DIR> d-------- C:\users
2007-10-18 00:25 <DIR> d-------- C:\My Games
2007-10-18 00:22 <DIR> d-------- C:\Program Files\RealArcade

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-14 21:16 --------- d-----w C:\Documents and Settings\Jamie\Application Data\SiteAdvisor
2007-11-14 16:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2007-11-14 08:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-11 12:28 --------- d-----w C:\Program Files\PeerGuardian2
2007-11-11 06:32 --------- d-----w C:\Program Files\Kermit
2007-11-10 09:57 --------- d-----w C:\Documents and Settings\Jamie\Application Data\AVG7
2007-11-10 09:45 --------- d-----w C:\Documents and Settings\Jamie\Application Data\Registry Booster
2007-11-10 09:04 --------- d-----w C:\Documents and Settings\Jamie\Application Data\uTorrent
2007-11-08 12:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-10-30 04:29 --------- d-----w C:\Program Files\Google
2007-10-29 22:10 --------- d-----w C:\Documents and Settings\Jamie\Application Data\Camfrog
2007-10-27 01:44 --------- d-----w C:\Program Files\WebcamMax
2007-10-27 01:38 --------- d-----w C:\Program Files\RSSoft
2007-10-26 03:36 8,454,656 ------w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-22 05:23 --------- d-----w C:\Program Files\Camfrog DJ
2007-10-12 01:19 --------- d-----w C:\Program Files\MTV Networks
2007-10-11 15:56 --------- d-----w C:\Program Files\Game Elements PC Recoil Pad
2007-10-06 01:00 --------- d-----w C:\Documents and Settings\Jamie\Application Data\Webcammax
2007-09-27 20:18 --------- d-----w C:\Program Files\Java
2007-09-20 07:46 --------- d-----w C:\Program Files\ICE
2007-09-18 22:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2007-09-14 01:11 --------- d-----w C:\Documents and Settings\Jamie\Application Data\MySpace
2007-09-14 01:10 --------- d-----w C:\Program Files\MySpace
2007-08-22 13:12 96,256 ------w C:\WINDOWS\system32\dllcache\inseng.dll
2007-08-22 13:12 658,944 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-22 13:12 615,424 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-22 13:12 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-22 13:12 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-22 13:12 474,112 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-08-22 13:12 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-22 13:12 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-08-22 13:12 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-08-22 13:12 3,058,176 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-22 13:12 251,392 ------w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-08-22 13:12 205,312 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-22 13:12 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-22 13:12 151,040 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-08-22 13:12 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-22 13:12 1,494,528 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-08-22 13:12 1,054,208 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-08-22 13:12 1,022,976 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-08-21 10:30 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:15 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll
.

((((((((((((((((((((((((((((( snapshot@2007-11-11_ 3.08.56.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-09-28 05:19:40 18,089,592 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-11-02 07:12:57 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
- 2006-12-19 21:52:18 8,453,632 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-26 03:36:51 8,454,656 ----a-w C:\WINDOWS\system32\shell32.dll
- 2007-08-21 10:20:02 115,712 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 10:26:53 115,712 ----a-w C:\WINDOWS\system32\xpsp3res.dll
- 2007-11-11 08:19:14 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
+ 2007-11-14 10:10:45 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
- 2007-11-10 12:01:00 6,648,158 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
+ 2007-11-14 16:01:19 6,706,762 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 19:12]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 16:34]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 15:48]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 16:34]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-08 23:02]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-24 06:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Speaking Clock Lite"="C:\Program Files\Speaking Clock\SpClock.exe" [2003-03-02 10:15]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
NaturalColorLoad.lnk - C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe [2006-02-22 22:15:49]

R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\WINDOWS\system32\DRIVERS\ManyCam.sys
R3 PAC207;PC Camer@;C:\WINDOWS\system32\DRIVERS\PFC027.SYS
R3 SUPERWEBCAM;SuperWebcam, WDM Virtual Video Capture Device;C:\WINDOWS\system32\DRIVERS\superwebcam.sys
S3 gkmixern;gkmixern;\??\C:\DOCUME~1\Jamie\LOCALS~1\Temp\gkmixern.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-11-14 10:12:29 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-14 16:02:08
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-11-14 16:04:20
C:\ComboFix2.txt ... 2007-11-12 07:14
C:\ComboFix3.txt ... 2007-11-11 03:13
.
--- E O F ---

HijackThis:

Logfile of HijackThis v1.99.1
Scan saved at 4:16:51 PM, on 11/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Speaking Clock\SpClock.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trendmicro.com/hc_intro/default.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [IntelMeM] "C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files\Google\Gmail Notifier\gnotify.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [Speaking Clock Lite] C:\Program Files\Speaking Clock\SpClock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.memphiszoo.org
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1} (Zenturi Active Programs Control) - http://www.programchecker.com/dll/nixon.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Thanks again. Off to work. I'll check back in 9 hours.

Jamie
DrPostman
Regular Member
 
Posts: 41
Joined: November 10th, 2007, 7:01 am

Re: Bad dll file that I cannot kill

Unread postby ndmmxiaomayi » November 15th, 2007, 12:29 am

Hi Jamie,

I would like to verify something.

  1. Open My Computer.
  2. Go to Tools > Folder Options.
  3. Select the View tab.
  4. Scroll down to Hidden files and folders.
  5. Select Show hidden files and folders.
  6. Uncheck (untick) Hide extensions of known file types.
  7. Uncheck (untick) Hide protected operating system files (Recommended).
  8. Click Yes when prompted.
  9. Click OK.
  10. Close My Computer.

Please navigate to C:\Windows\System32 folder.

Do you see these 2 files?

1. MuteHook.dll
2. MyCfHook.dll
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am

Re: Bad dll file that I cannot kill

Unread postby DrPostman » November 15th, 2007, 4:41 am

They are both still there. How do we get rid of them, if
that's what is needed?

Jamie
DrPostman
Regular Member
 
Posts: 41
Joined: November 10th, 2007, 7:01 am

Re: Bad dll file that I cannot kill

Unread postby ndmmxiaomayi » November 16th, 2007, 2:16 am

Hi Jamie,

Let's try again if it works.

If it gives a warning about "File not found", ignore it.

Please go to Virus Total or Jotti and upload C:\Windows\System32\MuteHook.dll for scanning.

For Virus Total

  1. Please copy and paste C:\Windows\System32\MuteHook.dll in the text box next to the Browse button.
  2. Click on Send File.

For Jotti

  1. Please copy and paste C:\Windows\System32\MuteHook.dll in the text box next to the Browse button.
  2. Click on Submit.

Copy and paste the scan results to a document before uploading the next file for a scan.

Repeat for C:\Windows\System32\MyCfHook.dll

Please copy and paste the scan results of these 2 files in your next reply.
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am

Re: Bad dll file that I cannot kill

Unread postby DrPostman » November 16th, 2007, 4:59 am

Here we go. I used BOTH services this time.
For MuteHook.dll
Jotti got
Service load:
0% 100%
File: MuteHook.dll
Status:
OK
MD5: 9e649ade6b670813d78fddd283911433
Packers detected:
-
Bit9 reports: File not found
Scanner results
Scan taken on 16 Nov 2007 08:31:12 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

VirusTotal got:
File MyCfHook.dll received on 11.16.2007 09:36:28 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/32 (0%)
Additional information
File size: 208997 bytes
MD5: e7dad9f25fc84e2c0d86e79f55179528
SHA1: 13c9207a5e63a4dda32ec4bb586279c6e08eff64

*****************************************************************************************
For the MyCfHook.dll file:

Jotti got:
Service load:
0% 100%
File: MyCfHook.dll
Status:
OK
MD5: e7dad9f25fc84e2c0d86e79f55179528
Packers detected:
-
Bit9 reports: File not found
Scanner results
Scan taken on 16 Nov 2007 08:48:01 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

VirusTotal got:
File MyCfHook.dll received on 11.16.2007 09:52:15 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/32 (0%)

Additional information
File size: 208997 bytes
MD5: e7dad9f25fc84e2c0d86e79f55179528
SHA1: 13c9207a5e63a4dda32ec4bb586279c6e08eff64

Am I good yet?

Thanks,
Jamie
DrPostman
Regular Member
 
Posts: 41
Joined: November 10th, 2007, 7:01 am

Re: Bad dll file that I cannot kill

Unread postby ndmmxiaomayi » November 16th, 2007, 5:07 am

Hi Jamie,

The 2 files look OK.

Step 1

  1. Please download AVG Anti-Spyware and save it to your desktop.
  2. Double click on avgas-setup-7.5.0.50.exe to install AVG Anti-Spyware. Install it in the default location.
  3. Once installed, start AVG Anti-Spyware by going to Start > All Programs > AVG Anti-Spyware 7.5 > AVG Anti-Spyware.
  4. In the main screen, you should see Your Computer's Security.
    • Next to Resident Shield, click on Change state. It should now be Inactive.
    • Next to Automatic Updates, click on Change state. It should now be Inactive.
    • Next to Last Update, click on Update now. If your firewall prompts you, tell your firewall to allow it. Should you be unable to update it, download the updates from here. Save it to your desktop. Double click to run the installation and the updates will be installed. Make sure AVG Anti-Spyware is closed during the installation.
    • Right-click the AVG Anti-Spyware icon near the clock and uncheck (untick) Start with Windows. Confirm by clicking Yes.
  5. Now click on the Scanner button at the top.
  6. Select the Settings tab.
  7. Under How to act?, click on Recommended actions and select Quarantine.
  8. Under How to scan?, check (tick) all the boxes.
  9. Under Possibly unwanted software:, check (tick) all the boxes.
  10. Under Reports:, uncheck (untick) the Only if threats were found box and select Do not automatically generate report.
  11. Under What to scan?, select Scan every file.
Do not run a scan yet. You will run a scan later.

Step 2

Please download ATF Cleaner by Atribune.

  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All.
  • Click the Empty Selected button.

If you use Firefox browser

  • Click Firefox at the top and choose: Select All.
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

  • Click Opera at the top and choose: Select All.
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Step 3

Please print out or save this set of instructions as you will not have internet access during the fix.

Reboot into Safe Mode by following the instructions below:

  • When you see BIOS screen, start pressing F8.
  • A boot menu will appear shortly.
  • Using the up down arrows, select Safe Mode and press the Enter key.
  • Windows will now load.
  • Log in to your usual account.

Step 4

  1. Start AVG Anti-Spyware by going to Start > All Programs > AVG Anti-Spyware 7.5 > AVG Anti-Spyware.
  2. Click on the Scanner button at the top.
  3. Select the Scan tab.
  4. Click on Complete System Scan to start the scan.
  5. When the scan has finished, follow the instructions below.
    IMPORTANT: Don't click on the Save Scan Report button before you did hit the Apply all Actions button.
    • Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
    • At the bottom of the window click on the Apply all Actions button. (3)
      Image
  6. When done, click the Save Scan Report button. (4)
    • Click the Save Report as button.
    • Save the report to your Desktop.
  7. Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
Restart your computer in Normal Mode.

In your next reply, please post:

  1. AVG Antispyware scan report
  2. A new HijackThis log
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am

Re: Bad dll file that I cannot kill

Unread postby DrPostman » November 16th, 2007, 6:47 am

I'm purchasing a printer today, so I'll give these new instructions a
try tonight. I actually already have ATF-Cleaner. Thanks again for
all the help, and I'll post the results later tonight.

Jamie
DrPostman
Regular Member
 
Posts: 41
Joined: November 10th, 2007, 7:01 am

Re: Bad dll file that I cannot kill

Unread postby DrPostman » November 17th, 2007, 5:43 am

All righty, here are the latest steps:

AVG Report:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:18:01 AM 11/17/2007

+ Scan result:



:mozilla.229:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.479:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.527:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.183:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.184:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.185:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.186:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.187:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.188:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.189:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.190:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.191:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.192:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.193:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.194:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.195:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.196:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.197:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.198:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.199:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.200:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.201:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.202:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.203:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.204:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.205:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.206:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.207:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.208:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.209:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.210:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.211:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.212:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.213:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.214:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.215:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.216:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.217:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.218:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.219:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.220:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.221:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.222:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.223:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.224:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.225:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.226:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.227:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.228:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.229:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.230:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.230:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.231:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.232:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.306:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.342:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.453:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.608:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.694:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.814:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.866:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.869:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.871:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.926:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.343:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.344:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.345:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.346:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.56:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.57:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.11:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.12:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.179:C:\Program Files\Support.com\backup\co\cookies.txt\20591_588b50be3_/cookies.txt -> TrackingCookie.Adjuggler : Error during cleaning.
:mozilla.795:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.240:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Adnet : Cleaned.
:mozilla.824:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.190:C:\Program Files\Support.com\backup\co\cookies.txt\20591_588b50be3_/cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.191:C:\Program Files\Support.com\backup\co\cookies.txt\20591_588b50be3_/cookies.txt -> TrackingCookie.Adtech : Error during cleaning.
:mozilla.241:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.242:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.486:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.487:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.688:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.33:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.51:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.594:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Bluemountain : Cleaned.
:mozilla.13:C:\Program Files\Support.com\backup\co\cookies.txt\3124_5bdf5deee_/cookies.txt -> TrackingCookie.Bluestreak : Error during cleaning.
:mozilla.429:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.224:C:\Program Files\Support.com\backup\co\cookies.txt\20591_588b50be3_/cookies.txt -> TrackingCookie.Bridgetrack : Error during cleaning.
:mozilla.225:C:\Program Files\Support.com\backup\co\cookies.txt\20591_588b50be3_/cookies.txt -> TrackingCookie.Bridgetrack : Error during cleaning.
:mozilla.537:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.538:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.794:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.450:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.705:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.60:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.86:C:\Program Files\Support.com\backup\co\cookies.txt\20591_588b50be3_/cookies.txt -> TrackingCookie.Doubleclick : Error during cleaning.
:mozilla.820:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.821:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.268:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.269:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.270:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.271:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.92:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.34:C:\Program Files\Support.com\backup\co\cookies.txt\3046_57fb375e6_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.35:C:\Program Files\Support.com\backup\co\cookies.txt\3046_57fb375e6_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.35:C:\Program Files\Support.com\backup\co\cookies.txt\3124_5bdf5deee_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.36:C:\Program Files\Support.com\backup\co\cookies.txt\3124_5bdf5deee_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.37:C:\Program Files\Support.com\backup\co\cookies.txt\3124_5bdf5deee_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.91:C:\Program Files\Support.com\backup\co\cookies.txt\20591_588b50be3_/cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.891:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.892:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.843:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Hypertracker : Cleaned.
:mozilla.138:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.139:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.170:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.171:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.481:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.603:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.624:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Information : Cleaned.
:mozilla.797:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Information : Cleaned.
:mozilla.715:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Intelli-direct : Cleaned.
:mozilla.315:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.316:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.608:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.609:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.488:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Paycounter : Cleaned.
:mozilla.476:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.477:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.478:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.479:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.480:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.481:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.482:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.483:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.484:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.602:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.603:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.604:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.605:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.645:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.646:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.647:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.114:C:\Program Files\Support.com\backup\co\cookies.txt\20591_588b50be3_/cookies.txt -> TrackingCookie.Qksrv : Error during cleaning.
:mozilla.115:C:\Program Files\Support.com\backup\co\cookies.txt\20591_588b50be3_/cookies.txt -> TrackingCookie.Qksrv : Error during cleaning.
:mozilla.649:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.650:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.659:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.660:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.123:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Real : Cleaned.
:mozilla.218:C:\Program Files\Support.com\backup\co\cookies.txt\20591_588b50be3_/cookies.txt -> TrackingCookie.Real : Error during cleaning.
:mozilla.529:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Real : Cleaned.
:mozilla.530:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Real : Cleaned.
:mozilla.531:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Real : Cleaned.
:mozilla.532:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Real : Cleaned.
:mozilla.546:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Real : Cleaned.
:mozilla.547:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Real : Cleaned.
:mozilla.548:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Real : Cleaned.
:mozilla.100:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.101:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.102:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.103:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.104:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.31:C:\Program Files\Support.com\backup\co\cookies.txt\3046_57fb375e6_/cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.32:C:\Program Files\Support.com\backup\co\cookies.txt\3124_5bdf5deee_/cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.33:C:\Program Files\Support.com\backup\co\cookies.txt\3124_5bdf5deee_/cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.652:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.653:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.662:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.663:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.98:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.99:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.492:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.76:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.77:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.78:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.79:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.80:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.81:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.82:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.83:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.84:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.85:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.86:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.87:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.88:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.89:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.90:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.91:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.380:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.389:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.390:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.560:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.595:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.596:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.597:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.598:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.599:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.600:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.610:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.611:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.227:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.376:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.310:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.311:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.558:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.411:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.412:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.749:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.750:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.277:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.278:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.279:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.280:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.281:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.282:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.283:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.284:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.285:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.286:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.287:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.288:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.289:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.290:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.294:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.33:C:\Program Files\Support.com\backup\co\cookies.txt\3046_57fb375e6_/cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.462:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-1.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.757:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookies-2.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.99:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.17:C:\Program Files\Support.com\backup\co\cookies.txt\3046_57fb375e6_/cookies.txt -> TrackingCookie.Valueclick : Error during cleaning.
:mozilla.18:C:\Program Files\Support.com\backup\co\cookies.txt\3046_57fb375e6_/cookies.txt -> TrackingCookie.Valueclick : Error during cleaning.
:mozilla.102:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.103:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.104:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.105:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.105:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.106:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.106:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.107:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.107:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.108:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.109:C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cookiesnew.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.109:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.110:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.111:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.112:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.113:F:\Main Backup\Firefox Backups\cookies{default}.txt -> TrackingCookie.Yieldmanager : Cleaned.


::Report end

HijackThis Log:

Logfile of HijackThis v1.99.1
Scan saved at 3:42:48 AM, on 11/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Speaking Clock\SpClock.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trendmicro.com/hc_intro/default.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [IntelMeM] "C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files\Google\Gmail Notifier\gnotify.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Speaking Clock Lite] C:\Program Files\Speaking Clock\SpClock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.memphiszoo.org
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1} (Zenturi Active Programs Control) - http://www.programchecker.com/dll/nixon.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


Thanks,
Jamie
DrPostman
Regular Member
 
Posts: 41
Joined: November 10th, 2007, 7:01 am

Re: Bad dll file that I cannot kill

Unread postby ndmmxiaomayi » November 17th, 2007, 9:49 am

Hi Jamie,

Please go to Kaspersky website and perform an online antivirus scan. Please use Internet Explorer as it uses ActiveX.

  1. Click on Kaspersky Online Scanner button.
  2. Read through the requirements and privacy statement and click on Accept button.
  3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an ActiveX from Kaspersky. Click Yes.
  4. When the downloads have finished, click on Next button.
  5. Click on Scan Settings button.
  6. Select extended under Scan using the following antivirus database:
  7. Check (tick) these boxes under Scan options:
    • Scan Archives
    • Scan Mail Bases
  8. Click OK
  9. Click on My Computer under Please select a target to scan:
  10. Once the scan is complete it will display if your system has been infected. Click on Save as text button and save it to your desktop.
  11. Copy and paste this log in your next reply.

In your next reply, please post:

  1. Kaspersky Antivirus scan report
  2. A new HijackThis log
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am

Re: Bad dll file that I cannot kill

Unread postby DrPostman » November 17th, 2007, 7:22 pm

That found 4 virus in 10 places. Daymn, but I do hope we can
finally get my system cleaned up. I really do appreciate all
the help you guys provide for free!

Here is the kaspersky log:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, November 17, 2007 5:13:57 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 17/11/2007
Kaspersky Anti-Virus database records: 460891
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan Statistics:
Total number of scanned objects: 163874
Number of viruses found: 4
Number of infected objects: 10
Number of suspicious objects: 0
Duration of the scan process: 04:45:39

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-07062007-234612.log Object is locked skipped
C:\Documents and Settings\Jamie\.housecall6.6\Quarantine\00007B1B.DAT.bac_a03660/[From "joebob" <yczhhvbw@wcyggtbu.com>][Date Fri, 12 May 2006 02:57:34 GMT]/UNNAMED/teen_msn_cam_shots.scr Infected: Backdoor.Win32.Hackarmy.gen skipped
C:\Documents and Settings\Jamie\.housecall6.6\Quarantine\00007B1B.DAT.bac_a03660/[From "joebob" <yczhhvbw@wcyggtbu.com>][Date Fri, 12 May 2006 02:57:34 GMT]/UNNAMED Infected: Backdoor.Win32.Hackarmy.gen skipped
C:\Documents and Settings\Jamie\.housecall6.6\Quarantine\00007B1B.DAT.bac_a03660 Mail: infected - 2 skipped
C:\Documents and Settings\Jamie\.housecall6.6\Quarantine\00007B1B.DAT.bac_a03660 CryptFF.b: infected - 2 skipped
C:\Documents and Settings\Jamie\.housecall6.6\Quarantine\pyxpchsl.dll.bac_a03388 Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\Documents and Settings\Jamie\.housecall6.6\Quarantine\seywnjib.dll.bac_a03388 Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\cert8.db Object is locked skipped
C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\history.dat Object is locked skipped
C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\key3.db Object is locked skipped
C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\parent.lock Object is locked skipped
C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Jamie\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Jamie\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Jamie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Jamie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Jamie\Local Settings\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Jamie\Local Settings\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Jamie\Local Settings\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Jamie\Local Settings\Application Data\Mozilla\Firefox\Profiles\x9hodb40.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Jamie\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jamie\Local Settings\Temp\~DF4818.tmp Object is locked skipped
C:\Documents and Settings\Jamie\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jamie\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Jamie\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP11\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\D6Q6PG81.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{C2D35712-6B72-4659-ACCF-AEAC57CA52D1}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\ZLT06b6c.TMP Object is locked skipped
C:\WINDOWS\Temp\ZLT06bb3.TMP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
F:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP11\change.log Object is locked skipped
F:\New Downloaded Programs\keyloggerspymonitor.exe/file12 Infected: not-a-virus:Monitor.Win32.PowerSpy.f skipped
F:\New Downloaded Programs\keyloggerspymonitor.exe Inno: infected - 1 skipped
F:\New Downloaded Programs\screenspymonitor.exe/file10 Infected: not-a-virus:Monitor.Win32.PowerSpy.f skipped
F:\New Downloaded Programs\screenspymonitor.exe Inno: infected - 1 skipped

Scan process completed.


And the new HijackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 5:19:10 PM, on 11/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Speaking Clock\SpClock.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trendmicro.com/hc_intro/default.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [IntelMeM] "C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files\Google\Gmail Notifier\gnotify.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Speaking Clock Lite] C:\Program Files\Speaking Clock\SpClock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NaturalColorLoad.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.memphiszoo.org
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1} (Zenturi Active Programs Control) - http://www.programchecker.com/dll/nixon.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Again, much thanks.

Jamie
DrPostman
Regular Member
 
Posts: 41
Joined: November 10th, 2007, 7:01 am

Re: Bad dll file that I cannot kill

Unread postby ndmmxiaomayi » November 17th, 2007, 10:12 pm

Hi Jamie,

Did you download these yourself?

F:\New Downloaded Programs\keyloggerspymonitor.exe/file12 Infected: not-a-virus:Monitor.Win32.PowerSpy.f skipped
F:\New Downloaded Programs\keyloggerspymonitor.exe Inno: infected - 1 skipped
F:\New Downloaded Programs\screenspymonitor.exe/file10 Infected: not-a-virus:Monitor.Win32.PowerSpy.f skipped
F:\New Downloaded Programs\screenspymonitor.exe Inno: infected - 1 skipped
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am

Re: Bad dll file that I cannot kill

Unread postby DrPostman » November 17th, 2007, 10:36 pm

Yes I did. They are free trial software for monitoring the
activities of my GF's 16 year old son. After he told a
26 year old digbat woman form Iowa that she could drive
down to Memphis with nothing more than enough gas money
to get here that I would let her stay and feed her until she
could get back on her feet. She picked the wrong state
since the AOC is 18. Anyway, I haven't tried them yet

If I delete them that will be the end of my problems?

Jamie
DrPostman
Regular Member
 
Posts: 41
Joined: November 10th, 2007, 7:01 am

Re: Bad dll file that I cannot kill

Unread postby ndmmxiaomayi » November 17th, 2007, 10:41 pm

I don't know much about keyloggers. I'll ask around for more info. Please be patient.
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 46 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware