Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

My hijack this log.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

My hijack this log.

Unread postby smurcoch » February 19th, 2008, 11:11 pm

Comp has been running slowly since my sister decided to install trial games with tons of spyware...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:59:21 PM, on 2/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} - (no file)
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-ABCD-7DD20B862223} - C:\Program Files\Helper\1202269255.dll
O3 - Toolbar: (no name) - {8113B5DE-F7EB-4154-A311-497FB80D8BD0} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Online Add-on\icthis.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Online Add-on\isfmntr.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZK
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.freeietool.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.freeietool.com/redirect.php (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Go%20Go%20Gourmet/Images/stg_drm.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0997485609
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Paparazzi/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: epineurial - {27cb634d-c84e-4c00-9b53-f5523601dbad} - (no file)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 6783 bytes
smurcoch
Active Member
 
Posts: 13
Joined: June 15th, 2005, 10:19 pm
Location: Edmonton, Alberta, Canada
Advertisement
Register to Remove

Re: My hijack this log.

Unread postby sjpritch25 » February 20th, 2008, 1:25 pm

Welcome to MR :hello2:

Please download SmitfraudFix
to your Desktop.
Double-click SmitfraudFix.exe
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm
User avatar
sjpritch25
Regular Member
 
Posts: 324
Joined: June 30th, 2007, 6:16 pm
Location: West Coast of Florida

Re: My hijack this log.

Unread postby smurcoch » February 20th, 2008, 6:58 pm

Code: Select all
SmitFraudFix v2.292

Scan done at 15:55:46.78, Wed 02/20/2008
Run from C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Justin


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Justin\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url FOUND !
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Justin\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop

C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 

C:\Program Files\Helper\ FOUND !
C:\Program Files\Online Add-on\ FOUND !
C:\Program Files\Sotfone\ FOUND !
C:\Program Files\VirusProtect 3.9\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
DNS Server Search Order: 154.11.129.59
DNS Server Search Order: 154.11.129.187

HKLM\SYSTEM\CCS\Services\Tcpip\..\{4487430E-5896-4315-A412-6A7CC5B17BE6}: DhcpNameServer=154.11.129.59 154.11.129.187
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4487430E-5896-4315-A412-6A7CC5B17BE6}: DhcpNameServer=154.11.129.59 154.11.129.187
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4487430E-5896-4315-A412-6A7CC5B17BE6}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=154.11.129.59 154.11.129.187
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=154.11.129.59 154.11.129.187
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End



there it is :)
smurcoch
Active Member
 
Posts: 13
Joined: June 15th, 2005, 10:19 pm
Location: Edmonton, Alberta, Canada

Re: My hijack this log.

Unread postby sjpritch25 » February 20th, 2008, 7:50 pm

You should print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
Once in Safe Mode, double-click SmitfraudFix.exe
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart anyway into normal Windows. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply along with a new HijackThis log.
The report can also be found at the root of the system drive, usually at C:\rapport.txt

Warning : running option #2 on a non infected computer will remove your Desktop background.



========================================

Please perform a scan with Panda ActiveScan - ActiveScan does not remove adware/spyware but will autoclean for viruses & worms. 1. Click "Scan Your PC". 2. A new window will open. Click "Check Now!". 3. Fill in your registration and click "Scan Now!". 4. You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component. 5. A new window will appear asking "Do you want to install this software?"" Name: asinst.cab. 6. Select "Install" to download the ActiveX controls that allows ActiveScan to run. 7. If running MSAS beta you may receive an alert that an IE ActiveX program requires your approval. Click "Allow". 8. Select a device to scan: Click on "Local Disks" [allow it to Auto Clean]. 9. When the scan completes, if anything malicious is detected, click the "See Report button", then "Save Report" to your desktop. 10. Post back the results of your scan and any infected files that are found but not deleted.
User avatar
sjpritch25
Regular Member
 
Posts: 324
Joined: June 30th, 2007, 6:16 pm
Location: West Coast of Florida

Re: My hijack this log.

Unread postby smurcoch » February 20th, 2008, 8:34 pm

Code: Select all
SmitFraudFix v2.292

Scan done at 17:20:27.76, Wed 02/20/2008
Run from C:\Documents and Settings\Justin\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1       localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url Deleted
C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url Deleted
C:\Program Files\Helper\ Deleted
C:\Program Files\Online Add-on\ Deleted
C:\Program Files\Sotfone\ Deleted
C:\Program Files\VirusProtect 3.9\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{4487430E-5896-4315-A412-6A7CC5B17BE6}: DhcpNameServer=154.11.129.59 154.11.129.187
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4487430E-5896-4315-A412-6A7CC5B17BE6}: DhcpNameServer=154.11.129.59 154.11.129.187
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4487430E-5896-4315-A412-6A7CC5B17BE6}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=154.11.129.59 154.11.129.187
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=154.11.129.59 154.11.129.187
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
 
Registry Cleaning done. 
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End



still running slow and using 400mB (!) with just one account logged in, messenger, and firefox open, after a fresh format and updates and everything, its usually around 290-320mB, while havingf more programs opened.

Is there anything else I can do to optimize my comp? at this point im leaning towards a fresh format, which is suchh a pain in the arse.

Unless you guys have tricks up your sleeves that I dont know about :P. I'm doing that online scan right now I'll update when its done
smurcoch
Active Member
 
Posts: 13
Joined: June 15th, 2005, 10:19 pm
Location: Edmonton, Alberta, Canada

Re: My hijack this log.

Unread postby smurcoch » February 21st, 2008, 1:09 am

okay I did the virus scan and saved the log. I have some spyware, so I'll get one of the reccomended programs in the faq,

Code: Select all
Incident                                                                        Status                        Location                                                                                                                                                                                                                                                        

Spyware:Cookie/Doubleclick                                                      Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.doubleclick.net/]                                                                                                                                      
Spyware:Cookie/Tribalfusion                                                     Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.tribalfusion.com/]                                                                                                                                     
Spyware:Cookie/Casalemedia                                                      Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.casalemedia.com/]                                                                                                                                      
Spyware:Cookie/YieldManager                                                     Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[ad.yieldmanager.com/]                                                                                                                                   
Spyware:Cookie/Casalemedia                                                      Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.casalemedia.com/]                                                                                                                                      
Spyware:Cookie/YieldManager                                                     Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[ad.yieldmanager.com/]                                                                                                                                   
Spyware:Cookie/RealMedia                                                        Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.247realmedia.com/]                                                                                                                                     
Spyware:Cookie/FastClick                                                        Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.fastclick.net/]                                                                                                                                        
Spyware:Cookie/Zedo                                                             Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.zedo.com/]                                                                                                                                             
Spyware:Cookie/Atlas DMT                                                        Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.atdmt.com/]                                                                                                                                            
Spyware:Cookie/Linksynergy                                                      Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.linksynergy.com/]                                                                                                                                      
Spyware:Cookie/Server.iad.Liveperson                                            Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[server.iad.liveperson.net/hc/24631554]                                                                                                                  
Spyware:Cookie/Server.iad.Liveperson                                            Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[server.iad.liveperson.net/]                                                                                                                             
Spyware:Cookie/WUpd                                                             Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.revenue.net/]                                                                                                                                          
Spyware:Cookie/Searchportal                                                     Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[searchportal.information.com/]                                                                                                                          
Spyware:Cookie/Toplist                                                          Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.toplist.cz/]                                                                                                                                           
Spyware:Cookie/Statcounter                                                      Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.statcounter.com/]                                                                                                                                      
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.serving-sys.com/]                                                                                                                                      
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.bs.serving-sys.com/]                                                                                                                                   
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.serving-sys.com/]                                                                                                                                      
Spyware:Cookie/WebtrendsLive                                                    Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[statse.webtrendslive.com/]                                                                                                                              
Spyware:Cookie/Advertising                                                      Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.advertising.com/]                                                                                                                                      
Spyware:Cookie/Tradedoubler                                                     Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.tradedoubler.com/]                                                                                                                                     
Spyware:Cookie/Overture                                                         Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.overture.com/]                                                                                                                                         
Spyware:Cookie/Mediaplex                                                        Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.mediaplex.com/]                                                                                                                                        
Spyware:Cookie/Xiti                                                             Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.xiti.com/]                                                                                                                                             
Spyware:Cookie/Apmebf                                                           Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.apmebf.com/]                                                                                                                                           
Spyware:Cookie/QuestionMarket                                                   Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.questionmarket.com/]                                                                                                                                   
Spyware:Cookie/BurstNet                                                         Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.burstnet.com/]                                                                                                                                         
Spyware:Cookie/Adrevolver                                                       Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.adrevolver.com/]                                                                                                                                       
Spyware:Cookie/Atwola                                                           Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.atwola.com/]                                                                                                                                           
Spyware:Cookie/Com.com                                                          Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.com.com/]                                                                                                                                              
Spyware:Cookie/RealMedia                                                        Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.realmedia.com/]                                                                                                                                        
Spyware:Cookie/PointRoll                                                        Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.ads.pointroll.com/]                                                                                                                                    
Spyware:Cookie/Bluestreak                                                       Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.bluestreak.com/]                                                                                                                                       
Spyware:Cookie/Adtech                                                           Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.adtech.de/]                                                                                                                                            
Spyware:Cookie/Go                                                               Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.go.com/]                                                                                                                                               
Spyware:Cookie/Hitbox                                                           Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[.ehg-dig.hitbox.com/]                                                                                                                                   
Spyware:Cookie/BurstBeacon                                                      Not disinfected               C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\f6tj9rnm.default\cookies.txt[www.burstbeacon.com/]                                                                                                                                   
Spyware:Cookie/RealMedia                                                        Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@247realmedia[2].txt                                                                                                                                                                                             
Spyware:Cookie/YieldManager                                                     Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@ad.yieldmanager[1].txt                                                                                                                                                                                          
Spyware:Cookie/PointRoll                                                        Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@ads.pointroll[2].txt                                                                                                                                                                                            
Spyware:Cookie/Adtech                                                           Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@adtech[1].txt                                                                                                                                                                                                   
Spyware:Cookie/Advertising                                                      Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@advertising[2].txt                                                                                                                                                                                              
Spyware:Cookie/Atlas DMT                                                        Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@atdmt[2].txt                                                                                                                                                                                                    
Spyware:Cookie/Casalemedia                                                      Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@casalemedia[1].txt                                                                                                                                                                                              
Spyware:Cookie/Doubleclick                                                      Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@doubleclick[1].txt                                                                                                                                                                                              
Spyware:Cookie/FastClick                                                        Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[1].txt                                                                                                                                                                                                
Spyware:Cookie/Linksynergy                                                      Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@linksynergy[2].txt                                                                                                                                                                                              
Spyware:Cookie/Mediaplex                                                        Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@mediaplex[1].txt                                                                                                                                                                                                
Spyware:Cookie/Overture                                                         Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@overture[1].txt                                                                                                                                                                                                 
Spyware:Cookie/QuestionMarket                                                   Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@questionmarket[1].txt                                                                                                                                                                                           
Spyware:Cookie/Statcounter                                                      Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@statcounter[2].txt                                                                                                                                                                                              
Spyware:Cookie/WebtrendsLive                                                    Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@statse.webtrendslive[2].txt                                                                                                                                                                                     
Spyware:Cookie/Tribalfusion                                                     Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@tribalfusion[2].txt                                                                                                                                                                                             
Spyware:Cookie/Zedo                                                             Not disinfected               C:\Documents and Settings\Ashley\Cookies\ashley@zedo[1].txt                                                                                                                                                                                                     
Potentially unwanted tool:Application/AVSystemCare                              Not disinfected               C:\Documents and Settings\Ashley\Local Settings\Temporary Internet Files\Content.IE5\X4JNO5DE\install_en[1].exe                                                                                                                                                 
Spyware:Cookie/Advertising                                                      Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.advertising.com/]                                                                                                                                       
Spyware:Cookie/Casalemedia                                                      Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.casalemedia.com/]                                                                                                                                       
Spyware:Cookie/Advertising                                                      Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.advertising.com/]                                                                                                                                       
Spyware:Cookie/Atlas DMT                                                        Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.atdmt.com/]                                                                                                                                             
Spyware:Cookie/YieldManager                                                     Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[ad.yieldmanager.com/]                                                                                                                                    
Spyware:Cookie/Doubleclick                                                      Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.doubleclick.net/]                                                                                                                                       
Spyware:Cookie/WebtrendsLive                                                    Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[statse.webtrendslive.com/]                                                                                                                               
Spyware:Cookie/Mediaplex                                                        Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.mediaplex.com/]                                                                                                                                         
Spyware:Cookie/FastClick                                                        Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.fastclick.net/]                                                                                                                                         
Spyware:Cookie/Zedo                                                             Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.zedo.com/]                                                                                                                                              
Spyware:Cookie/Bluestreak                                                       Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.bluestreak.com/]                                                                                                                                        
Spyware:Cookie/RealMedia                                                        Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.realmedia.com/]                                                                                                                                         
Spyware:Cookie/Adrevolver                                                       Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.adrevolver.com/]                                                                                                                                        
Spyware:Cookie/RealMedia                                                        Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.realmedia.com/]                                                                                                                                         
Spyware:Cookie/Apmebf                                                           Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.apmebf.com/]                                                                                                                                            
Spyware:Cookie/Hitbox                                                           Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.ehg.hitbox.com/]                                                                                                                                        
Spyware:Cookie/Tribalfusion                                                     Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.tribalfusion.com/]                                                                                                                                      
Spyware:Cookie/RealMedia                                                        Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.247realmedia.com/]                                                                                                                                      
Spyware:Cookie/QuestionMarket                                                   Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.questionmarket.com/]                                                                                                                                    
Spyware:Cookie/BurstBeacon                                                      Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[www.burstbeacon.com/]                                                                                                                                    
Spyware:Cookie/Azjmp                                                            Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.azjmp.com/]                                                                                                                                             
Spyware:Cookie/Overture                                                         Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.overture.com/]                                                                                                                                          
Spyware:Cookie/Atwola                                                           Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.atwola.com/]                                                                                                                                            
Spyware:Cookie/Statcounter                                                      Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.statcounter.com/]                                                                                                                                       
Spyware:Cookie/Clickbank                                                        Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.clickbank.net/]                                                                                                                                         
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.serving-sys.com/]                                                                                                                                       
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.bs.serving-sys.com/]                                                                                                                                    
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.serving-sys.com/]                                                                                                                                       
Spyware:Cookie/Hitslink                                                         Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[counter.hitslink.com/]                                                                                                                                   
Spyware:Cookie/Overture                                                         Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.perf.overture.com/]                                                                                                                                     
Spyware:Cookie/Com.com                                                          Not disinfected               C:\Documents and Settings\Betty\Application Data\Mozilla\Firefox\Profiles\019qi35d.default\cookies.txt[.com.com/]                                                                                                                                               
Spyware:Cookie/YieldManager                                                     Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@ad.yieldmanager[1].txt                                                                                                                                                                                            
Spyware:Cookie/PointRoll                                                        Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@ads.pointroll[1].txt                                                                                                                                                                                              
Spyware:Cookie/Advertising                                                      Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@advertising[1].txt                                                                                                                                                                                                
Spyware:Cookie/Atlas DMT                                                        Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@atdmt[2].txt                                                                                                                                                                                                      
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@bs.serving-sys[1].txt                                                                                                                                                                                             
Spyware:Cookie/Casalemedia                                                      Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@casalemedia[1].txt                                                                                                                                                                                                
Spyware:Cookie/Doubleclick                                                      Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@doubleclick[2].txt                                                                                                                                                                                                
Spyware:Cookie/FastClick                                                        Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@fastclick[2].txt                                                                                                                                                                                                  
Spyware:Cookie/Mediaplex                                                        Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@mediaplex[1].txt                                                                                                                                                                                                  
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@serving-sys[2].txt                                                                                                                                                                                                
Spyware:Cookie/Tribalfusion                                                     Not disinfected               C:\Documents and Settings\Betty\Cookies\betty@tribalfusion[2].txt                                                                                                                                                                                               
Potentially unwanted tool:Application/AVSystemCare                              Not disinfected               C:\Documents and Settings\Betty\Local Settings\Temporary Internet Files\Content.IE5\X6MDUT4F\install_en[1].exe                                                                                                                                                  
Spyware:Cookie/Tribalfusion                                                     Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.tribalfusion.com/]                                                                                                                                     
Spyware:Cookie/YieldManager                                                     Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[ad.yieldmanager.com/]                                                                                                                                   
Spyware:Cookie/Atlas DMT                                                        Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.atdmt.com/]                                                                                                                                            
Spyware:Cookie/FastClick                                                        Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.fastclick.net/]                                                                                                                                        
Spyware:Cookie/Casalemedia                                                      Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.casalemedia.com/]                                                                                                                                      
Spyware:Cookie/BurstNet                                                         Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.burstnet.com/]                                                                                                                                         
Spyware:Cookie/RealMedia                                                        Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.247realmedia.com/]                                                                                                                                     
Spyware:Cookie/Doubleclick                                                      Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.doubleclick.net/]                                                                                                                                      
Spyware:Cookie/Adserver                                                         Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.adserver.easyad.info/]                                                                                                                                 
Spyware:Cookie/Traffic Marketplace                                              Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.trafficmp.com/]                                                                                                                                        
Spyware:Cookie/Zedo                                                             Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.zedo.com/]                                                                                                                                             
Spyware:Cookie/Mediaplex                                                        Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.mediaplex.com/]                                                                                                                                        
Spyware:Cookie/adultfriendfinder                                                Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.adultfriendfinder.com/]                                                                                                                                
Spyware:Cookie/BurstBeacon                                                      Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[www.burstbeacon.com/]                                                                                                                                   
Spyware:Cookie/RealMedia                                                        Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.realmedia.com/]                                                                                                                                        
Spyware:Cookie/Statcounter                                                      Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.statcounter.com/]                                                                                                                                      
Spyware:Cookie/WebtrendsLive                                                    Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[statse.webtrendslive.com/]                                                                                                                              
Spyware:Cookie/Advertising                                                      Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.advertising.com/]                                                                                                                                      
Spyware:Cookie/Com.com                                                          Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.com.com/]                                                                                                                                              
Spyware:Cookie/Overture                                                         Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.perf.overture.com/]                                                                                                                                    
Spyware:Cookie/Bfast                                                            Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.bfast.com/]                                                                                                                                            
Spyware:Cookie/PointRoll                                                        Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.ads.pointroll.com/]                                                                                                                                    
Spyware:Cookie/Azjmp                                                            Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.azjmp.com/]                                                                                                                                            
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.serving-sys.com/]                                                                                                                                      
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.bs.serving-sys.com/]                                                                                                                                   
Spyware:Cookie/Serving-sys                                                      Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.serving-sys.com/]                                                                                                                                      
Spyware:Cookie/Adrevolver                                                       Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.adrevolver.com/]                                                                                                                                       
Spyware:Cookie/Apmebf                                                           Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.apmebf.com/]                                                                                                                                           
Spyware:Cookie/Hitbox                                                           Not disinfected               C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\v6nppuvt.default\cookies.txt[.ehg.hitbox.com/]                                                                                                                                       
Spyware:Cookie/Atlas DMT                                                        Not disinfected               C:\Documents and Settings\Justin\Cookies\justin@atdmt[1].txt                                                                                                                                                                                                    
Spyware:Cookie/Atlas DMT                                                        Not disinfected               C:\Documents and Settings\Justin\Cookies\justin@atdmt[3].txt                                                                                                                                                                                                    
Possible Virus.                                                                 Not disinfected               C:\Documents and Settings\Justin\Desktop\Hacks115.rar[1.15 Hacks\scmload.rar][scmload.exe]                                                                                                                                                                      
Potentially unwanted tool:Application/Processor                                 Not disinfected               C:\Documents and Settings\Justin\Desktop\Process.exe                                                                                                                                                                                                            
Potentially unwanted tool:Application/Processor                                 Not disinfected               C:\Documents and Settings\Justin\Desktop\SmitfraudFix\Process.exe                                                                                                                                                                                               
Virus:Trj/Rebooter.J                                                            Disinfected                   C:\Documents and Settings\Justin\Desktop\SmitfraudFix\Reboot.exe                                                                                                                                                                                                
Potentially unwanted tool:Application/SuperFast                                 Not disinfected               C:\Documents and Settings\Justin\Desktop\SmitfraudFix\restart.exe                                                                                                                                                                                               
Potentially unwanted tool:Application/Processor                                 Not disinfected               C:\Program Files\Mozilla Firefox\SmitfraudFix\Process.exe                                                                                                                                                                                                       
Virus:Trj/Rebooter.J                                                            Disinfected                   C:\Program Files\Mozilla Firefox\SmitfraudFix\Reboot.exe                                                                                                                                                                                                        
Potentially unwanted tool:Application/SuperFast                                 Not disinfected               C:\Program Files\Mozilla Firefox\SmitfraudFix\restart.exe                                                                                                                                                                                                       
Adware:Adware/VideoAddon                                                        Not disinfected               C:\Program Files\Trend Micro\HijackThis\backups\backup-20080219-222521-985.dll                                                                                                                                                                                  
Potentially unwanted tool:Application/Processor                                 Not disinfected               C:\WINDOWS\system32\Process.exe                                                                                                                                                                                                                                 


near the end it says possible virus and not disinfected. what should I do about this?
smurcoch
Active Member
 
Posts: 13
Joined: June 15th, 2005, 10:19 pm
Location: Edmonton, Alberta, Canada

Re: My hijack this log.

Unread postby sjpritch25 » February 21st, 2008, 5:53 pm

Please DELETE the following file(s) IF STILL PRESENT. You can use Windows Explorer to navigate or use Windows Search feature to locate them.

Files:
C:\Documents and Settings\Justin\Desktop\Hacks115.rar <-- this file


Please download ATF Cleaner by Atribune.

This program is for XP, Windows 2000, and Vista

  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.

If you use Firefox browser
  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click
  • No at the prompt.

If you use Opera browser
  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program. For Technical Support, double-click the e-mail address located at the bottom of each menu.



How is everything running?
User avatar
sjpritch25
Regular Member
 
Posts: 324
Joined: June 30th, 2007, 6:16 pm
Location: West Coast of Florida

Re: My hijack this log.

Unread postby smurcoch » February 22nd, 2008, 12:59 am

Okay I've done everything in this thread lol, no spyware or viruses, cleared all the caches, used ccleaner. I'm thinking a reformat is the best solution at this point
smurcoch
Active Member
 
Posts: 13
Joined: June 15th, 2005, 10:19 pm
Location: Edmonton, Alberta, Canada

Re: My hijack this log.

Unread postby sjpritch25 » February 22nd, 2008, 10:05 am

What other problem are you having??? How much memory do you have installed on the computer??
User avatar
sjpritch25
Regular Member
 
Posts: 324
Joined: June 30th, 2007, 6:16 pm
Location: West Coast of Florida

Re: My hijack this log.

Unread postby smurcoch » February 22nd, 2008, 2:32 pm

512mb, but I've never seen it run this crappy.
i guess 512mb isn't all that much lol, probably the reason.

I wish I could use linux. I love the interface and how smooth it runs on my computer, but my sister has LOADS of games that dont work on linux, and i also have a hard time getting hardware to work (dvdrw.. doesnt burn but reads disks). also I have an ati card which I believe linux has problems with many cards from this manufacturer?
smurcoch
Active Member
 
Posts: 13
Joined: June 15th, 2005, 10:19 pm
Location: Edmonton, Alberta, Canada

Re: My hijack this log.

Unread postby sjpritch25 » February 23rd, 2008, 10:00 pm

Yeah, i think its more related to having only 512mb of memory. Running Bitdefender and Webroot will tend to make a machine with only 512 run slow. If you can upgrade it to 1 gb, you shouldn't have anymore problems.
User avatar
sjpritch25
Regular Member
 
Posts: 324
Joined: June 30th, 2007, 6:16 pm
Location: West Coast of Florida

Re: My hijack this log.

Unread postby smurcoch » February 24th, 2008, 3:07 am

thats what i thought.

im not really going to bother with this computer im just going to build one sometime lol
smurcoch
Active Member
 
Posts: 13
Joined: June 15th, 2005, 10:19 pm
Location: Edmonton, Alberta, Canada

Re: My hijack this log.

Unread postby sjpritch25 » February 24th, 2008, 6:43 am

Since the issues are resolved.

You can delete these tools from your Desktop.
Folder
SmitfraudFix

File
SmitfraudFix.exe


Now that your system is clean you should SET A NEW RESTORE POINT to prevent future reinfection from the old restore point AFTER cleaning your system of any malware infection. Any trojans or spyware you picked up could have been saved in System Restore and are waiting to re-infect you. Since System Restore is a protected directory, your tools can not access it to delete files, trapping viruses inside. Setting a new restore point should be done to prevent any future reinfection from the old restore point and enable your computer to "roll-back" in case there is a future problem.

To SET A NEW RESTORE POINT:
1. Go to Start > Programs > Accessories > System Tools and click "System Restore".
2. Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
3. Then go to Start > Run and type: Cleanmgr
4. Click "OK".
5. Click the "More Options" Tab.
6. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

Graphics for doing this are in the following links if you need them.
How to Create a Restore Point.
How to use Cleanmgr.

======================================

Here is some useful information on keeping your computer clean:
  1. Most important thing is to make sure Windows is kept up to date with the latest patches and updates from Windows Update.
  2. Here are two great Preventive programs:
    1. SpywareBlaster protects you from malicious ActiveX controls and cookies. Make sure and check for updates twice a month.
    2. IESpyads adds a long list of bad sites to your Restricted sites in Internet Explorer and protects against drive by downloads.
  3. Surf Safe with McAfee's SiteAdisor. SiteAdisor will work with Internet Explorer and Mozilla Firefox. SiteAdisor is a browser plugin that assigns a safety rating to domains listed in your search engine. SiteAdvisor uses the following color codes to indicate the safety level of each site.
    1. Red for Warning
    2. Yellow for Use Caution
    3. Green for Safe
    4. Grey for Unknown

    Here are the link to install SiteAdisor in Internet Explorer and Firefox
  4. Anti-Spyware Programs I Recommend:
    • Free Anti-Spyware Programs
    1. Lavasoft's Ad-Aware SE Personal
    2. Windows Defender
  5. For Even More Information On Securing Your Computer read Tony Klein's So How Did I Get Infected In The First Place
User avatar
sjpritch25
Regular Member
 
Posts: 324
Joined: June 30th, 2007, 6:16 pm
Location: West Coast of Florida

Re: My hijack this log.

Unread postby askey127 » March 5th, 2008, 8:00 pm

color=blue]Glad we could be of assistance.[/color] This topic is now closed. If you wish it to be reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.
Please do not contact us to reopen this topic if you are not the topic starter.
A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.

You can help support this site from this link : Donations For Malware Removal
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 23 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware