Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

Possible Keylogger - Please Help :O

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

Possible Keylogger - Please Help :O

Unread postby mur » October 30th, 2007, 10:02 pm

Well, I was browsing web forums as per usual and without even thinking I clicked a link. It didn't look suspicious at first because of the .jpg extension, but I realized after a moment that it was indeed a keylogger file. I closed the new window it brought up, but there was a quick tick of my hourglass before I was able to do so.

My McAfee (sigh) and AVG free detected nothing, but a friend of mine suggested running HijackThis as a last minute alternative. Better safe than sorry. So without further ado, here is my HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 9:44:25 PM, on 10/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Danielle\Desktop\RootkitRevealer\RootkitRevealer.exe
C:\DOCUME~1\Danielle\LOCALS~1\Temp\HHEH.exe
D:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Documents and Settings\Danielle\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ShStatEXE] "D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Repair Registry Pro] C:\Program Files\Repair Registry Pro\RepairRegistryPro.exe -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: HHEH - Sysinternals - http://www.sysinternals.com - C:\DOCUME~1\Danielle\LOCALS~1\Temp\HHEH.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - D:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe






And thank you in advance for your assistance. :)
mur
Active Member
 
Posts: 6
Joined: October 30th, 2007, 9:56 pm
Top
Advertisement
Register to Remove

Unread postby Katana » November 2nd, 2007, 4:23 pm

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic.
3. Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those three things, everything should go smoothly :D

Did you install Repair Registry Pro ?
It has a dubious reputation. See HERE

AntiVirus
You appear to have McAfee and AVG
First you should know that you're actually doing more harm than good by running more than one Anti Virus program.
When you do this the programs compete for resources, and the end result is none does it's best and can cause system instability.
I recommend that you choose one that you want to keep.
The other/s I would either uninstall, or disable from startup and use as "on demand" for an occasional scan.

Old version of HJT
You are running an older version of Hijack This.

Click here to download HJTsetup.exe
Save HJTsetup.exe to your desktop.
It is important that you uninstall any previous versions by using Add/Remove programs in your control panel
before installing a newer version.
  • Double click on the HJTsetup.exe icon on your desktop.
  • Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
  • Put a check by Create a desktop icon then click Next again.
  • Continue to follow the rest of the prompts from there.
  • At the final dialogue box click Finish and it will launch Hijack This.
  • Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
  • Click Save to save the log file and then the log will open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester
Top

Unread postby mur » November 3rd, 2007, 2:59 pm

Hello Katana, thank you very much for your concern. Before we begin...

katana wrote:Did you install Repair Registry Pro ?
It has a dubious reputation. See HERE

AntiVirus
You appear to have McAfee and AVG
First you should know that you're actually doing more harm than good by running more than one Anti Virus program.
When you do this the programs compete for resources, and the end result is none does it's best and can cause system instability.
I recommend that you choose one that you want to keep.
The other/s I would either uninstall, or disable from startup and use as "on demand" for an occasional scan.


I do not have Repair Registry Pro, no.

The school network that I'm currently on requires me to use McAfee, although I prefer AVG because I feel it's a more thorough scanner. Would it be better to only use AVG manually in the future?


Here is my new and improved HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:56:55 PM, on 11/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Network Associates\Common Framework\FrameworkService.exe
D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Network Associates\VirusScan\Mcshield.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ShStatEXE] "D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Repair Registry Pro] C:\Program Files\Repair Registry Pro\RepairRegistryPro.exe -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - D:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8425 bytes
mur
Active Member
 
Posts: 6
Joined: October 30th, 2007, 9:56 pm
Top

Unread postby Katana » November 3rd, 2007, 4:06 pm

mur wrote:I do not have Repair Registry Pro, no.

Errm.. yes you do.
O4 - HKLM\..\Run: [Repair Registry Pro] C:\Program Files\Repair Registry Pro\RepairRegistryPro.exe -s
If you want to I can help you uninstall it
mur wrote:The school network that I'm currently on requires me to use McAfee, although I prefer AVG because I feel it's a more thorough scanner. Would it be better to only use AVG manually in the future?

Yes, you need to either stop AVG from starting automatically, or shut it down when McAfee is active.

There is nothing showing in your HJT log, so let's have a deeper look.
Deckard's System Scanner
Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply

Download AVG Anti-Spyware
Please download AVG Anti-Spyware. to your Desktop or to your usual Download Folder.


  • Install AVG Anti-Spyware by double clicking the installer.
  • Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
  • On the main screen under Your Computer's security.
    • Click on Change state next to Resident shield. It should now change to inactive.
    • Click on Change state next to Automatic updates. It should now change to inactive.
    • Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
    • Wait until you see the Update succesfull message.
  • Right-click the AVG Anti-Spyware Tray Icon and uncheck Start with Windows.
  • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.
If you are having problems with the updater, you can use this link to manually update ewido.
AVG Anti-Spyware manual updates.
Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.


Run AVG Anti-Spyware
Close ALL open Windows / Programs / Folders. Please start AVG Anti-Spyware and run a full scan.
  • Click on Scanner on the toolbar.
  • Click on the Settings tab.
    • Under How to act?
      • Click on Recommended Action and choose Quarantine from the popup menu.
    • Under How to scan?
      • All checkboxes should be ticked.
    • Under Possibly unwanted software:
      • All checkboxes should be ticked.
    • Under Reports:
      • Select Do not automatically generate reports
    • Under What to scan?
      • Select Scan every file.
  • Click on the Scan tab.
  • Click on Complete System Scan to start the scan process.
  • Let the program scan the machine.
  • When the scan has finished, follow the instructions below.
    IMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.
    • Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
    • At the bottom of the window click on the Apply all Actions button. (3)
      Image
  • When done, click the Save Scan Report button. (4)
    • Click the Save Report as button.
    • Save the report to your Desktop.
  • Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.

Logs/Information to Post in Reply
Please post the following logs/Information in your reply
  • The two reports from DSS
  • AVG AntiSpyware Log
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester
Top

Unread postby mur » November 3rd, 2007, 5:25 pm

katana wrote:
mur wrote:I do not have Repair Registry Pro, no.

Errm.. yes you do.
O4 - HKLM\..\Run: [Repair Registry Pro] C:\Program Files\Repair Registry Pro\RepairRegistryPro.exe -s
If you want to I can help you uninstall it


Oh wow. I deleted that app a long while back, but apparently I hadn't used the Add/Remove programs function. Just now I went to remove it and I was told that a few of its components remained. Thanks for pointing that out.

katana wrote:
mur wrote:The school network that I'm currently on requires me to use McAfee, although I prefer AVG because I feel it's a more thorough scanner. Would it be better to only use AVG manually in the future?

Yes, you need to either stop AVG from starting automatically, or shut it down when McAfee is active.


I don't see the option to disable AVG from starting automatically. I actually wanted to do this when I first downloaded the program since it was causing such a slow startup. Maybe you could point me in the right direction?


And now for the goodies:

DSS MAIN.TXT

Deckard's System Scanner v20071014.68
Run by Danielle on 2007-11-03 17:14:56
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
72: 2007-11-03 21:15:01 UTC - RP375 - Deckard's System Scanner Restore Point
71: 2007-11-03 19:46:56 UTC - RP374 - System Checkpoint
70: 2007-11-01 23:00:45 UTC - RP373 - System Checkpoint
69: 2007-10-31 18:15:14 UTC - RP372 - System Checkpoint
68: 2007-10-30 17:46:21 UTC - RP371 - System Checkpoint


-- First Restore Point --
1: 2007-08-06 12:26:12 UTC - RP304 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Danielle.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:16:11 PM, on 11/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Network Associates\Common Framework\FrameworkService.exe
D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\ssstars.scr
D:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Documents and Settings\Danielle\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Danielle.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ShStatEXE] "D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Repair Registry Pro] C:\Program Files\Repair Registry Pro\RepairRegistryPro.exe -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - D:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7044 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 NaiAvTdi1 - c:\windows\system32\drivers\mvstdi5x.sys <Not Verified; Network Associates, Inc.; VirusScan>
R3 EntDrv51 - c:\windows\system32\drivers\entdrv51.sys <Not Verified; Network Associates, Inc; Virus Scan Enterprise, Entercept>
R3 NaiAvFilter1 - c:\windows\system32\drivers\naiavf5x.sys <Not Verified; Network Associates, Inc.; VirusScan (Enterprise, ASaP & Retail.)>

S3 GMSIPCI - e:\install\gmsipci.sys (file missing)
S3 MSICPL - e:\install4\msicpl.sys (file missing)
S3 NTACCESS - e:\ntaccess.sys (file missing)
S3 RT25USBAP (Nintendo Wi-Fi USB Connector Service) - c:\windows\system32\drivers\rt25usbap.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
S3 SetupNTGLM7X - e:\ntglm7x.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 McAfeeFramework (McAfee Framework Service) - d:\program files\network associates\common framework\frameworkservice.exe /servicestart <Not Verified; Network Associates, Inc.; McAfee Common Framework>
R2 McTaskManager (Network Associates Task Manager) - "d:\program files\network associates\virusscan\vstskmgr.exe" <Not Verified; Network Associates, Inc.; VirusScan Enterprise>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_10DE&DEV_005B&SUBSYS_1C05147B&REV_A3\3&2411E6FE&0&11
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_10DE&DEV_005B&SUBSYS_1C05147B&REV_A3\3&2411E6FE&0&11
Service:


-- Scheduled Tasks -------------------------------------------------------------

2007-10-30 21:19:04 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-10-03 and 2007-11-03 -----------------------------

2007-11-03 16:39:13 0 d-------- C:\Documents and Settings\Danielle\Application Data\Grisoft
2007-11-03 14:55:47 0 d-------- C:\Program Files\Trend Micro
2007-10-30 11:21:37 0 d-------- C:\Program Files\iTunes
2007-10-25 10:54:58 0 d-------- C:\Documents and Settings\Guest\Application Data\HP
2007-10-25 10:54:30 0 d-------- C:\Documents and Settings\Guest\Application Data\AVG7
2007-10-25 10:54:19 0 d-------- C:\Documents and Settings\Guest\Application Data\Identities
2007-10-25 10:54:11 0 d--h----- C:\Documents and Settings\Guest\Templates
2007-10-25 10:54:11 0 dr------- C:\Documents and Settings\Guest\Start Menu
2007-10-25 10:54:11 0 dr-h----- C:\Documents and Settings\Guest\SendTo
2007-10-25 10:54:11 0 dr-h----- C:\Documents and Settings\Guest\Recent
2007-10-25 10:54:11 0 d--h----- C:\Documents and Settings\Guest\PrintHood
2007-10-25 10:54:11 786432 --ah----- C:\Documents and Settings\Guest\NTUSER.DAT
2007-10-25 10:54:11 0 d--h----- C:\Documents and Settings\Guest\NetHood
2007-10-25 10:54:11 0 dr------- C:\Documents and Settings\Guest\My Documents
2007-10-25 10:54:11 0 d--h----- C:\Documents and Settings\Guest\Local Settings
2007-10-25 10:54:11 0 dr------- C:\Documents and Settings\Guest\Favorites
2007-10-25 10:54:11 0 d-------- C:\Documents and Settings\Guest\Desktop
2007-10-25 10:54:11 0 d---s---- C:\Documents and Settings\Guest\Cookies
2007-10-25 10:54:11 0 dr-h----- C:\Documents and Settings\Guest\Application Data
2007-10-25 10:54:11 0 d---s---- C:\Documents and Settings\Guest\Application Data\Microsoft
2007-10-10 17:19:10 0 d-------- C:\Documents and Settings\Danielle\Application Data\CyberLink


-- Find3M Report ---------------------------------------------------------------

2007-11-03 15:10:29 0 d-------- C:\Program Files\Yahoo!
2007-11-03 15:09:53 0 dr-h----- C:\Documents and Settings\Danielle\Application Data\yahoo!
2007-11-03 14:54:05 0 d--h----- C:\Program Files\Zero G Registry
2007-11-03 14:44:58 0 d-------- C:\Documents and Settings\Danielle\Application Data\AVG7
2007-10-30 11:21:41 0 d-------- C:\Program Files\iPod
2007-10-30 11:19:26 0 d-------- C:\Program Files\Apple Software Update
2007-10-29 22:56:44 0 d-------- C:\Program Files\World of Warcraft
2007-10-15 15:04:33 0 d-------- C:\Documents and Settings\Danielle\Application Data\AdobeUM
2007-09-20 11:43:20 0 d-------- C:\Program Files\DivX
2007-09-14 14:31:41 0 d-------- C:\Documents and Settings\Danielle\Application Data\HP
2007-09-13 21:52:08 0 d-------- C:\Program Files\Ventrilo
2007-08-28 11:25:18 130362 --a------ C:\WINDOWS\hpoins13.dat
2007-08-11 14:51:35 54829 --a------ C:\WINDOWS\War3Unin.dat
2007-08-11 14:51:27 2829 --a------ C:\WINDOWS\War3Unin.pif
2007-08-11 14:51:27 139264 --a------ C:\WINDOWS\War3Unin.exe <Not Verified; Blizzard Entertainment; Warcraft III Uninstaller>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AE84A6AA-A333-4B92-B276-C11E2212E4FE}]
12/15/2006 06:34 PM 599472 --a------ C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [05/17/2005 06:48 AM C:\WINDOWS\SOUNDMAN.EXE]
"ShStatEXE"="D:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [09/22/2004 08:00 PM]
"McAfeeUpdaterUI"="D:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [08/06/2004 03:50 AM]
"Network Associates Error Reporting Service"="C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe" [10/07/2003 09:48 AM]
"Repair Registry Pro"="C:\Program Files\Repair Registry Pro\RepairRegistryPro.exe" []
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe" [03/11/2003 06:08 AM]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [05/08/2007 04:24 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [10/24/2007 11:04 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [06/29/2007 06:24 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [09/26/2007 02:42 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [1/2/2007 9:40:10 PM]
Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office\OSA9.EXE [1/21/2000 4:15:54 AM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"d:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc

*Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER
*Newly Created Service* - AVG_ANTI-SPYWARE_GUARD
*Newly Created Service* - ENTDRV51



-- End of Deckard's System Scanner: finished at 2007-11-03 17:16:47 ------------

DSS EXTRA.TXT

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) 64 Processor 3000+
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 1023.48 MiB / 563.52 MiB
Pagefile Memory (total/avail): 1948.82 MiB / 1574.14 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1939.18 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 39.51 GiB total, 16.16 GiB free.
D: is Fixed (NTFS) - 72.27 GiB total, 62.91 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD1200JS-00MHB0 - 111.79 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 39.51 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 72.27 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
AUState says computer is ready and waiting.
Windows Internal Firewall is enabled.

AV: AVG 7.5.503 v7.5.503 (Grisoft)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\World of Warcraft\\WoW-1.8.3.4807-to-1.8.4.4878-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.8.3.4807-to-1.8.4.4878-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\World of Warcraft\\WoW-1.8.4.4878-to-1.9.0.4937-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.8.4.4878-to-1.9.0.4937-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\SmartFTP Client 2.0\\SmartFTP.exe"="C:\\Program Files\\SmartFTP Client 2.0\\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0"
"C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Documents and Settings\\Danielle\\Desktop\\WoW-2.1.3.6898-to-0.2.0.6932-enUS-downloader.exe"="C:\\Documents and Settings\\Danielle\\Desktop\\WoW-2.1.3.6898-to-0.2.0.6932-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\Program Files\\Mozilla Firefox\\firefox.exe"="D:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Danielle\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MER
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Danielle
LOGONSERVER=\\MER
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Danielle\LOCALS~1\Temp
TMP=C:\DOCUME~1\Danielle\LOCALS~1\Temp
USERDOMAIN=MER
USERNAME=Danielle
USERPROFILE=C:\Documents and Settings\Danielle
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Danielle (admin)
Guest (new local, guest)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer --> MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Apple Mobile Device Support --> MsiExec.exe /I{3EBD3749-304E-4A4C-9575-C00E5F015217}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver --> rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Talk (remove only) --> "C:\Program Files\Google\Google Talk\uninstall.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 8.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
hp deskjet 3600 --> MsiExec.exe /X{7CA32143-2DAC-4F5F-9BAA-2AB3707EF192}
HP Imaging Device Functions 8.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart All-In-One Software 8.0 --> C:\Program Files\HP\Digital Imaging\{8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}\setup\hpzscr01.exe -datfile hposcr13.dat
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
hp print screen utility --> C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
HP Smart Web Printing 1.0 --> MsiExec.exe /X{E3030F57-9E6B-4E36-95B6-F7B4DBDEB8FB}
HP Solution Center 8.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{25F6C900-C138-4888-A56C-91D3D063023A}
HPSSupply --> MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
IGN Download Manager 2.2.2 --> C:\Program Files\IGN\Download Manager\uninst.exe
iPod for Windows 2006-06-28 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BD57EA4D-026E-4F08-9B93-080E282B81FE} /l1033
iPod Update 2004-04-28 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E6696A8C-C55A-405C-AFEB-F3880A8BAA45} /l1033
iTunes --> MsiExec.exe /I{B045B608-4A47-4C77-9EAD-06C394503306}
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Macromedia Flash Player 8 --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
McAfee VirusScan Enterprise --> MsiExec.exe /I{5DF3D1BB-894E-4DCD-8275-159AC9829B43}
Microsoft Office 2000 SR-1 Professional --> MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft XML Parser and SDK --> MsiExec.exe /I{3E908702-AF35-4611-9518-955DA24B7E07}
Mozilla Firefox (2.0.0.9) --> D:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Messenger 7.5 --> MsiExec.exe /I{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}
Nero OEM --> d:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers --> C:\WINDOWS\System32\NVUNINST.EXE UninstallGUI
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x9 REMOVE -removeonly
SmartFTP Client 2.0 --> MsiExec.exe /I{C169D3BB-9A27-43F5-9979-09A0D65FE95C}
SmartFTP Client 2.0 Setup Files (remove only) --> "C:\Program Files\SmartFTP Client 2.0 Setup Files\uninst-sftp.exe"
TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
TeamSpeak Overlay BETA 2 (#63) --> "C:\Program Files\TSO\uninstall.exe"
Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Warcraft III: All Products --> C:\WINDOWS\War3Unin.exe C:\WINDOWS\War3Unin.dat
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! SiteBuilder --> "C:\Program Files\Yahoo SiteBuilder\uninstall.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type7692 / Warning
Event Submitted/Written: 11/03/2007 05:16:29 PM
Event ID/Source: 257 / Alert Manager Event Interface
Event Description:
VirusScan Enterprise: Would be blocked by behaviour blocking rule (rule is currently in warn mode) (warn only mode!).(from MER IP 155.47.156.128 user SYSTEM running VirusScan Enter 8.0 OAS)

Event Record #/Type7691 / Warning
Event Submitted/Written: 11/03/2007 05:16:29 PM
Event ID/Source: 257 / Alert Manager Event Interface
Event Description:
VirusScan Enterprise: Would be blocked by behaviour blocking rule (rule is currently in warn mode) (warn only mode!).(from MER IP 155.47.156.128 user SYSTEM running VirusScan Enter 8.0 OAS)

Event Record #/Type7687 / Error
Event Submitted/Written: 11/03/2007 04:50:22 PM
Event ID/Source: 1008 / McLogEvent
Event Description:
The McShield service terminated unexpectedly.

Please review event 5019 or 5051 for details.
The McShield service will be restarted in 5 seconds;

Event Record #/Type7686 / Warning
Event Submitted/Written: 11/03/2007 03:09:57 PM
Event ID/Source: 257 / Alert Manager Event Interface
Event Description:
VirusScan Enterprise: Would be blocked by behaviour blocking rule (rule is currently in warn mode) (warn only mode!).(from MER IP 155.47.156.128 user SYSTEM running VirusScan Enter 8.0 OAS)

Event Record #/Type7685 / Warning
Event Submitted/Written: 11/03/2007 03:09:57 PM
Event ID/Source: 257 / Alert Manager Event Interface
Event Description:
VirusScan Enterprise: Would be blocked by behaviour blocking rule (rule is currently in warn mode) (warn only mode!).(from MER IP 155.47.156.128 user SYSTEM running VirusScan Enter 8.0 OAS)



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type25918 / Error
Event Submitted/Written: 11/03/2007 04:50:35 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The Network Associates McShield service terminated unexpectedly. It has done this 1 time(s).

Event Record #/Type25881 / Error
Event Submitted/Written: 11/03/2007 02:47:18 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The Network Associates McShield service terminated unexpectedly. It has done this 1 time(s).

Event Record #/Type25850 / Error
Event Submitted/Written: 11/01/2007 06:20:55 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} did not register with DCOM within the required timeout.

Event Record #/Type25846 / Error
Event Submitted/Written: 11/01/2007 06:18:55 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The Network Associates McShield service terminated unexpectedly. It has done this 1 time(s).

Event Record #/Type25818 / Warning
Event Submitted/Written: 10/31/2007 11:05:05 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.



-- End of Deckard's System Scanner: finished at 2007-11-03 17:16:47 ------------

AVG Anti-Spyware Log

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:13:58 PM 11/3/2007

+ Scan result:



:mozilla.368:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.369:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.370:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.371:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.372:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.373:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.374:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.375:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.376:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.377:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.378:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.379:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.380:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.381:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.382:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.383:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.384:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.385:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.386:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.387:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.388:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.389:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.390:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.391:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.392:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.393:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.394:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.395:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.396:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.397:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.398:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.399:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.400:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.401:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.402:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.403:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.404:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.405:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.406:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.407:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.408:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.409:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.410:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.411:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.412:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.413:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.414:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.415:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.416:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.782:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\LocalService\Cookies\system@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.348:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.349:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.350:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.351:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.352:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.353:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.354:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.355:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.356:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.581:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.73:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.74:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.77:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.80:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.81:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.288:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.509:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.791:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.903:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.313:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.311:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.312:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.314:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.252:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.253:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.254:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.255:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.256:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.257:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.258:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.259:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.260:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.261:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.262:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.263:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.902:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.819:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.75:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.326:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.327:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.328:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.329:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.301:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.302:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.303:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.304:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.417:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.840:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.492:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.493:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.317:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.318:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.319:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
:mozilla.7:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.8:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.732:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.733:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.734:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.849:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.292:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.293:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.294:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.295:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.296:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.297:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.298:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.299:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.300:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.264:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.265:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.266:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@real[1].txt -> TrackingCookie.Real : Cleaned.
:mozilla.882:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.883:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.884:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.885:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.886:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.887:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.888:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.858:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.332:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.333:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.334:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.335:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.336:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.337:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.338:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.339:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.340:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.341:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.342:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.343:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.344:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.345:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.346:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.347:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.774:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.230:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.231:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.232:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.233:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.234:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.235:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.793:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.794:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.795:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.796:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.797:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.798:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.199:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.200:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.201:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.202:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.203:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.204:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.205:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.206:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.207:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.208:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.209:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.210:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.211:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.212:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.213:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.214:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.215:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.216:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.217:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.218:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.219:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.220:C:\Documents and Settings\Danielle\Application Data\Mozill
mur
Active Member
 
Posts: 6
Joined: October 30th, 2007, 9:56 pm
Top

Unread postby mur » November 3rd, 2007, 5:30 pm

(cont'd)

\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.221:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.222:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.223:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.224:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.225:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.284:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.285:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.286:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.287:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.289:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.555:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.471:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.472:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.473:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.474:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.475:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.476:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.477:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.478:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.479:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.480:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.481:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.246:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.424:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.698:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.65:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.66:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.67:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.69:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.71:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.72:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.78:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.79:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.82:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.305:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.306:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.307:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.308:C:\Documents and Settings\Danielle\Application Data\Mozilla\Firefox\Profiles\tsp3qgf6.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Danielle\Cookies\danielle@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.


::Report end
mur
Active Member
 
Posts: 6
Joined: October 30th, 2007, 9:56 pm
Top

Unread postby Katana » November 3rd, 2007, 6:04 pm

Your logs look clean, so I doubt you have a keylogger :D

The best way of stopping programs from running at startup is to use a startup manager.
LINK >>> Winpatrol <<< LINK
Is an excellent program it gives you complete control of when or if a program starts.
It also warns you if a program is added to startup, so if a nastie does manage to slip past your AV you can stop it from running at boot.
If you decide to install it, I can give you some tips on which programs you do not need starting.
Oh, and did I mention it's best feature ???? .............it is FREE :)

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version Java components and update.

Updating Java:
Download the latest version of Java Runtime Environment (JRE) 6u3
http://java.sun.com/javase/downloads/index.jsp
Scroll down to where it says "The Java Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java(TM) SE Runtime Environment 6 Update 1
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.

Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.

Update Adobe Acrobat Reader

There is a newer version of Adobe Acrobat Reader available.
  • Please go to this link Adobe Acrobat Reader Download Link
  • On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
  • Click the Continue button
  • Click Run, and click Run again
  • Next click the Install Now button and follow the on screen prompts


When the installation is complete go to Add/Remove Programs and uninstall all previous versions.

Adobe Reader 6.0.1
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester
Top

Unread postby mur » November 3rd, 2007, 6:31 pm

katana wrote:Your logs look clean, so I doubt you have a keylogger :D

The best way of stopping programs from running at startup is to use a startup manager.
LINK >>> Winpatrol <<< LINK
Is an excellent program it gives you complete control of when or if a program starts.
It also warns you if a program is added to startup, so if a nastie does manage to slip past your AV you can stop it from running at boot.
If you decide to install it, I can give you some tips on which programs you do not need starting.
Oh, and did I mention it's best feature ???? .............it is FREE :)


Thank you very much for all the help! I have updated my Java and Adobe accordingly.

And I've installed WinPatrol - what would you suggest disabling on startup? I've disabled only AVG so far.
mur
Active Member
 
Posts: 6
Joined: October 30th, 2007, 9:56 pm
Top

Unread postby Katana » November 3rd, 2007, 6:49 pm

If you look at the Command column ( Winpatrol > Startup Programs tab )
any of these entries you can disable
SOUNDMAN.EXE
TBMon.exe
HPWuSchd2.exe
QTTask.exe
iTunesHelper.exe
OSA9.EXE

If you use Messenger, then I would put it in the delayed start section.
Right click the name and select "move to delayed start"
msmsgs.exe

Congratulations your log looks clean :D

Let’s see if I can help you keep it that way

You can delete DSS.exe and any logs we have produced
I would keep AVG AntiSpyware, it is a good program and can be used as an "on demand" scanner when the trial runs out.

Firewall
You do not appear to have a firewall.
You may be using Windows firewall, however this only stops incoming traffic.
A third party firewall is much safer, as it stops malware that does get on your PC from contacting "home"
Simply using a Firewall in its default configuration can lower your risk greatly. For more info, check this webpage out.
There are many free ones to choose from if cost is a problem. Visit here to choose one.

Also PLEASE read this article

So How Did I Get Infected In The First Place

If you can see a program in the must have section that you have never seen or used then get it!

The last and most important thing I can tell you is UPDATE.
If you don't update your security programs (Antivirus, Antispyware even Windows) then you are at risk.
Malware changes on a day to day basis. You should update every week at the very least.

If you follow this advice then (with a bit of luck) you will never have to hear from me again :D
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester
Top

Unread postby mur » November 3rd, 2007, 7:11 pm

Thank you once again for all of your help. I've downloaded the suggested applications in the article, and I have disabled the startup programs you mentioned.

I even booted up just to see if I'd notice a difference, and it's great. Much faster. I appreciate your assistance. :)
mur
Active Member
 
Posts: 6
Joined: October 30th, 2007, 9:56 pm
Top

Unread postby Katana » November 3rd, 2007, 9:02 pm

Glad to be of service :)
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester
Top

Unread postby Gary R » November 8th, 2007, 7:25 am

This topic is now closed.

If you are the originator of this topic, and you need it re-opened please send an email to 'admin at malwareremoval.com', including a link to this topic.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Donations For Malware Removal

Please do not contact us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.

Gary R
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Top
Advertisement
Register to Remove
Topic locked

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 428 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index