Hi, whitenoiz reporting back with the results of the first set of instructions.
Firstly however I need to tell you that because our Norton Antivitrus was out of date and we could not afford the updates, we have elected to delete this from the system and retain AVG as our principle Virus protection system.
When we tried to delete Norton a part of it could not be deleted. (the updates part we think).
Secondly, when clearing the junk from the temp files we found five files which cannot be removed using the delete button. these are still present and are identified as;
Perflib_Perf...
~DF6D8F.temp
+DF6D88.temp
~DF55C2.temp
~DF552B.temp
The computer is set to work for Four administrators and one guest.
The files listed above are located in one admin ('whitenoiz')
Also in the admin junk under admin ('John Veale') under Windows temp files we have a file which will not delete; this is identified as
T30Debugfile
Also on the same admin, in the Docs and Settings we have a file titled
Perflib_Perfdata ff8
Again we cannot delete this file.
After all that here are our logs...
AVG Spyware Log;
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 04:12:57 19/12/2007
+ Scan result:
C:\System Volume Information\_restore{B1AF6306-70F0-4416-91D0-2A49F3B95B86}\RP958\A0196548.exe -> Adware.RegistryRescue : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B1AF6306-70F0-4416-91D0-2A49F3B95B86}\RP972\A0264606.dll -> Dropper.Mudrop.m : Cleaned with backup (quarantined).
:mozilla.589:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.117:C:\Documents and Settings\Olivia\Application Data\Mozilla\Firefox\Profiles\6crfy655.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.305:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.36:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.37:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.38:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.39:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.766:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.862:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.671:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.71i : Cleaned.
:mozilla.215:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.216:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.217:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.218:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.549:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.401:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.464:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.441:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.77:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.78:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.680:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.714:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.584:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.772:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.54:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\whitenoiz\Cookies\whitenoiz@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.769:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Etracker : Cleaned.
:mozilla.503:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.411:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.459:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.400:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.610:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.200:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.201:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.404:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Intelli-direct : Cleaned.
:mozilla.506:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.208:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.210:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.593:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.704:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.293:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.381:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.172:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.133:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.648:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.716:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.412:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.126:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.127:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.128:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.129:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.130:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.367:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.552:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.238:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.239:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.353:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.795:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.155:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.156:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.157:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.158:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.159:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.160:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.161:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.162:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.62:C:\Documents and Settings\sylvie veale\Application Data\Mozilla\Firefox\Profiles\ntxqidsv.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.707:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.85:C:\Documents and Settings\Olivia\Application Data\Mozilla\Firefox\Profiles\6crfy655.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.86:C:\Documents and Settings\Olivia\Application Data\Mozilla\Firefox\Profiles\6crfy655.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.87:C:\Documents and Settings\Olivia\Application Data\Mozilla\Firefox\Profiles\6crfy655.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.88:C:\Documents and Settings\Olivia\Application Data\Mozilla\Firefox\Profiles\6crfy655.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.89:C:\Documents and Settings\Olivia\Application Data\Mozilla\Firefox\Profiles\6crfy655.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.90:C:\Documents and Settings\Olivia\Application Data\Mozilla\Firefox\Profiles\6crfy655.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.91:C:\Documents and Settings\Olivia\Application Data\Mozilla\Firefox\Profiles\6crfy655.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.62:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.63:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.40:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.41:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.42:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.43:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.116:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.306:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.539:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.82:C:\Documents and Settings\Olivia\Application Data\Mozilla\Firefox\Profiles\6crfy655.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.332:C:\Documents and Settings\whitenoiz\Application Data\Mozilla\Firefox\Profiles\msrxgbt9.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\whitenoiz\Cookies\whitenoiz@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
::Report end
Uninstall List:
AceHTML 5 Freeware
AceHTML 5 Pro
Ad-Aware 2007
Adobe Flash Player Plugin
Adobe Reader 8.1.1
Adobe Shockwave Player
Adsense Status
Advanced Diary v1.3
AirNav ACARS Decoder 2
AirNav Suite
AllMyFavorites
ArcSoft Camera Suite
ArcSoft PhotoStudio 5.5
ArcSoft VideoImpression 2
AVG Anti-Spyware 7.5
AVG Free Edition
Blog Post Builder 0.41
Blurty (remove only)
Canon CanoScan Toolbox 4.5
CoffeeCup Direct FTP 5.2 Shareware
CoffeeCup HTML Editor
CoffeeCup HTML Editor 2006
CSAPI (MS Office) spelling plugin for My Notes Center
Cypress USB Mass Storage Driver Installation
Diary Book
Disc API
DivX Codec
Easy Thumbnails (Remove only)
EPSON Attach To Email
EPSON Easy Photo Print
EPSON Print CD
EPSON Printer Software
EPSON Scan Assistant
EPSON Web-To-Page
ESPR220 User's Guide
ewido anti-malware
FileZilla Client 3.0.1
Flash Catcher
Flickr Uploadr 2.1
FLV Player 1.3.3
GMail Drive Shell Extension
Good Keywords v2.01.100107
Google Desktop
Google Desktop Plugin - Del.icio.us
Google Earth
Google Notebook Extension for IE
Google Pack Screensaver
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Updater
Google Video Player
Harry's Filters 3
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB915865)
ICQ6
iDailyDiary 3.20
IEimage
Internet Explorer 7 Beta 2
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8
Java(TM) 6 Update 3
KONICA_MINOLTA DiMAGE remote camera driver
LiveReg (Symantec Corporation)
LJ.NET
Macromedia Dreamweaver 8
Macromedia Extension Manager
Malwarebytes' RogueRemover
Manual CanoScan 3200,3200F
Memotoo.com plugin for I.E. v1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Data Access Components KB870669
Microsoft Interactive Training
Microsoft Office Outlook Connector
Microsoft Office Spell Checker
Microsoft Office XP Media Content
Microsoft Office XP Standard for Students and Teachers
Microsoft Picture It! Express 9
Microsoft Picture It! Library 9
Microsoft Reader
Microsoft Windows Journal Viewer
MoreKeys 1.2
Mouse Driver Mouse Driver 3.5
Mozilla ActiveX Control v1.7.12
Mozilla Firefox (2.0.0.11)
MSN
MSN Encarta Plus Support Files
NetDrive
Netscape Communicator 4.79
Nic's XviD Decoder
Norton WMI Update
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
Office Keyboard
OmniPage SE 2.0
Opera 9.0
Photobucket Uploader
PIF DESIGNER
Pinnacle InstantCD/DVD Suite
Plugin Commander Light
PowerDVD
PSP Thumbnail Handler
QuickTime
Quivic
Qumana
RealPlayer
Realtek AC'97 Audio
Registry Mechanic
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB944653)
Spanish Whiz 6.6
Spanish Whiz Full Version
Spybot - Search & Destroy 1.3
StartSpanish 3.5
StartSpanish 3.6
Tweak UI
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
USB Storage Adapter FX (SM1)
Viewpoint Manager (Remove Only)
Virtual Magnifying Glass 2.00
w.bloggar 4.00
Webaroo
Website Builder 7.0.1
WinAce Archiver
WinBackup
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Connect
Windows Media Connect
Windows Media Format Runtime
Windows Media Player 10
Windows WMF Metafile Vulnerability HotFix 1.4
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinHTTrack Website Copier 3.40-2
WinZip 11.1
WordWax (remove only)
Xenofex 1.0
Yahoo! Anti-Spy
Yahoo! extras
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Photos Easy Upload Tool 1v6
Yahoo! Photos Print-at-Home Tool
Yahoo! Toolbar
New Hijack this Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:29:48, on 19/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NetDrive\wdService.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\Mouse Driver\Mouse Driver\3.5\MOUSE32A.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://google.icq.com/search/search_frame.phpR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://start.icq.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://uk.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://uk.rd.yahoo.com/customize/ie/def ... .yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
https://msnia.login.live.com/ppsecure/s ... rf?lc=2057O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Common Files\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IW_ControlCenter] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Mouse Driver\Mouse Driver\3.5\MOUSE32A.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher -
res://C:\Program Files\Common Files\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesuk.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesuk.dll
O9 - Extra button: My bookmarks Memotoo.com - {5DB85338-3621-4a55-BAF1-B657765CCCAA} - Shdocvw.dll (file missing)
O9 - Extra 'Tools' menuitem: My bookmarks Memotoo.com - {5DB85338-3621-4a55-BAF1-B657765CCCAA} - Shdocvw.dll (file missing)
O9 - Extra button: AllMyFavorites - {634D3B6D-B1FE-4538-8A09-FCE198C547E4} - C:\Program Files\AllMyFavorites\MyFavIE.dll
O9 - Extra 'Tools' menuitem: AllMyFavorites - {634D3B6D-B1FE-4538-8A09-FCE198C547E4} - C:\Program Files\AllMyFavorites\MyFavIE.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\Justdo\IECatcher.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
http://www.pcpitstop.com/pcpitstop/PCPitStop.CABO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) -
http://us.dl1.yimg.com/download.yahoo.c ... pi_416.dllO16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1\INTERN~2\autocomp.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WebDrive Service (WebDriveService) - Unknown owner - C:\Program Files\NetDrive\wdService.exe
--
End of file - 10927 bytes
Should we now restart the AVG Antispyware?
If so should the settings be restored to the defaults?
Ok hope all of this helps and doesnt throw too many headaches in your direction>
We appreciate your help.
whitenoiz