Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

help me, ie pop up.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

help me, ie pop up.

Unread postby ihatemycomputer » June 21st, 2006, 11:36 pm

hi, please help me, i keep getting ie pop up which direact to some chinese site. it very annoying :evil: .

here my hjt log.

Logfile of HijackThis v1.99.1
Scan saved at 11:34:07 PM, on 6/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\hkcmd.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Super Rabbit\MagicSet\winspeed.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\DAP\DAP.EXE
C:\Documents and Settings\ga\Desktop\crap\hijackthis\HijackThis.exe

O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - (no file)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX1\HNETPO~1.DLL,Start
O4 - HKLM\..\RunOnce: [Super Rabbit Winspeed] "C:\Program Files\Super Rabbit\MagicSet\winspeed.exe" /autokill:5
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX1\HNETPO~1.DLL,Start
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

-thank you.
ihatemycomputer
Active Member
 
Posts: 14
Joined: June 21st, 2006, 11:25 pm
Advertisement
Register to Remove

Unread postby Bob4 » June 22nd, 2006, 7:31 am

Welcome to the Malware removal forums. I will be more than happy to help you work on your problems.

In the meantime
The fixes we will use are specific to your problems and should only be used for this issue on this machine.

Please only use this topic to reply to. Do not start another thread.
If any other issues arise let me know.
The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear. So lets do this to the end!
Please if you decide to seek help at another forum let us know. There is a shortage of helpers and tying 2 of us up is a waste of time.
If you have any questions about any advice given here please STOP and ask!

_________________________________
We need to disable windows defender.
A good program but may interfere with our fixes.
Open Windows Defender
Click Tools
Click General Settings
Scroll down to Real Time Protection Options
Uncheck Turn on Real Time Protection (recommended)
After you uncheck this, click on the Save button
Close Windows Defender
______________________________
HJT
Run hijackthis and choose scan only and place a check by the following lines if present.
Close all other windows and browsers except HJT before clicking on Fix Checked


O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)



___________________________________
Reconfigure Windows XP to show hidden files::

Click Start. My Computer.
Select the Tools menu Folder Options. Select the View Tab.
Under the Hidden files and folders heading select "Show hidden files and folders".
Uncheck the "Hide protected operating system files (recommended)" option.
Uncheck the "Hide file extensions for known file types" option.
Click Yes to confirm. Click OK.



___________________________________
Search for and remove
Now I want you to search for and delete the following folder and all it's contents if present. If you need help finding them.
Click start /search/ all files and folders/ look for More advanced options. once in there select the first 3 boxes.
Please just remove the files/folders I listed in BOLD

C:\WINDOWS\system32\conime.exe



_________________________________
Please do an online scan with Kaspersky Online Scanner
Click on Kaspersky Online Scanner
You will be promted to install an ActiveX component from Kaspersky, Click Yes.
The program will launch and then start to download the latest definition files.
Once the scanner is installed and the definitions downloaded, click Next.
Now click on Scan Settings
In the scan settings make sure that the following are selected:
Scan using the following Anti-Virus database:

Extended (If available otherwise Standard)
Scan Options:
Scan Archives
Scan Mail Bases
Click OK

Now under select a target to scan select My Computer

The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.

Now click on the Save as Text button:

Save the file to your desktop.

Copy and paste that information in your next post along with a new HJT log..
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6073
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby ihatemycomputer » June 22nd, 2006, 9:03 am

hi, for some reason the Kaspersky Online Scanner dont do anything when i click agree, and my internet exploreer is messed up it wont load anything.

thank you.
ihatemycomputer
Active Member
 
Posts: 14
Joined: June 21st, 2006, 11:25 pm

Unread postby Bob4 » June 22nd, 2006, 10:47 am

Are you recieving any errors from internet explorer?

Go to this link
and try fixing Internet explorer the way they desribe.

Then open internet explorer select tools/internet options/security/custom
Make sure active X objects are enabled.

Then try again.

Let me know if you are recieving any errors from Internet explorer.
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6073
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby ihatemycomputer » June 22nd, 2006, 12:20 pm

ok i still have problem with ie. i tried to use the iefix but it say dont work for ie 7, than i uninstalled ie 7 and install ie 6 but when i ran iefix it have

all this is cannot copy:

html32.cnv,msconv97.dll, DHTMLED.OCX, TRIEDIT, mswrd632.wpc,

and my ie still the same saying cannot view the page >.<.

-thank you.
ihatemycomputer
Active Member
 
Posts: 14
Joined: June 21st, 2006, 11:25 pm

Unread postby Bob4 » June 22nd, 2006, 4:04 pm

Ok lets try another route.

Now lets try and get a browser that works.

Download firefox
When installing do not import settings from internet explorer. And for now let it be your default browser. It will be slightly different than IE but safer also.


Using firefox

______________________________
Download and install CCleaner from here.
NOTE: Starting with v1.27.260, CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation. IF you do NOT want it, REMOVE the checkmark when provided with the option .

If you use either the Firefox or Mozilla browsers, the box to uncheck for Cookies is on the Applications tab, under Firefox/Mozilla.


Now open the program and click on Run Cleaner
( Do not use the Issues block to clean anything with this program. It is for experts only and it is risky).

You may opt out of cleaning cookies. If you clean them alls you will have to do is retype names and passwords for places you visit on the net 1 time.
I clean all my cookies out from time to time and I suggest you do the same. It's not that big a deal if you remember passwords.
If you use either the Firefox or Mozilla browsers, the box to uncheck for Cookies is on the Applications tab, under Firefox/Mozilla


_________________________________
Lets make sure Java is up to date.

Click here to update
You will have to accept terms then download JRE 5.0 Update 7


. Allow it acsess to the net if any of your software asks about it.

When your finished go to start/control panel/add remove programs and uninstall any older version that may be listed.
The newest version is J2SE runtime envirment 5.0 update 7. Leave that one and uninstall any other update version..

________________________
Trends house calls
Do an online scan at:Trend Housecalls Virus Scan You will have to click a couple of "SCAN now it's free links ,then accept terms and scan.
Let it clean, disinfect, quarantine any items found.


Go to :www.trendmicro.com and click free Free tools on the top. .
Click Scan Now It's Free. Choose your location, then Start Free Scan Now. Select Complete Scan. It'll take a few minutes to download, especially with a dialup connection, so be patient.
Check to Clean all drives and Scan.
When it completes, copy the full name of any virus, trojan, or spyware that cannot be cleaned or deleted and post them along with your next log.

And post a new HJT log.
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6073
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby ihatemycomputer » June 22nd, 2006, 5:41 pm

i used firefox but when i click agree nothing happen and i updated my java. and now i am scanning with tend mircro waiting for result :/.
ihatemycomputer
Active Member
 
Posts: 14
Joined: June 21st, 2006, 11:25 pm

Unread postby ihatemycomputer » June 22nd, 2006, 7:09 pm

ok i do the housecall virus scan and i detlete everything that it found. and the http://www.trendmicro.com ones is the same as the housecall.

and here my new hjt log.

Logfile of HijackThis v1.99.1
Scan saved at 7:07:54 PM, on 6/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\hkcmd.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\conquer 2.0 test\Conquer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\ga\Desktop\hijackthis\HijackThis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX1\HNETPO~1.DLL,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX1\HNETPO~1.DLL,Start
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
ihatemycomputer
Active Member
 
Posts: 14
Joined: June 21st, 2006, 11:25 pm

Unread postby Bob4 » June 22nd, 2006, 9:13 pm

You are running 2 anti virus programs. It's oK to have two as long as 1 of them isn't running real time protection. Running 2 with real time protection can cause problems .
Also can be worse than having none.
You need to disable 1 of them from real time protection at least.

I can tell you how to stop real time with avast protection as thats what I use.
You right click on the "a" icon in the task bar. and choose stop-on accsess detection.

_________________________________
We need to disable windows defender.
A good program but may interfere with our fixes.

Open Windows Defender
Click Tools
Click General Settings
Scroll down to Real Time Protection Options
Uncheck Turn on Real Time Protection (recommended)
After you uncheck this, click on the Save button
Close Windows Defender




______________________________
HJT
Run hijackthis and choose scan only and place a check by the following lines if present.
Close all other windows and browsers except HJT before clicking on Fix Checked

There are 2 lines in your last log. Please get them both.



O4 - HKLM\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX1\HNETPO~1.DLL,Start
O4 - HKCU\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX1\HNETPO~1.DLL,Start






___________________________________
Search for and remove
Now I want you to search for and delete the following folder and all it's contents if present. If you need help finding them.
Click start /search/ all files and folders/ look for More advanced options. once in there select the first 3 boxes.
Please just remove the files/folders I listed in BOLD

C:\DOCUMEMENTS AND SETTINGS\ADMINISTRATOR\Local Settings\Temp\RarSFX1


Ewido

Download Ewido
Install ewido
During the installation, uncheck the following under Additional Options:
Install background guard
Install scan via context menu

You will need to update ewido to the latest definition files.
On the left hand side of the main screen click update
Click on Start
The update will start and a progress bar will show the updates being installed. After the updates are installed,
exit ewido.
Do Not Use It Yet.

________________________________________
Safe mode:
Please reboot to safe mode:
After the very first black screen start tapping the
F8 key untill prompted with a list choose safe
mode.
Heres how



_________________________________________
Ewido Part 2
Ewido
Close all open windows/programs/folders. Have nothing else open while ewido performs its scan!
Click on scanner
Click on Settings
Under "How to scan" all boxes should be selected
Under "Possibly unwanted software" all boxes should be selected
Under "What to scan" select scan every file
Click OK
Click on Complete system scan
Let the program scan the machine

If ewido finds anything, it will pop up a notification. NOTE: Occasionally, ewido may produce a false positive, so we need to step through the fixes one-by-one. If ewido finds something that you KNOW is legitimate, for example... somthing related to your antivirus software, your ISP, or a recognized program - in particular keep watch for alerts that have the word "Heuristic" in them - if you recognize the file name as "friendly," these may actually be false positives, select "none" as the action. DO NOT check "Perform action with all infections." If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and will let you know if ewido needs to be run again.When scan is completed, click Save report to your desktop.
Post the report in your next reply.
Exit ewido.

post the contents of the ewido log.





Tell me a few things.
Has the pop up gone directing you to a chinese site ?

ihatemycomputer wrote:i used firefox but when i click agree nothing happen and i updated my java. and now i am scanning with tend mircro waiting for result :/.


You couldn't install firefox Or you did install it ?

Were you able to download and run CCleaner ?

Post he contents of Ewido and a new HJT log.
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6073
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby ihatemycomputer » June 22nd, 2006, 11:29 pm

ok, i had disable avast antivir onacces protection. disabled window defender real time protection. when i check that two list in hjt and click fix. i keep trying like 3 times but it keep reappear on the list. i cant get rid of it some how. i tried to delete the RarSFX1 file it say cannot delete hnetpolcy.dll and i used killbox still dont work :/. When i install the Ewido it doesnt have the advanced option to uncheck or check. Yes i had run the ccleaner and i did install firefox but when i use firefox to do the Kaspersky Online Scanner but when i click agree nothing happened :(.

-thank you
ihatemycomputer
Active Member
 
Posts: 14
Joined: June 21st, 2006, 11:25 pm

Unread postby Bob4 » June 23rd, 2006, 7:27 am

did install firefox but when i use firefox to do the Kaspersky Online Scanner but when i click agree nothing happened

Kasperskys will not work with Firefox as it does not support active X. This is why we did trend Micro scan. It is a Java based program.

When i install the Ewido it doesnt have the advanced option to uncheck or check.

Sorry about the Ewido directions. There new version does not have that option during the install process any longer.

Did you run Ewido? If not please run it.
I need to see the log.



Lets try deleting that file this way.
Delete the killbox you have and be sure to download the latest version.

____________________________
Please download the Killbox by Option^Explicit

Note: In the event you already have Killbox, this is a new version that I need you to download.
Save it to your desktop.



___________________________________
Safe mode:
Please reboot to safe mode:
After the very first black screen start tapping the
F8 key untill prompted with a list.... choose safe
mode.



Please double-click Killbox.exe to run it.
Select:
Delete on Reboot
then Click on the All Files button.
Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

C:\DOCUMEMENTS AND SETTINGS\ADMINISTRATOR\Local Settings\Temp\RarSFX1


Return to Killbox, go to the File menu, and choose Paste from Clipboard.

Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).


If your computer does not restart automatically, please restart it manually.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.

Please post a new HJT log and the results from ewido.
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6073
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby ihatemycomputer » June 23rd, 2006, 10:57 am

Ewido result
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:39:54 AM 6/23/2006

+ Scan result:



C:\!KillBox\Temp\xp2C.tmp.exe -> Adware.AdMedia : No action taken.
C:\!KillBox\Temp\xp59.tmp.exe -> Adware.AdMedia : No action taken.
C:\Documents and Settings\Administrator\Local Settings\Temp\xp2C.tmp.exe -> Adware.AdMedia : No action taken.
C:\Documents and Settings\Administrator\Local Settings\Temp\xp59.tmp.exe -> Adware.AdMedia : No action taken.
C:\Program Files\Softwin\BitDefender9\Quarantine\msdc32.dll -> Downloader.Agent.afm : No action taken.
C:\Documents and Settings\ga\Local Settings\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\Cache.Trash\Trash\Cache\11A3E18Dd01 -> Dropper.JS : No action taken.
C:\Program Files\Softwin\BitDefender9\Quarantine\mstd.dll -> Hijacker.Agent.go : No action taken.
C:\!KillBox\Temp\RarSFX0\ext\dtdl.dll -> Not-A-Virus.Downloader.Win32.Agent.g : No action taken.
:mozilla.157:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.158:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.159:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.160:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.161:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.162:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.163:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.176:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.196:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.197:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.76:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.78:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.81:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.82:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.40:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.41:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.42:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.91:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.92:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Addynamix : No action taken.
C:\!KillBox\Temp\Cookies\administrator@ads.addynamix[2].txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.167:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.168:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.102:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.103:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.119:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.120:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Adserver : No action taken.
C:\WINDOWS\system32\config\systemprofile\Cookies\administrator@z1.adserver[1].txt -> TrackingCookie.Adserver : No action taken.
:mozilla.104:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.105:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.106:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.19:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.20:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.52:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.53:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.54:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.7:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.12:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.51:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.6:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\ga\Cookies\ga@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.166:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.96:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.97:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.290:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Clickbank : No action taken.
:mozilla.297:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Com : No action taken.
C:\WINDOWS\system32\config\systemprofile\Cookies\administrator@com[2].txt -> TrackingCookie.Com : No action taken.
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.108:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.108:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.109:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.109:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.110:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.110:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.111:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.111:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.112:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.112:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\ga\Cookies\ga@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.10:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.11:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.12:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.13:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.14:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.15:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.16:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.17:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.18:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.31:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.32:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.33:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.34:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.37:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.37:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.38:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.38:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.95:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.9:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
C:\WINDOWS\system32\config\systemprofile\Cookies\administrator@as-us.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
:mozilla.14:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.16:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.18:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.19:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.20:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.22:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.23:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.37:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.38:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.43:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.43:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.289:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.81:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.82:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.85:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.10:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Kmpads : No action taken.
:mozilla.12:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Kmpads : No action taken.
:mozilla.214:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.215:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.216:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.217:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.84:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.85:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Mediaplex : No action taken.
C:\!KillBox\Temp\Cookies\administrator@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : No action taken.
:mozilla.106:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Overture : No action taken.
:mozilla.107:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Overture : No action taken.
:mozilla.313:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.314:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.315:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.316:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
C:\!KillBox\Temp\Cookies\administrator@qksrv[2].txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.99:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.126:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.127:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.128:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.129:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.321:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.322:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.323:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.324:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.325:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.45:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.102:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.103:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.104:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.105:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.106:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.142:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.143:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.144:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.146:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.159:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.160:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.161:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.165:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.166:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.70:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.71:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.72:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.74:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.75:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.76:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.77:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.78:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.205:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.206:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.207:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.208:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.100:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.133:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.147:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.148:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.149:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.150:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.56:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.58:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.59:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.60:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.96:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.97:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.98:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.99:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.78:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.79:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.80:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.81:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.81:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.82:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.82:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.83:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.83:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.83:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.84:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.84:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.85:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.85:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.86:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.86:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.86:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.87:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.87:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.88:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.89:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.90:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.91:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.170:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Trafic : No action taken.
:mozilla.58:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.61:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.62:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.63:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.71:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Tribalfusion : No action taken.
C:\WINDOWS\system32\config\systemprofile\Cookies\administrator@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.44:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.45:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.46:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.53:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.54:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.55:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.56:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Valuead : No action taken.
:mozilla.36:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.37:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.38:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.39:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.49:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.63:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.64:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.65:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-2.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.77:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.78:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.94:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-3.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\!KillBox\Temp\Cookies\administrator@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.83:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\681zxjnk.default\cookies-1.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.88:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.89:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.90:C:\Documents and Settings\ga\Application Data\Mozilla\Firefox\Profiles\22kakwwx.default\cookies.txt -> TrackingCookie.Zedo : No action taken.


::Report end

MY HJT log

Logfile of HijackThis v1.99.1
Scan saved at 10:56:39 AM, on 6/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\hkcmd.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ga\Desktop\hijackthis\HijackThis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX1\HNETPO~1.DLL,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [HNETPOLCY] rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX1\HNETPO~1.DLL,Start
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
ihatemycomputer
Active Member
 
Posts: 14
Joined: June 21st, 2006, 11:25 pm

Unread postby ihatemycomputer » June 23rd, 2006, 11:56 am

also when i do the safe mode and restart thing with killbox, the file is still there i tried few times still there.

-sry for double post and thank you.
ihatemycomputer
Active Member
 
Posts: 14
Joined: June 21st, 2006, 11:25 pm

Unread postby ihatemycomputer » June 23rd, 2006, 5:33 pm

ok i had getting rid of the Hnetpolcy thinggy. but i still have pop up.
this is my new hjt log

Logfile of HijackThis v1.99.1
Scan saved at 5:32:29 PM, on 6/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\hkcmd.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\ga\Desktop\hijackthis\HijackThis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
ihatemycomputer
Active Member
 
Posts: 14
Joined: June 21st, 2006, 11:25 pm

Unread postby Bob4 » June 23rd, 2006, 5:47 pm

Ill look at the log now. How did you remove RarSFX1 ?
User avatar
Bob4
MRU Master
MRU Master
 
Posts: 6073
Joined: November 12th, 2005, 11:26 am
Location: Florida
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 295 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware