Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: Malicious Action detected - mlljh.dll

  1. 2007-04-11, 22:26 #11
    pskelley
    pskelley is offline
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Please look at all of the items in the Active scan log like this:
    C:\System Volume Information\_restore

    Those are junk that is backed up in your System Restore files. If you had followed the directions to turn System Restore off, reboot the computer and turn System Restore back on, all of those items would not be there. Please try to follow these directions:

    System Restore does not know the good files from the bad. In case bad stuff has gotten into your System Restore files, follow the instructions in this link to get clean System Restore files. Turn it off, reboot then turn it back on:
    http://service1.symantec.com/SUPPORT...rc=sec_doc_nam

    After that is done, then follow the instructions in this link:
    http://forums.security-central.us/showthread.php?t=3165
    DO NOT confuse this program with your Anti-Virus program, they are two different programs that do two different jobs. Download, install , update and run the program according to the instructions. Make sure you delete or at least quarantine anything it finds and save the scan results and post them.

    Then look at this information for ways to help your computer run better:
    http://users.telenet.be/bluepatchy/m...wcomputer.html

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006
  2. 2007-04-12, 18:15 #12
    jsiguenza
    jsiguenza is offline
    Junior Member
    Join Date
    Apr 2007
    Location
    Wisconsin
    Posts
    12

    Default

    I had already done the System Restore process but I did it again anyways. Once I have the AVG AntiSpyware 7.5 should I delete the PC Tools Spyware Doctor?

    This is the AVG Anti-Spyware log:

    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 11:12:35 AM 4/12/2007

    + Scan result:



    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP465\A0022871.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP465\A0022872.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP465\A0022873.dll -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP465\A0022875.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP466\A0022906.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP467\A0022958.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP467\A0022970.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP467\A0022971.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP482\snapshot\MFEX-1.DAT -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP485\A0023913.exe -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP485\snapshot\MFEX-1.DAT -> Adware.BargainBuddy : No action taken.
    C:\WINNT\bbchk.exe -> Adware.BargainBuddy : No action taken.
    C:\WINNT\system32\apuc.dll -> Adware.BargainBuddy : No action taken.
    C:\WINNT\system32\bbchk.exe -> Adware.BargainBuddy : No action taken.
    C:\WINNT\system32\exdl.exe -> Adware.BargainBuddy : No action taken.
    C:\WINNT\system32\msbe.dll -> Adware.BargainBuddy : No action taken.
    C:\WINNT\system32\mscb.dll -> Adware.BargainBuddy : No action taken.
    C:\WINNT\system32\nvms.dll -> Adware.BargainBuddy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP470\A0023121.dll -> Adware.BiSpy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP471\A0023140.exe -> Adware.BiSpy : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP440\A0018755.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP440\A0018756.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP440\A0018757.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP440\A0018758.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP440\A0018759.exe -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP441\A0018767.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP441\A0018768.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP441\A0018769.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP441\A0018770.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP441\A0018771.exe -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP442\A0018783.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP442\A0018784.exe -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP443\A0018792.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP443\A0018794.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP443\A0018795.exe -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP443\A0018806.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP443\A0018807.exe -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP443\A0018811.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP443\A0018812.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP443\A0018814.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP443\A0018816.exe -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP444\A0018821.DLL -> Adware.ClearSearch : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP467\A0022959.exe -> Adware.HelpExpress : No action taken.
    C:\Program Files\WebSavingsfromEbates -> Adware.MoneyMaker : No action taken.
    C:\Program Files\WebSavingsfromEbates\System -> Adware.MoneyMaker : No action taken.
    C:\Program Files\WebSavingsfromEbates\System\Temp -> Adware.MoneyMaker : No action taken.
    C:\Program Files\WebSavingsfromEbates\System\Temp\dump.txt -> Adware.MoneyMaker : No action taken.
    C:\Program Files\WebSavingsfromEbates\System\Temp\run.txt -> Adware.MoneyMaker : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP445\A0018852.exe -> Adware.SaveNow : No action taken.
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP456\A0020393.exe -> Adware.SaveNow : No action taken.
    :mozilla.121:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.189:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.53:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-1.txt -> TrackingCookie.Burstnet : No action taken.
    :mozilla.21:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Doubleclick : No action taken.
    :mozilla.29:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-1.txt -> TrackingCookie.Doubleclick : No action taken.
    :mozilla.40:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Esomniture : No action taken.
    :mozilla.46:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Esomniture : No action taken.
    :mozilla.103:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.110:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.125:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-1.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.125:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.126:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-1.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.127:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-1.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.127:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.153:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.193:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.194:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.220:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.228:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.229:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.230:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.274:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.275:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.32:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.92:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.99:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
    :mozilla.126:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Paypal : No action taken.
    :mozilla.50:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Paypal : No action taken.
    :mozilla.115:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.116:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.117:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.118:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.183:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.184:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.185:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.186:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.93:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-1.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.94:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-1.txt -> TrackingCookie.Revsci : No action taken.
    :mozilla.112:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.113:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.114:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.115:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.116:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.117:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.118:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.119:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.120:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.121:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.35:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.36:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.37:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.38:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.39:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.40:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.41:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.42:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.43:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.44:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
    :mozilla.45:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.


    ::Report end

    Thanks
  3. 2007-04-12, 19:36 #13
    pskelley
    pskelley is offline
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    OK, we have a problem here, and I am not sure if it in communication or not. Look closely at the items in the AVG scan report, the vast majority say this:
    C:\System Volume Information\_restore{30F71744-7195-4A81-BC43-76AFE6B4AF0F}\RP465\A0022871.exe -> Adware.BargainBuddy : No action taken.
    These are files that are backed up in System restore that must be removed. This is probably what Norton is seeing. I have no idea what you are doing, but here is another look at the instructions:

    Click on this link and read carefully the instructions:
    http://support.f-secure.com/enu/home...mrestore.shtml

    How to Clean an Infected System Volume Information or System Restore folder
    System Restore is a feature of Windows XP and Windows ME (Note: Windows ME is not supported by F-Secure Internet Security 2007). If a virus infects the computer, it is possible that the virus could be backed up in the system restore folder. To scan and clean System Restore, you need to disable it.

    By disabling System Restore you lose your last system restore point. If you want to continue using the System Restore feature, it is important to re-enable it after removing the infected files. Unfortunately there is no other way to remove infections from this location.

    (there is no need to scan with F-Secure, the process of turning off system restore, then rebooting your computer and then turning system restore back on will give you a clean restore point)

    (here is the information from Microsoft: http://www.microsoft.com/technet/com...store_faq.mspx )

    To disable System Restore on Windows XP:
    Close all open programs.
    Right-click My Computer, and select Properties. The System Properties dialog is displayed.
    Click the System Restore tab.
    Select the Turn off System Restore on all drives check box.
    Click Apply, and when the system asks if you want to turn off System Restore, click Yes.
    Click OK.
    Scan all hard drives and all files for viruses with your F-Secure Anti-Virus product.
    Once you have scanned and disinfected the files, enable System Restore again as follows:

    Right-click My Computer, and select Properties. The System Properties dialog is displayed.
    Click the System Restore tab.
    Clear the Turn off System Restore on all drives check box.
    Click Apply, and then click OK.


    Something you are doing is not being done correctly or those items would not be in the AVG Anti-Spyware scan.

    Many of the bad items like this one:
    C:\WINNT\bbchk.exe -> Adware.BargainBuddy : No action taken.
    Indicate you took no action instead of deletating the bad file.

    Many are cookies: Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies-1.txt -> TrackingCookie.Revsci : No action taken.
    and no action was taken instead of deleting them?

    Here are the instructions I posted:
    Make sure you delete or at least quarantine anything it finds and save the scan results and post
    If you don't know how to control cookies in Firefox, read this information:
    http://privacy.getnetwise.org/browsi...disablecookies
    http://www.mozilla.org/projects/secu...priv_help.html

    Please follow the above directions and then post another AVG Scan report which should be clean.

    Thank you
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006
  4. 2007-04-12, 21:41 #14
    jsiguenza
    jsiguenza is offline
    Junior Member
    Join Date
    Apr 2007
    Location
    Wisconsin
    Posts
    12

    Default

    Sorry, I misunderstood what you wanted me to do. Now its done.

    This is the AVG log:

    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 2:38:04 PM 4/12/2007

    + Scan result:



    :mozilla.31:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.32:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.33:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.34:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.234:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.16:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.101:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.95:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
    :mozilla.54:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.55:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.56:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.141:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.148:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.152:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.159:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.238:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.239:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.265:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.319:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.320:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.105:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
    :mozilla.57:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
    :mozilla.58:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
    :mozilla.59:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
    :mozilla.60:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
    :mozilla.161:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.162:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.163:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.164:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.165:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.166:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.167:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.168:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.169:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.170:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.37:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.38:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.39:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.41:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.42:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.43:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.10:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.11:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.12:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.13:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.14:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.15:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.17:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.9:C:\Documents and Settings\Owner.CURT-JP80I6E32O\Application Data\Mozilla\Firefox\Profiles\1uajqrvo.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


    ::Report end


    Now, after all the process, I suppose I should just leave in the computer the AVG antivirus and spyware on, is that right? Should I now delete the PC Spyware doctor and all the spyware and antivirus programs?

    Thank you
  5. 2007-04-12, 21:49 #15
    pskelley
    pskelley is offline
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Thanks: http://mozilla.gunnars.net/firefox_h..._tutorial.html

    Since it has been a while, please let me see one more HijackThis log. I'll look it over and give you some information from experts that will help with your decisions. Once you review what they have to say, if you still have questions, then post them.

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006
  6. 2007-04-12, 22:20 #16
    jsiguenza
    jsiguenza is offline
    Junior Member
    Join Date
    Apr 2007
    Location
    Wisconsin
    Posts
    12

    Default

    This is the HJT log:

    Logfile of HijackThis v1.99.1
    Scan saved at 3:18:52 PM, on 4/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Owner.CURT-JP80I6E32O\Desktop\Cleaning files\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
    O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Acronis Pop-up Blocker - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\Acronis\PRIVAC~1\Blocker.dll (file missing)
    O9 - Extra 'Tools' menuitem: Acronis Pop-up Blocker - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\Acronis\PRIVAC~1\Blocker.dll (file missing)
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    O23 - Service: PictureTaker - LANovation - C:\WINDOWS\system32\PCTKRNT.SYS
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe


    So, should I delete all the antivirus and spywares that I have in my computer as PC tools spyware doctor and just keep the AVG anti virus and spyware, is that ok?

    Thank you very much again for all your help.

    Javier Siguenza
  7. 2007-04-12, 22:36 #17
    pskelley
    pskelley is offline
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Thanks for providing your HJT log Javier, and it looks clean of malware I personally do not use Spyware Doctor, is it a trial which supplies no benefits after the trial period? That being the case you would want to uninstall it. AVG Anti-Spyware also stops realtime protection after the trial period, but the scanner can be kept and updated for as long as you like. I will post more information, but it is important that you turn it completely off unless you purchase it because it would use resources and provide no benefits. My suggestion is that you run one good antivirus program which you have, and one good firewall, which I do not see. If you use the Windows SP2 firewall, you may want to consider a better free one. I also suggest at least one good spyware program that runs in realtime, and freeware programs are available. After you read what the experts have to say, if you still have questions, post them and I will do my best to give you answers.

    AVG Anti-Spyware is a good program but it does use some resources. Once the trial is over you can update and use the scanner for as long as you wish, but unless you purchase it you should turn it off completely so it does not run unless you start it manually.

    Here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online:
    http://forums.spybot.info/showthread.php?t=279
    http://russelltexas.com/malware/allclear.htm
    http://forum.malwareremoval.com/viewtopic.php?t=14
    http://www.bleepingcomputer.com/forums/topict2520.html
    http://cybercoyote.org/security/not-admin.shtml

    Gracias...pskelley
    Safer Networking Forums
    http://www.spybot.info/en/donate/index.html
    If you are reading this information...thank a teacher,
    If you are reading it in English...thank a soldier.
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006
  8. 2007-04-13, 00:11 #18
    jsiguenza
    jsiguenza is offline
    Junior Member
    Join Date
    Apr 2007
    Location
    Wisconsin
    Posts
    12

    Default

    Well, I suppose thats it... I really apreciate all your help.
  9. 2007-04-17, 13:15 #19
    pskelley
    pskelley is offline
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    As the problem appears to be resolved this topic has been closed.

    If you need it re-opened please send me or a forum staff member a private message (pm) and provide a link to the thread; this applies only to the original topic starter.

    Anyone else with similar problems please start a new topic.

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules