Popups and redirects everywhere [Archive]

View Full Version : Popups and redirects everywhere

hoofedboy

2007-02-15, 16:33

Hello

Having loads of problems at the moment, I have run spybot S+D in safe mode main error is smitfraud-c and smitfraud-c.toolbar888 can not clean it off.

Use AVG Anti spyware v7.5n and that informs i got hijacker.vb.mh and purityscan.

I have followed all instructions on this page:

http://forums.spybot.info/showthread.php?t=288

and on this page of another forum:

http://forums.spywareinfo.com/index.php?showtopic=78954

Here is my HJ and AVG report please help want my internet running properly again:

Logfile of HijackThis v1.99.1
Scan saved at 15:16:26, on 15/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HIS iTurbo\iTurbo.exe
C:\Program Files\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\BrightWindow\BrightWindow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [iTurbo] "C:\Program Files\HIS iTurbo\iTurbo.exe" /s
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [knnzdjn.dll] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Quentin\Local Settings\Application Data\knnzdjn.dll",pvrjauf
O4 - HKLM\..\Run: [{0842B39D-089A-1033-1027-04012005002c}] "C:\Program Files\Common Files\{0842B39D-089A-1033-1027-04012005002c}\Update.exe" mc-110-12-0000272
O4 - HKLM\..\Run: [IpWins] C:\Program Files\Ipwindows\ipwins.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\vwvixfhg.dll",setvm
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvxav.dll,startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Paco] "C:\DOCUME~1\Quentin\APPLIC~1\CROSOF~1\fast.exe" -vt ndrv
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: BrightWindow.LNK = C:\Program Files\BrightWindow\BrightWindow.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: bw+0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0FC712E2-1B90-4ABF-8DBD-B49D8F2904BB} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e mc-110-12-0000272 (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

hoofedboy

2007-02-15, 16:34

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 14:28:50 15/02/2007

+ Scan result:

C:\WINDOWS\R2FtZXMgTWFjaGluZQ\asappsrv.dll -> Adware.CommAd : Ignored.
C:\WINDOWS\R2FtZXMgTWFjaGluZQ\command.exe -> Adware.CommAd : Ignored.
C:\Documents and Settings\Quentin\Local Settings\Temporary Internet Files\Content.IE5\KX2JCXQ3\appsetup[1].exe/RemoveWebDP.exe -> Adware.DelphinMediaViewer : Ignored.
C:\Documents and Settings\Quentin\Local Settings\Temporary Internet Files\Content.IE5\KX2JCXQ3\appsetup[1].exe/nfo.ocx -> Adware.DelphinMediaViewer : Ignored.
C:\Documents and Settings\Quentin\Local Settings\Temporary Internet Files\Content.IE5\KX2JCXQ3\appsetup[1].exe/nfom.dll -> Adware.DelphinMediaViewer : Ignored.
C:\Documents and Settings\Quentin\Local Settings\Temporary Internet Files\Content.IE5\KX2JCXQ3\appsetup[1].exe/nfomon.exe -> Adware.DelphinMediaViewer : Ignored.
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Ignored.
C:\Downloads\Nero 7.0.1.4 Premium FULL with keygen\keygen.exe -> Hijacker.VB.mh : Ignored.
C:\WINDOWS\keygen.exe -> Hijacker.VB.mh : Ignored.
C:\Documents and Settings\Quentin\Local Settings\Temporary Internet Files\Content.IE5\C9MBW9AB\WinAntiVirusPro2007FreeInstall[1].cab/UWA7P_0001_N91M0809NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Ignored.
:mozilla.12:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.247realmedia : Ignored.
:mozilla.13:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.247realmedia : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignored.
:mozilla.14:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.15:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.16:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.172:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.173:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.17:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.181:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.18:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.19:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.20:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.21:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.22:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.230:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.23:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.24:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.25:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.6:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.7:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.8:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@122.2o7[2].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@2o7[2].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@adbrite[1].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Ignored.
:mozilla.47:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Adtech : Ignored.
:mozilla.48:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Adtech : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@adtech[2].txt -> TrackingCookie.Adtech : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@advertising[2].txt -> TrackingCookie.Advertising : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@adviva[2].txt -> TrackingCookie.Adviva : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored.
:mozilla.69:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Burstnet : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@clickbank[1].txt -> TrackingCookie.Clickbank : Ignored.
:mozilla.30:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Clickhype : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@cz11.clickzs[2].txt -> TrackingCookie.Clickzs : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@cz5.clickzs[1].txt -> TrackingCookie.Clickzs : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@cz9.clickzs[2].txt -> TrackingCookie.Clickzs : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Ignored.
:mozilla.78:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Com : Ignored.
:mozilla.79:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Com : Ignored.
:mozilla.80:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Com : Ignored.
:mozilla.81:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Com : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@com[2].txt -> TrackingCookie.Com : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ignored.
:mozilla.92:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Dbbsrv : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\LocalService\Cookies\system@enhance[2].txt -> TrackingCookie.Enhance : Ignored.
:mozilla.97:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Esomniture : Ignored.
:mozilla.98:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Esomniture : Ignored.
:mozilla.99:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@e-2dj6wflowjczakp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@e-2dj6wjloqmdzobp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.59:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Falkag : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@as1.falkag[1].txt -> TrackingCookie.Falkag : Ignored.
C:\Documents and Settings\LocalService\Cookies\system@findwhat[1].txt -> TrackingCookie.Findwhat : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@findwhat[1].txt -> TrackingCookie.Findwhat : Ignored.
:mozilla.367:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Googleadservices : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@ehg-pcsecurityshield.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@hitbox[2].txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@hypertracker[1].txt -> TrackingCookie.Hypertracker : Ignored.
:mozilla.218:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.219:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.220:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.221:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.222:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.223:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.224:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Liveperson : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Ignored.
:mozilla.231:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Onestat : Ignored.
:mozilla.232:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Onestat : Ignored.
:mozilla.190:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Overture : Ignored.
:mozilla.191:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Overture : Ignored.
:mozilla.199:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Overture : Ignored.
:mozilla.90:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@overture[2].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@perf.overture[1].txt -> TrackingCookie.Overture : Ignored.
:mozilla.194:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Paycounter : Ignored.
:mozilla.33:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.34:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.35:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.36:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Pointroll : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@pro-market[1].txt -> TrackingCookie.Pro-market : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@qksrv[2].txt -> TrackingCookie.Qksrv : Ignored.
:mozilla.200:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Questionmarket : Ignored.
:mozilla.201:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Questionmarket : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@questionmarket[1].txt -> TrackingCookie.Questionmarket : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignored.
:mozilla.110:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Ru4 : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@edge.ru4[2].txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.225:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.226:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.227:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.228:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.68:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Ignored.
:mozilla.157:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Sitestat : Ignored.
:mozilla.158:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Sitestat : Ignored.
:mozilla.159:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Sitestat : Ignored.
:mozilla.160:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Sitestat : Ignored.
:mozilla.161:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Sitestat : Ignored.
:mozilla.346:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Smartadserver : Ignored.
:mozilla.244:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.245:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.259:C:\Documents and Settings\Quentin\Application Data\Mozilla\Firefox\Profiles\sem1wahc.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@nsads.valuead[2].txt -> TrackingCookie.Valuead : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@web-stat[1].txt -> TrackingCookie.Web-stat : Ignored.
C:\Documents and Settings\Quentin\Cookies\quentin@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignored.

::Report end

Mr_JAk3

2007-02-17, 21:28

HI hoofedboy and welcome to the Forums :)

You're infected.

One or more of the identified infections steal information. If this system is used for online banking or has credit card information on it, all passwords should be changed immediately by using a different computer (not the infected one!) to make the changes. Banking and credit card institutions, if any, should be notified of the possible security breech. I suggest that you read this (http://www.dslreports.com/faq/10451) article too.

Download SDFix (http://downloads.andymanchesta.com/RemovalTools/SDFix.zip) and save it to your desktop.

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.

In Safe Mode, right click the SDFix.zip folder and choose Extract All,
Open the extracted folder and double click RunThis.bat to start the script.
Type Y to begin the script.
It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
Your system will take longer that normal to restart as the fixtool will be running and removing files.
When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log

tashi

2007-02-26, 01:16

This topic has been closed to prevent others with similar issues posting in it.

If you need it re-opened please send me a private message (pm) and provide a link to the thread. Applies only to the original poster, anyone else with similar problems please start a new topic.