Results 1 to 4 of 4

Thread: UnSpyPc, Statcounter, CasinoPopupStuff etc

  1. 2006-10-23, 22:51 #1
    Fade Indigo
    Fade Indigo is offline
    Junior Member
    Join Date
    Jan 2006
    Posts
    6

    Default UnSpyPc, Statcounter, CasinoPopupStuff etc

    My computer has been runnning pretty slowly recently, I think it might need some attention...

    Hi-jack this log:
    Logfile of HijackThis v1.99.1
    Scan saved at 20:39:41, on 23/10/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\AOL\1125152739\ee\AOLHostManager.exe
    C:\Program Files\Common Files\AOL\1125152739\ee\AOLServiceHost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\HijackThis\HijackThis.exe

    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NVCLOCK] Rundll32 nvclock.dll,fnNvclock
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1125152739\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
    O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  2. 2006-10-23, 22:52 #2
    Fade Indigo
    Fade Indigo is offline
    Junior Member
    Join Date
    Jan 2006
    Posts
    6

    Default Continued...

    Activescan Online Log:

    Incident Status Location

    Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.bravenet.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.realmedia.com/]
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[ad.yieldmanager.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.serving-sys.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.bs.serving-sys.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.serving-sys.com/]
    Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[server.iad.liveperson.net/hc/35439559]
    Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[server.iad.liveperson.net/]
    Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[server.iad.liveperson.net/hc/35439559]
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.as-us.falkag.net/]
    Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.adultfriendfinder.com/]
    Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.burstnet.com/]
    Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[fe.lea.lycos.fr/]
    Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.cs.sexcounter.com/]
    Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[server.iad.liveperson.net/hc/34292599]
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.adrevolver.com/]
    Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.maxserving.com/]
    Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[server.iad.liveperson.net/hc/15358151]
    Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.casalemedia.com/]
    Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.statcounter.com/]
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.com.com/]
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.zedo.com/]
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.atwola.com/]
    Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.toplist.cz/]
    Spyware:Cookie/Golden Palace Online Casino Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[www.goldenpalace.com/]
    Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.clickbank.net/]
    Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[stat.onestat.com/]
    Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.adopt.hbmediapro.com/]
    Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.revenue.net/]
    Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[searchportal.information.com/]
    Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.apmebf.com/]
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[.xiti.com/]
    Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Davey\Application Data\Mozilla\Firefox\Profiles\jw05ijiq.default\cookies.txt[landing.domainsponsor.com/]
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Davey\Cookies\davey@ad.yieldmanager[1].txt
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Davey\Cookies\davey@atwola[1].txt
    Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Davey\Cookies\davey@burstnet[2].txt
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Davey\Cookies\davey@realmedia[1].txt
    Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Davey\Cookies\davey@seeq[1].txt
    Spyware:Cookie/Buydomains Not disinfected C:\Documents and Settings\Davey\Cookies\davey@www47.buydomains[1].txt
    Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Davey\Cookies\davey@www48.seeq[1].txt
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Davey\Local Settings\Temp\Cookies\davey@atwola[1].txt
    Potentially unwanted tool:Application/P2PNetworking Not disinfected C:\Program Files\HijackThis\backups\backup-20060124-113042-635.dll
    Potentially unwanted tool:Application/Altnet Not disinfected C:\Program Files\Kazaa\TopSearch.dll
    Potentially unwanted tool:application/bestoffer Not disinfected C:\WINDOWS\smdat32m.sys
    Potentially unwanted tool:Application/P2PNetworking Not disinfected C:\WINDOWS\system32\P2P Networking v126.cpl

    Thanks in advance
  3. 2006-10-29, 01:08 #3
    LonnyRJones
    LonnyRJones is offline
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,025

    Default

    Hello

    Where did you see UnSpyPc ?

    In the windows control panel addremove programs uninstall
    P2P Networking and kazza !!!!
    Did you ?

    Post back with a fresh hijackthis log please
    ~~~~~~~~~~~~~~~~~~~~~~~
    Microsoft MVP Windows-Security 2006
  4. 2006-11-03, 18:39 #4
    tashi
    tashi is offline
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,963

    Default

    This topic has been closed to prevent others with similar issues posting in it.
    If you need it re-opened please send me or your helper a private message (pm) and provide a link to the thread.

    Applies only to the original topic starter.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules