Slow Download Speeds On Direct Download


Recommended Posts

hiiii guys i'm back with a spyware problem (as told by my ISP ppl).when i'm tryin to download ne files from rapidshare or ne other website my speed goes down.i dunno y i'm having slow speeds on websites so i'm postin my HJT Log .if ne1 wants more info i'll be more then happy to give it to them..

here's my HJT log....................

Logfile of HijackThis v1.99.1

Scan saved at 5:05:16 PM, on 11/13/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\ewido anti-spyware 4.0\guard.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe

C:\WINDOWS\system32\vmnat.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\system32\taskswitch.exe

C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe

C:\WINDOWS\VM_STI.EXE

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\Wcescomm.exe

C:\Program Files\UberIcon\UberIcon Manager.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\PowerMenu\PowerMenu.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe

C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE

C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE

C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\DllHost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

c:\unzipped\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

F2 - REG:system.ini: Shell=explorer.exe ,svchost.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FLASHGET\jccatch.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"

O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL)

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"

O4 - HKCU\..\Run: [uberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"

O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe

O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe

O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: PowerMenu.lnk = C:\Program Files\PowerMenu\PowerMenu.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Phone Connection Monitor.lnk = ?

O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe

O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe

O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

Link to post
Share on other sites

First download AVG Anti-Spyware from HERE and save that file to your desktop.

This is a 30 day trial of the program

  1. Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  2. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
  3. On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.

[*]Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.

[*]Once in the Settings screen click on "Recommended actions" and then select "Quarantine".

[*]Under "Reports"

  • Select "Automatically generate report after every scan"
  • Un-Select "Only if threats were found"

Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.

  1. Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
    IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  2. Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
  3. Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  4. AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  5. If you have any infections you will prompted, then select "Apply all actions"
  6. Next select the "Reports" icon at the top.
  7. Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  8. Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.

Link to post
Share on other sites

ok finally i've managed to do a full system scan.it took me 6 hours to complete it n now i'm postin its log as u said............................

---------------------------------------------------------

AVG Anti-Spyware - Scan Report

---------------------------------------------------------

+ Created at: 6:38:11 PM 11/15/2006

+ Scan result:

G:\Software\HHv4\Hip.Hop.eJAY.1.04.00_No-CD_Crack.ZIP/hhejay_crk.exe -> Backdoor.Theef.111 : No action taken.

G:\Software\HHv4\Hip.Hop.eJAY.1.04.00_No-CD_Crack\hhejay_crk.exe -> Backdoor.Theef.111 : No action taken.

D:\My Documents\Applications\Cable_Modem_Uncapping_Kit.rar/Cable_Modem_Uncapping_Kit\Cable_Modem_Uncapping_Kit\Cable Modem Uncapping Kit V6.3\Step2.exe -> Dropper.Delf.vp : No action taken.

C:\Downloads\WCSRsetup\WCSRsetup.exe -> Dropper.Delf.yb : No action taken.

E:\My folder\nokia apps\7625c2edcad-kas[1].ringtone.editor.1.0.patch-icu.zip/patch.exe -> Logger.Agent.nbq : No action taken.

E:\My folder\nokia apps\RingtoneEditor.zip/patch.exe -> Logger.Agent.nbq : No action taken.

E:\My folder\nokia apps\RingtoneEditor\patch.exe -> Logger.Agent.nbq : No action taken.

C:\Program Files\ewido anti-spyware 4.0\Patch.exe -> Not-A-Virus.Hacktool.Crack : No action taken.

D:\My Documents\Applications\Ewido ver 4\Ewido.Anti-Spyware4.0.0.172b.zip/Ewido.Anti-Spyware4.0.0.172b/Patch.exe -> Not-A-Virus.Hacktool.Crack : No action taken.

D:\My Documents\Applications\Ewido ver 4\Patch.exe -> Not-A-Virus.Hacktool.Crack : No action taken.

D:\My Documents\Applications\EvID4226Patch223d-en.zip/EvID4226Patch.exe -> Not-A-Virus.Hacktool.EvID : No action taken.

C:\un\magic\Password Stealer.exe -> Not-A-Virus.PSWTool.Win32.PassViewer.PStealer : No action taken.

D:\My Documents\Applications\all_windows\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : No action taken.

E:\Bill_Gates_Toolkit_Reloaded%21%21%21\WTK_Dp\UltimateWindows\RockXP v3\RockXP30.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : No action taken.

D:\My Documents\Applications\New Folder\vlc.zip/Htcapp.exe -> Not-A-Virus.VirTool.DOS.Htcapp : No action taken.

D:\My Documents\Applications\New Folder\rme11.zip/RME11.OBJ -> Not-A-Virus.VirTool.DOS.RME.11 : No action taken.

C:\Documents and Settings\lovee\My Documents\Download_Accelerator_Plus_v5.3.9.6_Multilanguage.zip/LS_DAP_v5.3.9.6_Multi-Language.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

C:\Documents and Settings\lovee\My Documents\RealOne_Player_Gold_v2.0_Multi_Feature_Activator_3_by_BetaMaster.zip/RealOne_v2_1.0_Multi_Feature_Patch_3_NoPath_BetaMaster/RealOnePatch_NoPath.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

C:\unzipped\Nero_Burning_Rom_SVCD_Plugin\LS_Nero_SVCD_Plugin.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

C:\unzipped\RealOne_Player_Gold_v2.0_Multi_Feature_Activator_3_by_BetaMaster\RealOne_v2_1.0_Multi_Feature_Patch_3_NoPath_BetaMaster\RealOnePatch_NoPath.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

C:\unzipped\Sonic_Foundry_SoundForge_v6.0a_build_150\rh-sf6b150.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

C:\unzipped\neroplugins\neroplugins\Nero_Burning_Rom_SVCD_Plugin.zip/LS_Nero_SVCD_Plugin.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

D:\My Documents\Applications\HidemyIP\Hide IP Platinum v1.4.rar/Hide IP Platinum v1.4.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

D:\My Documents\Applications\HidemyIP\Hide IP Platinum v1.4\Hide IP Platinum v1.4.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

D:\My Documents\Applications\Sonic_Foundry_SoundForge_v6.0a_build_150.zip/rh-sf6b150.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

D:\mIRC\download\CRACK-DFX.Plugins.All\CRACK-DFX.Plugins.All\DFXCrack.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

D:\mIRC\download\neroplugins.zip/neroplugins/Nero_Burning_Rom_SVCD_Plugin.zip/LS_Nero_SVCD_Plugin.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.

:mozilla.413:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.

:mozilla.414:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.415:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.416:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.417:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.418:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.20:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.21:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.22:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.625:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.626:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.650:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.212:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.

:mozilla.213:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.

:mozilla.156:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Advertising : No action taken.

:mozilla.157:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Advertising : No action taken.

:mozilla.158:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Advertising : No action taken.

:mozilla.100:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.

C:\Documents and Settings\lovee\Cookies\lovee@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.

:mozilla.511:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Bfast : No action taken.

:mozilla.66:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.

:mozilla.68:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.

:mozilla.69:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.

:mozilla.67:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.70:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.71:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.72:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.73:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.77:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.79:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.330:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Clickbank : No action taken.

:mozilla.172:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Clickhype : No action taken.

:mozilla.173:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Clickhype : No action taken.

:mozilla.245:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.

:mozilla.246:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.

:mozilla.244:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Cqcounter : No action taken.

:mozilla.345:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\lovee\Cookies\lovee@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.

:mozilla.329:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Etracker : No action taken.

:mozilla.88:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Falkag : No action taken.

:mozilla.89:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Falkag : No action taken.

:mozilla.90:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Falkag : No action taken.

:mozilla.91:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Falkag : No action taken.

:mozilla.104:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.105:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.106:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.107:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.108:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.109:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.447:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.645:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.229:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.283:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.460:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.461:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.74:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.75:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.76:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.78:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.188:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Hotlog : No action taken.

:mozilla.115:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.

C:\Documents and Settings\lovee\Cookies\lovee@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.

:mozilla.549:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Onestat : No action taken.

:mozilla.550:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Onestat : No action taken.

:mozilla.203:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Overture : No action taken.

:mozilla.379:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.380:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.381:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.382:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.377:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.

:mozilla.378:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.

:mozilla.358:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Revenue : No action taken.

:mozilla.359:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Revenue : No action taken.

:mozilla.305:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.

:mozilla.306:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.

:mozilla.187:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Spylog : No action taken.

:mozilla.252:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.253:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.254:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.255:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.256:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.257:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.258:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.259:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.260:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.261:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.262:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.263:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.264:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.265:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.266:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.267:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.268:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.269:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.270:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.271:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.272:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.302:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.303:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.304:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.439:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Targetnet : No action taken.

:mozilla.375:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.180:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.

:mozilla.217:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.218:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.219:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.220:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.221:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.222:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.202:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Yadro : No action taken.

:mozilla.84:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.85:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.86:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.424:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Zedo : No action taken.

:mozilla.425:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Zedo : No action taken.

:mozilla.426:C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt -> TrackingCookie.Zedo : No action taken.

::Report end

Link to post
Share on other sites

Please download ATF Cleaner by Atribune.

This program is for XP and Windows 2000 only

  • Double-click ATF-Cleaner.exe to run the program.
    Under Main choose: Select All
    Click the Empty Selected button.

If you use Firefox browser

  • Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

  • Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

For Technical Support, double-click the e-mail address located at the bottom of each menu.

Please go HERE to run Panda's ActiveScan

  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report

Link to post
Share on other sites

ok i've done what u've told me to do n here's the active scan report.............

Incident Status Location

Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\lovee\Cookies\lovee@mediaplex[1].txt

Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\lovee\Cookies\lovee@atdmt[2].txt

Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\lovee\Cookies\lovee@bluestreak[1].txt

Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\lovee\Cookies\lovee@doubleclick[2].txt

Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[ad.yieldmanager.com/]

Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.spylog.com/]

Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.yadro.ru/]

Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.targetnet.com/]

Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.realmedia.com/]

Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.maxserving.com/]

Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.toplist.cz/]

Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.bravenet.com/]

Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.mediaplex.com/]

Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.overture.com/]

Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.2o7.net/]

Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.casalemedia.com/]

Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.burstnet.com/]

Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.casalemedia.com/]

Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.hitbox.com/]

Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.casalemedia.com/]

Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.hitbox.com/]

Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.casalemedia.com/]

Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.as-us.falkag.net/]

Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[a.as-us.falkag.net/]

Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.as-us.falkag.net/]

Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.atdmt.com/]

Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.fastclick.net/]

Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.advertising.com/]

Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.tribalfusion.com/]

Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.hotlog.ru/]

Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.adrevolver.com/]

Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.phg.hitbox.com/]

Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.statcounter.com/]

Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.cs.sexcounter.com/]

Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.clickbank.net/]

Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.azjmp.com/]

Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.doubleclick.net/]

Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.revenue.net/]

Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.tradedoubler.com/]

Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[searchportal.information.com/]

Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.questionmarket.com/]

Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.ads.pointroll.com/]

Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.entrepreneur.com/]

Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.247realmedia.com/]

Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.zedo.com/]

Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[.bfast.com/]

Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\lovee\Application Data\Mozilla\Firefox\Profiles\cb2rb83t.default\cookies.txt[stat.onestat.com/]

Possible Virus. Not disinfected C:\Program Files\ewido anti-spyware 4.0\Patch.exe

Adware:Adware/IST.YourSiteBar Not disinfected C:\unzipped\HijackThis\backups\backup-20050628-095137-235.inf

Hacktool:Hacktool/PatchTCPSP2 Not disinfected D:\HCTS\HTS\appz\Cracks\HellLabs Proxy Checker v7.4.18\Parche Win XP-2000\patch211.zip[patch211/EvID4226Patch.exe]

Possible Virus. Not disinfected D:\My Documents\Applications\turbo-1.1.2.exe[²ÖÇ\Googlefox.exe]

Security Risk:Constructor/BVgen.A Not disinfected D:\My Documents\Applications\New Folder\bvgen.zip[sETINVAR.COM]

Virus:Univ.EP Disinfected D:\My Documents\Applications\New Folder\nrlg.zip[NUKE1.DAT]

Security Risk:Constructor/Polyengine.B Not disinfected D:\My Documents\Applications\New Folder\rme11.zip[RME11.OBJ]

Virus:W32/Tswsvk.Kit Disinfected D:\My Documents\Applications\New Folder\tswsvk.zip[TSWSVK.HLP]

Adware:Adware/WUpd Not disinfected D:\My Documents\Applications\Real-3D-Matrix.exe[¦&&\Zango\mg.exe]

Hacktool:HackTool/EvID Not disinfected D:\My Documents\Applications\EvID4226Patch223d-en.zip[EvID4226Patch.exe]

Possible Virus. Not disinfected D:\My Documents\Applications\Ewido ver 4\Ewido.Anti-Spyware4.0.0.172b.zip[Ewido.Anti-Spyware4.0.0.172b/Patch.exe]

Possible Virus. Not disinfected D:\My Documents\Applications\Ewido ver 4\Patch.exe

Virus:SymbOS/Skulls.D Not disinfected E:\My folder\nokia apps\SimworksAntivirusv116.zip[simworks_AnitiVirus_1.16_FULL_Dotsis.sis][]

Virus:Eicar.Mod Not disinfected E:\My folder\nokia apps\SimworksAntivirus12.zip[simworks_AntiVirus_1.12_Full_DotSiS.sis][]

Virus:Eicar.Mod Not disinfected E:\My folder\nokia apps\SimworksAntivirus12\Simworks_AntiVirus_1.12_Full_DotSiS.sis[]

Virus:SymbOS/Skulls.D Not disinfected E:\My folder\nokia apps\SimworksAntivirusv116\Simworks_AnitiVirus_1.16_FULL_Dotsis.sis[]

Virus:Trj/Clicker.LU Not disinfected E:\AIO DJ toolz\AIO-DJToolz[1]\AIO-DJToolz.exe[AutoPlay/Docs/DJ.Jukebox.6.0.CRK-FFF.zip][crack-inf.exe][adobemgr.exe]

Possible Virus. Not disinfected F:\Jaspal\Diablo2oo2 crackers\rlzer\PATCH\TASM32.EXE

Link to post
Share on other sites

ok here's my new HJT log..............

Logfile of HijackThis v1.99.1

Scan saved at 12:58:05 AM, on 11/17/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe

C:\WINDOWS\system32\vmnat.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\system32\taskswitch.exe

C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe

C:\WINDOWS\VM_STI.EXE

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\Wcescomm.exe

C:\Program Files\UberIcon\UberIcon Manager.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\PowerMenu\PowerMenu.exe

C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe

C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe

c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE

C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE

C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

c:\unzipped\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

F2 - REG:system.ini: Shell=explorer.exe ,svchost.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FLASHGET\jccatch.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"

O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL)

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"

O4 - HKCU\..\Run: [uberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"

O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe

O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe

O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: PowerMenu.lnk = C:\Program Files\PowerMenu\PowerMenu.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Phone Connection Monitor.lnk = ?

O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe

O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe

O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

Link to post
Share on other sites

ok here's another HJT log ..............

Logfile of HijackThis v1.99.1

Scan saved at 6:08:45 PM, on 11/17/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe

C:\WINDOWS\system32\vmnat.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\system32\taskswitch.exe

C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe

C:\WINDOWS\VM_STI.EXE

C:\Program Files\Multimedia Card Reader\shwicon2k.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\Wcescomm.exe

C:\Program Files\UberIcon\UberIcon Manager.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\PowerMenu\PowerMenu.exe

C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe

C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe

c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE

C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe

C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE

C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

D:\My Documents\Applications\utorrent.exe

C:\WINDOWS\system32\igfxsrvc.exe

c:\unzipped\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FLASHGET\jccatch.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"

O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL)

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"

O4 - HKCU\..\Run: [uberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"

O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe

O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzShadow\YzShadow.exe

O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: PowerMenu.lnk = C:\Program Files\PowerMenu\PowerMenu.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Phone Connection Monitor.lnk = ?

O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe

O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe

O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

Link to post
Share on other sites

Right Click the Desktop and Select New--> Folder--> Name it SysClean

  • Download the Sysclean Package to the folder you made.
  • Next,download the Virus Pattern Files (Official Pattern Release) to your desktop from Here
  • Right Click and Select Extract All to unzip the folder.
  • Now,from the unzipped folder,move lpt$vpn.XXX file to the SysClean folder.
  • Restart in SAFE MODE(Tap F8 when restarting)
  • Open the SysClean Folder and doubleclick sysclean.com
  • Be sure Automatically clean or delete detected files is checked.
  • Click the Scan button to begin,please be patient,it will take a little bit to finish.
  • Once complete,verify the log from the scan (SYSCLEAN.LOG) is in the SysClean folder and restart back to Normal Mode.
  • Copy&Paste those results in the next reply.

Tutorial from Trend

http://esupport.trendmicro.com/support/vie...entID=en-125991

Link to post
Share on other sites

Hi jassuji,

I'm sorry but we do not help people who have illegal software on their machines. It's in our Terms of Service which every member agrees to when they join the forums. Here's the excerpt from the ToS:

The posting of links or references to warez or any other type of illegal software is strictly forbidden. By doing so you risk having your user account terminated without warning. We will NOT help anyone we suspect of having obtained their software illegally.

I'm going to close this thread - if you have any questions feel free to contact me.

B

Link to post
Share on other sites
Guest
This topic is now closed to further replies.