My Comp is dying

S

SPhoenix

New Member
After a month of work on trying to fix it I came to the conclusion that its somewhere in my registry. I tried using everything to get rid of it, mcafee, spybot, spyware doctor, hijack this... everything. I thought it was a file called ntos.exe causing the problem, but I got rid of that and no help. The problem has made my computer extremely slow, especially on startup, and it will make my mouse pointer randomly freeze while the mouse still works. Any thoughts or help at all will be appreciated.
Here is a hijackthis log.

Logfile of HijackThis v1.99.1
Scan saved at 10:42:43 PM, on 4/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\OWNER~1.COM\LOCALS~1\Temp\Rar$EX00.641\HijackThis.exe

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\vsjhmfxg.dll",realset
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Uniblue Registry Booster2] C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe /S
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe
 
Last edited:
holdenssx

holdenssx

New Member
I believe he means to find Hijackthis.exe, right click it and select rename, then name it to something.exe

sorry about that Buzz1927
 
Last edited:
S

SPhoenix

New Member
Logfile of HijackThis v1.99.1
Scan saved at 11:07:01 PM, on 4/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner.COMPUTER-CC262C\Desktop\something.exe.exe

O2 - BHO: (no name) - {025652AB-95DF-4602-97A5-E86863AAD375} - C:\WINDOWS\system32\tsyoyohn.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\WINDOWS\system32\hggdecc.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: (no name) - {6695B693-9139-1B40-05BB-028F29D9AFB9} - C:\WINDOWS\system32\oorljqf.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7B52B612-D4DF-48E9-92BD-D2FE3FC09995} - C:\WINDOWS\system32\awvvt.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\ybgrluip.dll
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\kilsurrc.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\vdhjkfqk.dll",realset
O4 - HKLM\..\RunOnce: [KB926239] rundll32.exe apphelp.dll,ShimFlushCache
O4 - HKCU\..\Run: [Uniblue Registry Booster2] C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O20 - Winlogon Notify: awvvt - C:\WINDOWS\system32\awvvt.dll
O20 - Winlogon Notify: hggdecc - C:\WINDOWS\SYSTEM32\hggdecc.dll
O20 - Winlogon Notify: nnnlmnn - C:\WINDOWS\SYSTEM32\nnnlmnn.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe
 
S

SPhoenix

New Member
Buzz1927 said:
Ok, now we can see what we're dealing with.
Download and run this program, and post the log it generates here.
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
Click to expand...

[04/29/2007, 22:30:57] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Owner.COMPUTER-CC262C\Desktop\VirtumundoBeGone.exe" )
[04/29/2007, 22:31:02] - Detected System Information:
[04/29/2007, 22:31:02] - Windows Version: 5.1.2600, Service Pack 2
[04/29/2007, 22:31:02] - Current Username: Owner (Admin)
[04/29/2007, 22:31:02] - Windows is in NORMAL mode.
[04/29/2007, 22:31:02] - Searching for Browser Helper Objects:
[04/29/2007, 22:31:02] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[04/29/2007, 22:31:02] - BHO 2: {182B90A3-F372-438A-800C-6814B4DE417B} ()
[04/29/2007, 22:31:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/29/2007, 22:31:02] - Checking for HKLM\...\Winlogon\Notify\hggdecc
[04/29/2007, 22:31:02] - Found: HKLM\...\Winlogon\Notify\hggdecc - This is probably Virtumundo.
[04/29/2007, 22:31:02] - Assigning {182B90A3-F372-438A-800C-6814B4DE417B} MSEvents Object
[04/29/2007, 22:31:02] - BHO list has been changed! Starting over...
[04/29/2007, 22:31:02] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[04/29/2007, 22:31:02] - BHO 2: {182B90A3-F372-438A-800C-6814B4DE417B} (MSEvents Object)
[04/29/2007, 22:31:02] - ALERT: Found MSEvents Object!
[04/29/2007, 22:31:02] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
[04/29/2007, 22:31:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/29/2007, 22:31:02] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[04/29/2007, 22:31:02] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[04/29/2007, 22:31:02] - BHO 4: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} (PCTools Site Guard)
[04/29/2007, 22:31:02] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[04/29/2007, 22:31:02] - BHO 6: {B348C2D6-1556-4552-A6E7-8D68B603C7D3} ()
[04/29/2007, 22:31:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/29/2007, 22:31:02] - Checking for HKLM\...\Winlogon\Notify\awvvt
[04/29/2007, 22:31:02] - Found: HKLM\...\Winlogon\Notify\awvvt - This is probably Virtumundo.
[04/29/2007, 22:31:02] - Assigning {B348C2D6-1556-4552-A6E7-8D68B603C7D3} MSEvents Object
[04/29/2007, 22:31:02] - BHO list has been changed! Starting over...
[04/29/2007, 22:31:02] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[04/29/2007, 22:31:02] - BHO 2: {182B90A3-F372-438A-800C-6814B4DE417B} (MSEvents Object)
[04/29/2007, 22:31:02] - ALERT: Found MSEvents Object!
[04/29/2007, 22:31:02] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} ()
[04/29/2007, 22:31:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/29/2007, 22:31:02] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[04/29/2007, 22:31:02] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[04/29/2007, 22:31:02] - BHO 4: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} (PCTools Site Guard)
[04/29/2007, 22:31:02] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[04/29/2007, 22:31:03] - BHO 6: {B348C2D6-1556-4552-A6E7-8D68B603C7D3} (MSEvents Object)
[04/29/2007, 22:31:03] - ALERT: Found MSEvents Object!
[04/29/2007, 22:31:03] - BHO 7: {B56A7D7D-6927-48C8-A975-17DF180C71AC} (PCTools Browser Monitor)
[04/29/2007, 22:31:03] - Finished Searching Browser Helper Objects
[04/29/2007, 22:31:03] - *** Detected MSEvents Object
[04/29/2007, 22:31:03] - Trying to remove MSEvents Object...
[04/29/2007, 22:31:04] - Terminating Process: IEXPLORE.EXE
[04/29/2007, 22:31:05] - Terminating Process: RUNDLL32.EXE
[04/29/2007, 22:31:05] - Disabling Automatic Shell Restart
[04/29/2007, 22:31:05] - Terminating Process: EXPLORER.EXE
[04/29/2007, 22:31:05] - Suspending the NT Session Manager System Service
[04/29/2007, 22:31:05] - Terminating Windows NT Logon/Logoff Manager
[04/29/2007, 22:31:06] - Re-enabling Automatic Shell Restart
[04/29/2007, 22:31:06] - File to disable: C:\WINDOWS\system32\hggdecc.dll
[04/29/2007, 22:31:06] - Renaming C:\WINDOWS\system32\hggdecc.dll -> C:\WINDOWS\system32\hggdecc.dll.vir
[04/29/2007, 22:31:06] - ! File rename was unsucessful.
[04/29/2007, 22:31:06] - Attempting to Deny Access to C:\WINDOWS\system32\hggdecc.dll
[04/29/2007, 22:31:06] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[04/29/2007, 22:31:06] - processed file: C:\WINDOWS\system32\hggdecc.dll

[04/29/2007, 22:31:06] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[04/29/2007, 22:31:06] - Removing HKLM\...\Browser Helper Objects\{182B90A3-F372-438A-800C-6814B4DE417B}
[04/29/2007, 22:31:06] - Removing HKCR\CLSID\{182B90A3-F372-438A-800C-6814B4DE417B}
[04/29/2007, 22:31:06] - Adding Kill Bit for ActiveX for GUID: {182B90A3-F372-438A-800C-6814B4DE417B}
[04/29/2007, 22:31:06] - Deleting ATLEvents/MSEvents Registry entries
[04/29/2007, 22:31:06] - Removing HKLM\...\Winlogon\Notify\hggdecc
[04/29/2007, 22:31:06] - Searching for Browser Helper Objects:
[04/29/2007, 22:31:06] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[04/29/2007, 22:31:06] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} ()
[04/29/2007, 22:31:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/29/2007, 22:31:06] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[04/29/2007, 22:31:06] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[04/29/2007, 22:31:06] - BHO 3: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} (PCTools Site Guard)
[04/29/2007, 22:31:06] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[04/29/2007, 22:31:06] - BHO 5: {B348C2D6-1556-4552-A6E7-8D68B603C7D3} (MSEvents Object)
[04/29/2007, 22:31:06] - ALERT: Found MSEvents Object!
[04/29/2007, 22:31:06] - BHO 6: {B56A7D7D-6927-48C8-A975-17DF180C71AC} (PCTools Browser Monitor)
[04/29/2007, 22:31:06] - Finished Searching Browser Helper Objects
[04/29/2007, 22:31:06] - *** Detected MSEvents Object
[04/29/2007, 22:31:06] - Trying to remove MSEvents Object...
[04/29/2007, 22:31:07] - Terminating Process: IEXPLORE.EXE
[04/29/2007, 22:31:07] - Terminating Process: RUNDLL32.EXE
[04/29/2007, 22:31:07] - Disabling Automatic Shell Restart
[04/29/2007, 22:31:07] - Terminating Process: EXPLORER.EXE
[04/29/2007, 22:31:07] - Suspending the NT Session Manager System Service
[04/29/2007, 22:31:07] - Terminating Windows NT Logon/Logoff Manager
[04/29/2007, 22:31:07] - Re-enabling Automatic Shell Restart
[04/29/2007, 22:31:07] - File to disable: C:\WINDOWS\system32\awvvt.dll
[04/29/2007, 22:31:07] - Renaming C:\WINDOWS\system32\awvvt.dll -> C:\WINDOWS\system32\awvvt.dll.vir
[04/29/2007, 22:31:07] - ! File rename was unsucessful.
[04/29/2007, 22:31:07] - Attempting to Deny Access to C:\WINDOWS\system32\awvvt.dll
[04/29/2007, 22:31:07] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[04/29/2007, 22:31:07] - processed file: C:\WINDOWS\system32\awvvt.dll

[04/29/2007, 22:31:07] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[04/29/2007, 22:31:07] - Removing HKLM\...\Browser Helper Objects\{B348C2D6-1556-4552-A6E7-8D68B603C7D3}
[04/29/2007, 22:31:07] - Removing HKCR\CLSID\{B348C2D6-1556-4552-A6E7-8D68B603C7D3}
[04/29/2007, 22:31:07] - Adding Kill Bit for ActiveX for GUID: {B348C2D6-1556-4552-A6E7-8D68B603C7D3}
[04/29/2007, 22:31:07] - Deleting ATLEvents/MSEvents Registry entries
[04/29/2007, 22:31:07] - Removing HKLM\...\Winlogon\Notify\awvvt
[04/29/2007, 22:31:07] - Searching for Browser Helper Objects:
[04/29/2007, 22:31:07] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[04/29/2007, 22:31:07] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} ()
[04/29/2007, 22:31:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/29/2007, 22:31:07] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[04/29/2007, 22:31:07] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[04/29/2007, 22:31:07] - BHO 3: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} (PCTools Site Guard)
[04/29/2007, 22:31:07] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[04/29/2007, 22:31:07] - BHO 5: {B56A7D7D-6927-48C8-A975-17DF180C71AC} (PCTools Browser Monitor)
[04/29/2007, 22:31:07] - Finished Searching Browser Helper Objects
[04/29/2007, 22:31:07] - Finishing up...
[04/29/2007, 22:31:07] - A restart is needed.
[04/29/2007, 22:31:20] - Attempting to Restart via STOP error (Blue Screen!)
 
S

SPhoenix

New Member
Buzz1927 said:
Can you post a new Hijackthis log, cheers :)
Click to expand...

Logfile of HijackThis v1.99.1
Scan saved at 3:57:37 PM, on 4/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner.COMPUTER-CC262C\Desktop\something.exe.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKCU\..\Run: [Uniblue Registry Booster2] C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe



***This is something.exe not HijackThis.exe
 
Buzz1927

Buzz1927

Digaredd
The log's clean now, how are things running?

Delete these files (if found).

C:\WINDOWS\system32\hggdecc.dll
C:\WINDOWS\system32\awvvt.dll
 
S

SPhoenix

New Member
Well, the comp itself is running ok, still not as fast as it used to, I think my drive took a beating from all of it, I'm running a lot of volume checks and everything trying to speed it up. It still takes forever for windows to startup and i've done a lot of things that would normally boost the start up. I've already tried deleting those to files but they keep coming back. I'm going to try to run killbox and delete them.
 
Buzz1927

Buzz1927

Digaredd
I don't think that other program worked properly, try this instead.

Download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to run it.
  • Put a check next to Run VundoFix as a task.
  • You will receive a message saying vundofix will close and re-open in a minute or less. Click OK
  • When VundoFix re-opens, click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • In case it says that nothing was been found, Right click the list box (white box) in the main VundoFix window.
  • Select “Add More Files?” from the menu that comes up. This will open a new VundoFix window.
  • In the Window: copy and paste next in the first field: C:\WINDOWS\system32\hggdecc.dll
  • Copy and paste next in the second field: C:\WINDOWS\system32\ccedggh.*
  • Click the “Add Files” button.
  • Click the "Close Window" button.
  • Click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will shutdown your computer, click OK.
  • Turn your computer back on.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.
 
S

SPhoenix

New Member
This is the vundofix


VundoFix V6.3.21

Checking Java version...

Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Scan started at 10:51:41 PM 4/30/2007

Listing files found while scanning....

C:\WINDOWS\system32\aefkkxda.dll
C:\WINDOWS\system32\aorgxyxd.dll
C:\WINDOWS\system32\awvtt.dll
C:\WINDOWS\system32\cbxurol.dll
C:\WINDOWS\system32\cgwoywlc.ini
C:\WINDOWS\system32\clwyowgc.dll
C:\WINDOWS\system32\cwhpxysw.dll
C:\WINDOWS\system32\detfmuyr.dll
C:\WINDOWS\system32\dkplmkkt.dll
C:\WINDOWS\system32\emfhgwys.dll
C:\WINDOWS\system32\eswffilv.ini
C:\WINDOWS\system32\fccabaw.dll
C:\WINDOWS\system32\ffkupfaf.dll
C:\WINDOWS\system32\fkuqeniw.dll
C:\WINDOWS\system32\flhxmpwo.ini
C:\WINDOWS\system32\fmimhsqi.dll
C:\WINDOWS\system32\gtktjemy.dll
C:\WINDOWS\system32\hggeeby.dll
C:\WINDOWS\system32\hrfnmyyl.dll
C:\WINDOWS\system32\hyqfedvl.dll
C:\WINDOWS\system32\igdqtynf.dll
C:\WINDOWS\system32\inkauufn.ini
C:\WINDOWS\system32\iqshmimf.ini
C:\WINDOWS\system32\jfniotst.dll
C:\WINDOWS\system32\jkkijij.dll
C:\WINDOWS\system32\kcesfsia.dll
C:\WINDOWS\system32\kilsurrc.dll
C:\WINDOWS\system32\kqfgqtfe.dll
C:\WINDOWS\system32\kvmaitam.dll
C:\WINDOWS\system32\lpjbhbrw.dll
C:\WINDOWS\system32\lvdefqyh.ini
C:\WINDOWS\system32\maeslxkm.ini
C:\WINDOWS\system32\matiamvk.ini
C:\WINDOWS\system32\mgrknohm.ini
C:\WINDOWS\system32\mhonkrgm.dll
C:\WINDOWS\system32\mkxlseam.dll
C:\WINDOWS\system32\muudwtjo.dll
C:\WINDOWS\system32\nfuuakni.dll
C:\WINDOWS\system32\nnnlmnn.dll
C:\WINDOWS\system32\owpmxhlf.dll
C:\WINDOWS\system32\oyymdtmc.dll
C:\WINDOWS\system32\pqgfqkqt.dll
C:\WINDOWS\system32\pqtss.ini
C:\WINDOWS\system32\qcyctfab.dll
C:\WINDOWS\system32\qkjudsuj.dll
C:\WINDOWS\system32\rlocrqtr.dll
C:\WINDOWS\system32\sbtqwrry.ini
C:\WINDOWS\system32\sstqp.dll
C:\WINDOWS\system32\tqkqfgqp.ini
C:\WINDOWS\system32\ttvwa.ini
C:\WINDOWS\system32\ttwxnmox.dll
C:\WINDOWS\system32\tunblaxk.dll
C:\WINDOWS\system32\uxtdotje.dll
C:\WINDOWS\system32\vliffwse.dll
C:\WINDOWS\system32\wasypsmh.dll
C:\WINDOWS\system32\winequkf.ini
C:\WINDOWS\system32\winequkf.ini2
C:\WINDOWS\system32\winequkf.tmp
C:\WINDOWS\system32\wlplfifi.dll
C:\WINDOWS\system32\wrbhbjpl.ini
C:\WINDOWS\system32\wsyxphwc.ini
C:\WINDOWS\system32\xktgykro.dll
C:\WINDOWS\system32\xomnxwtt.ini
C:\WINDOWS\system32\ybgrluip.dll
C:\WINDOWS\system32\yrrwqtbs.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\aefkkxda.dll
C:\WINDOWS\system32\aefkkxda.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\aorgxyxd.dll
C:\WINDOWS\system32\aorgxyxd.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\awvtt.dll
C:\WINDOWS\system32\awvtt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\cbxurol.dll
C:\WINDOWS\system32\cbxurol.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\cgwoywlc.ini
C:\WINDOWS\system32\cgwoywlc.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\clwyowgc.dll
C:\WINDOWS\system32\clwyowgc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\cwhpxysw.dll
C:\WINDOWS\system32\cwhpxysw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\detfmuyr.dll
C:\WINDOWS\system32\detfmuyr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\dkplmkkt.dll
C:\WINDOWS\system32\dkplmkkt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\emfhgwys.dll
C:\WINDOWS\system32\emfhgwys.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\eswffilv.ini
C:\WINDOWS\system32\eswffilv.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\fccabaw.dll
C:\WINDOWS\system32\fccabaw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ffkupfaf.dll
C:\WINDOWS\system32\ffkupfaf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fkuqeniw.dll
C:\WINDOWS\system32\fkuqeniw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\flhxmpwo.ini
C:\WINDOWS\system32\flhxmpwo.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\fmimhsqi.dll
C:\WINDOWS\system32\fmimhsqi.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\gtktjemy.dll
C:\WINDOWS\system32\gtktjemy.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hggeeby.dll
C:\WINDOWS\system32\hggeeby.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hrfnmyyl.dll
C:\WINDOWS\system32\hrfnmyyl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hyqfedvl.dll
C:\WINDOWS\system32\hyqfedvl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\igdqtynf.dll
C:\WINDOWS\system32\igdqtynf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\inkauufn.ini
C:\WINDOWS\system32\inkauufn.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\iqshmimf.ini
C:\WINDOWS\system32\iqshmimf.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\jfniotst.dll
C:\WINDOWS\system32\jfniotst.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jkkijij.dll
C:\WINDOWS\system32\jkkijij.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kcesfsia.dll
C:\WINDOWS\system32\kcesfsia.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kilsurrc.dll
C:\WINDOWS\system32\kilsurrc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kqfgqtfe.dll
C:\WINDOWS\system32\kqfgqtfe.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kvmaitam.dll
C:\WINDOWS\system32\kvmaitam.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lpjbhbrw.dll
C:\WINDOWS\system32\lpjbhbrw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lvdefqyh.ini
C:\WINDOWS\system32\lvdefqyh.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\maeslxkm.ini
C:\WINDOWS\system32\maeslxkm.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\matiamvk.ini
C:\WINDOWS\system32\matiamvk.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\mgrknohm.ini
C:\WINDOWS\system32\mgrknohm.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\mhonkrgm.dll
C:\WINDOWS\system32\mhonkrgm.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mkxlseam.dll
C:\WINDOWS\system32\mkxlseam.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\muudwtjo.dll
C:\WINDOWS\system32\muudwtjo.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nfuuakni.dll
C:\WINDOWS\system32\nfuuakni.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnnlmnn.dll
C:\WINDOWS\system32\nnnlmnn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\owpmxhlf.dll
C:\WINDOWS\system32\owpmxhlf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\oyymdtmc.dll
C:\WINDOWS\system32\oyymdtmc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqgfqkqt.dll
C:\WINDOWS\system32\pqgfqkqt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pqtss.ini
C:\WINDOWS\system32\pqtss.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\qcyctfab.dll
C:\WINDOWS\system32\qcyctfab.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qkjudsuj.dll
C:\WINDOWS\system32\qkjudsuj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\rlocrqtr.dll
C:\WINDOWS\system32\rlocrqtr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\sbtqwrry.ini
C:\WINDOWS\system32\sbtqwrry.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\sstqp.dll
C:\WINDOWS\system32\sstqp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tqkqfgqp.ini
C:\WINDOWS\system32\tqkqfgqp.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttvwa.ini
C:\WINDOWS\system32\ttvwa.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttwxnmox.dll
C:\WINDOWS\system32\ttwxnmox.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tunblaxk.dll
C:\WINDOWS\system32\tunblaxk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\uxtdotje.dll
C:\WINDOWS\system32\uxtdotje.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vliffwse.dll
C:\WINDOWS\system32\vliffwse.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wasypsmh.dll
C:\WINDOWS\system32\wasypsmh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\winequkf.ini
C:\WINDOWS\system32\winequkf.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\winequkf.ini2
C:\WINDOWS\system32\winequkf.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\winequkf.tmp
C:\WINDOWS\system32\winequkf.tmp Has been deleted!

Attempting to delete C:\WINDOWS\system32\wlplfifi.dll
C:\WINDOWS\system32\wlplfifi.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wrbhbjpl.ini
C:\WINDOWS\system32\wrbhbjpl.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\wsyxphwc.ini
C:\WINDOWS\system32\wsyxphwc.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xktgykro.dll
C:\WINDOWS\system32\xktgykro.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xomnxwtt.ini
C:\WINDOWS\system32\xomnxwtt.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ybgrluip.dll
C:\WINDOWS\system32\ybgrluip.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yrrwqtbs.dll
C:\WINDOWS\system32\yrrwqtbs.dll Has been deleted!

Performing Repairs to the registry.
Done!
 
S

SPhoenix

New Member
This is the hijackthis/something.exe

Logfile of HijackThis v1.99.1
Scan saved at 10:33:33 PM, on 5/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner.COMPUTER-CC262C\Desktop\something.exe.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe
 
S

SPhoenix

New Member
Buzz1927 said:
Log looks clean now, run AVG AntiSpyware and see what turns up. Save the report it creates and post it here.
http://downloads.grisoft.cz/softw/70/filedir/inst/avgas-setup-7.5.0.50.exe
Click to expand...

Okay, the first time i ran it, it hit a problem and stopped, the second time it ran fine. Here's a log of the second time.

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:58:19 PM 5/5/2007

+ Scan result:



C:\Documents and Settings\Owner.COMPUTER-CC262C\Desktop\backups\backup-20070427-230758-285.dll -> Adware.BHO : Ignored.
C:\WINDOWS\system32\etdjiaoh.dll -> Adware.BHO : Ignored.
C:\WINDOWS\system32\keaqvnmj.dll -> Adware.BHO : Ignored.
C:\WINDOWS\system32\nytlelyw.dll -> Adware.BHO : Ignored.
C:\WINDOWS\system32\odgbdwem.dll -> Adware.BHO : Ignored.
C:\WINDOWS\system32\tsyoyohn.dll -> Adware.BHO : Ignored.
C:\WINDOWS\system32\uoolnedr.dll -> Adware.BHO : Ignored.
C:\WINDOWS\system32\uswdofuo.dll -> Adware.BHO : Ignored.
C:\WINDOWS\system32\vpramgyo.dll -> Adware.BHO : Ignored.
C:\WINDOWS\system32\yjcxifse.dll -> Adware.BHO : Ignored.
C:\WINDOWS\system32\ytdgwxoh.dll -> Adware.BHO : Ignored.
HKU\S-1-5-21-73586283-1580818891-725345543-1005\Software\ADV -> Adware.Generic : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Local Settings\Temp\b122.exe -> Adware.Softomate : Ignored.
C:\Program Files\Common Files\{D0EEFE3E-0CE0-1033-0627-050602040001}\Update.exe -> Adware.Softomate : Ignored.
C:\Program Files\Common Files\{D0EEFE3E-0CE0-1033-0627-050602040001}\system.dll -> Adware.Softomate : Ignored.
C:\RECYCLER\S-1-5-18\Dc1\Update.exe~ -> Adware.Softomate : Ignored.
C:\RECYCLER\S-1-5-18\Dc1\system.dll -> Adware.Softomate : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Local Settings\Temp\kkfapsmr.dll -> Adware.Virtumonde : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Local Settings\Temp\b129.exe -> Adware.WebHancer : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Local Settings\Temp\win1D.tmp.exe -> Downloader.Agent.bdr : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Local Settings\Temp\win22.tmp.exe -> Downloader.Agent.bgn : Ignored.
C:\VundoFix Backups\fccabaw.dll.bad -> Downloader.NF : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Local Settings\Temp\b128.exe -> Downloader.PurityScan.eh : Ignored.
C:\WINDOWS\system32\v6.exe~ -> Hijacker.Agent.jb : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Local Settings\Temp\win19.tmp.exe -> Logger.Agent.or : Ignored.
:mozilla.154:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.247realmedia : Ignored.
:mozilla.141:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.142:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.143:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.144:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.145:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.146:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.147:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.15:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.16:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.258:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.259:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.156:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.157:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.333:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.334:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.6:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\59fgmy5e.default\cookies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.7:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\59fgmy5e.default\cookies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.159:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Adengage : Ignored.
:mozilla.8:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\59fgmy5e.default\cookies.txt -> TrackingCookie.Adtech : Ignored.
:mozilla.9:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\59fgmy5e.default\cookies.txt -> TrackingCookie.Adtech : Ignored.
:mozilla.83:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.84:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.85:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.86:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Advertising : Ignored.
:mozilla.87:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Advertising : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Cookies\owner@advertising[1].txt -> TrackingCookie.Advertising : Ignored.
:mozilla.98:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Cookies\owner@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored.
:mozilla.94:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Bridgetrack : Ignored.
:mozilla.95:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Bridgetrack : Ignored.
:mozilla.96:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Bridgetrack : Ignored.
:mozilla.97:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Bridgetrack : Ignored.
:mozilla.397:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Burstbeacon : Ignored.
:mozilla.180:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.181:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.398:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.128:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.129:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.130:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.131:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.363:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Clickhype : Ignored.
:mozilla.188:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Com : Ignored.
:mozilla.33:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\59fgmy5e.default\cookies.txt -> TrackingCookie.Cqcounter : Ignored.
:mozilla.359:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Cqcounter : Ignored.
:mozilla.12:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies.txt -> TrackingCookie.Doubleclick : Ignored.
:mozilla.63:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Cookies\owner@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignored.
:mozilla.92:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.93:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.13:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\59fgmy5e.default\cookies.txt -> TrackingCookie.Falkag : Ignored.
:mozilla.14:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\59fgmy5e.default\cookies.txt -> TrackingCookie.Falkag : Ignored.
:mozilla.403:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Googleadservices : Ignored.
:mozilla.239:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Hotlog : Ignored.
:mozilla.49:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Mediaplex : Ignored.
:mozilla.332:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Netflame : Ignored.
:mozilla.275:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Overture : Ignored.
:mozilla.163:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.164:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.165:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.166:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.167:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Pointroll : Ignored.
:mozilla.292:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Questionmarket : Ignored.
:mozilla.293:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Questionmarket : Ignored.
:mozilla.294:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Questionmarket : Ignored.
:mozilla.315:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Realmedia : Ignored.
:mozilla.316:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Realmedia : Ignored.
:mozilla.100:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.101:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.102:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.103:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.104:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.105:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.106:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.13:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.14:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies.txt -> TrackingCookie.Revsci : Ignored.
:mozilla.99:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Revsci : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Cookies\owner@revsci[1].txt -> TrackingCookie.Revsci : Ignored.
:mozilla.211:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.212:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.213:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.214:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.215:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Ru4 : Ignored.
:mozilla.120:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.121:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.122:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.123:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.124:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.125:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.126:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.127:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.343:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.344:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Valueclick : Ignored.
:mozilla.387:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Webtrends : Ignored.
:mozilla.34:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\59fgmy5e.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.35:C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\59fgmy5e.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.37:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.38:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.39:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.40:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.41:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.42:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.43:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.44:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.46:C:\Documents and Settings\Owner.COMPUTER-CC262C\Application Data\Mozilla\Firefox\Profiles\u4jk0t8w.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Ignored.
C:\System Volume Information\_restore{6904CA45-A8A8-493E-95D0-32EE0D5D1AEC}\RP18\A0006817.dll -> Trojan.Agent.acl : Ignored.
C:\WINDOWS\system32\out.dll -> Trojan.Agent.adl : Ignored.
C:\WINDOWS\system32\drvluk.dll -> Trojan.Agent.qt : Ignored.
C:\Documents and Settings\Owner.COMPUTER-CC262C\Local Settings\Temp\qvwjraeq.dll -> Trojan.BHO.g : Ignored.


::Report end
 
Buzz1927

Buzz1927

Digaredd
The report says you ignored everything, did you delete them (there's 2 times when you can save the report, does my head in!).
 
You must log in or register to reply here.
Top