1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

computer problems plz help

Discussion in 'Windows - Virus and spyware problems' started by redhouse, Oct 6, 2006.

Page 1 of 3
  1. redhouse

    redhouse Regular member

    Joined:
    Apr 21, 2006
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    26
    my computer has gotting very slow just in a day i dont know whats worng with it. it takes at least 5 min to start up rather than just a min. the cpu usage is allways high about 90-100 and sound effects are lagy and so is mouse. i used nod32 antivirus system to do a full system cheeck and spydoctor and nothing showed up. also i keep getting a msg box that says

    "data execution prevention-microsoft windows
    to help protect your computer, windows has closed this program.
    name: Windows Explorer
    Publisher: Microsoft corporation"

    and the only buttion i can choose is close message
    what should i do to fix this problem
    sorry for grammer errors and other stuff
    thanks in advance
     
    redhouse, Oct 6, 2006
    #1
  2. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Hello redhouse,

    Download HijackThis.
    Create a folder in C: named HjT.
    Extract the file to the new folder.
    Open HijackThis.exe.
    Click "Do a system scan and save a log file".
    Post that log file in you next reply.
     
    Niobis, Oct 6, 2006
    #2
  3. redhouse

    redhouse Regular member

    Joined:
    Apr 21, 2006
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    26
    Logfile of HijackThis v1.99.1
    Scan saved at 3:01:09 AM, on 10/7/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5450.0004)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\LClock\LClock.exe
    C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\AOL\1159844513\ee\AOLSoftware.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Diablo II\Game.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\John\Desktop\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {400741D2-9379-42DD-BED9-D7DBF9185DFC} - C:\WINDOWS\awvectp.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Documents and Settings\John\Desktop\Spyware Doctor\tools\iesdsg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - C:\WINDOWS\system32\oobrynyo.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\DOCUME~1\John\Desktop\SPYWAR~1\tools\iesdpb.dll
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Program Files\VSToolbar\VSToolBar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [D_V_T] C:\\dvt.exe /S \C:\\d_v_t.reg\
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1159844513\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PSPHost] "C:\Program Files\PSPHost\PSPHost.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\DOCUME~1\John\Desktop\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
    O16 - DPF: {554F4AD7-8432-4F08-F306-650E5F1558DA} - http://85.255.113.214/1/gdnUS2339.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1159216013454
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159215978798
    O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2405.exe
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O20 - Winlogon Notify: awvectp - C:\WINDOWS\awvectp.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: File Security Kernel Anti-Spyware Driver (ikhfile) - PCTools Research Pty Ltd. - C:\Documents and Settings\John\Desktop\Spyware Doctor\ikhfile.sys
    O23 - Service: Kernel Anti-Spyware Driver (ikhlayer) - PCTools Research Pty Ltd. - C:\Documents and Settings\John\Desktop\Spyware Doctor\ikhlayer.sys
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Documents and Settings\John\Desktop\Spyware Doctor\SDhelper.exe (file missing)
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe





    is this what your looking for thanks 4 quick reply
     
    redhouse, Oct 6, 2006
    #3
  4. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Yes, thank you.

    Download VundoFix to your desktop.

    Double-click VundoFix.exe to run it.
    Click the Scan for Vundo button.
    Once it's done scanning, click the Remove Vundo button.
    You will receive a prompt asking if you want to remove the files, click YES
    Once you click yes, your desktop will go blank as it starts removing Vundo.
    When completed, it will prompt that it will reboot your computer, click OK.

    Note: It is possible that VundoFix encountered a file it could not remove.
    In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

    Go here to download the trial version of AVG Anti-spyware.

    Install and update.
    Restart your computer in safe mode(press F8 upon boot, select "Safe Mode" from menu and press Enter).
    Open AVG AS and click "Scanner".
    Click "Complete System Scan".
    When it finishes scanning, set all items to "Quarantine".
    Click "Apply All Actions".
    Click "Save Report".
    Click "Save report as" and save it to the desktop.

    Post the contents of C:\vundofix.txt, the AVG report and a new HijackThis log.
     
    Last edited: Oct 6, 2006
    Niobis, Oct 6, 2006
    #4
  5. redhouse

    redhouse Regular member

    Joined:
    Apr 21, 2006
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    26

    VundoFix V6.2.0

    Checking Java version...

    Java version is 1.5.0.6

    Scan started at 3:41:08 AM 10/7/2006

    Listing files found while scanning....

    C:\WINDOWS\system32\nxuxjkwa.dll
    C:\WINDOWS\system32\tnvafhyc.dll
    C:\WINDOWS\system32\wyjtkqqi.dll
    C:\WINDOWS\system32\hivvkfyv.exe
    C:\WINDOWS\awvectp.dll
    C:\WINDOWS\ptcevwa.ini
    C:\WINDOWS\ptcevwa.bak1
    C:\WINDOWS\ptcevwa.ini2
    C:\WINDOWS\ptcevwa.tmp

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\nxuxjkwa.dll
    C:\WINDOWS\system32\nxuxjkwa.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\tnvafhyc.dll
    C:\WINDOWS\system32\tnvafhyc.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\wyjtkqqi.dll
    C:\WINDOWS\system32\wyjtkqqi.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\hivvkfyv.exe
    C:\WINDOWS\system32\hivvkfyv.exe Has been deleted!

    Attempting to delete C:\WINDOWS\awvectp.dll
    C:\WINDOWS\awvectp.dll Could not be deleted.

    Attempting to delete C:\WINDOWS\ptcevwa.ini
    C:\WINDOWS\ptcevwa.ini Has been deleted!

    Attempting to delete C:\WINDOWS\ptcevwa.bak1
    C:\WINDOWS\ptcevwa.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\ptcevwa.ini2
    C:\WINDOWS\ptcevwa.ini2 Has been deleted!

    Attempting to delete C:\WINDOWS\ptcevwa.tmp
    C:\WINDOWS\ptcevwa.tmp Has been deleted!

    Performing Repairs to the registry.
    Done!

    Beginning removal...

    Attempting to delete C:\WINDOWS\awvectp.dll
    C:\WINDOWS\awvectp.dll Has been deleted!

    Performing Repairs to the registry.
    Done!
    this is the C:\vundofix.txt




    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 8:28:39 PM 10/7/2006

    + Scan result:



    HKLM\SOFTWARE\Microsoft\VisualStudio\Analyzer\Events\{6C736D71-BCBF-11D0-8A23-00AA00B58E10} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
    C:\Documents and Settings\John\Local Settings\Temporary Internet Files\Content.IE5\CPIV41UB\c[1].htm -> Hijacker.Linker.b : Cleaned with backup (quarantined).
    C:\VundoFix Backups\nxuxjkwa.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\tnvafhyc.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\VundoFix Backups\wyjtkqqi.dll.bad -> Logger.VBStat.e : Cleaned with backup (quarantined).
    C:\Program Files\DIGStream\digstream.exe -> Not-A-Virus.Downloader.Win32.DigStream : Cleaned with backup (quarantined).
    C:\Documents and Settings\John\Local Settings\Temporary Internet Files\Content.IE5\8PHGFQFY\SysProtectScannerInstall[1].cab/USYP_0002_N91M1708NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned with backup (quarantined).
    C:\Documents and Settings\John\Local Settings\Temporary Internet Files\Content.IE5\8PHGFQFY\WinAntiVirusPro2006FreeInstall[1].cab/UWA6P_0001_N91M1807NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned with backup (quarantined).
    C:\Program Files\ESET\infected\OBSEEHAA.NQF -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned with backup (quarantined).
    :mozilla.258:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.259:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.261:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.262:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.263:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.264:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.265:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.266:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Owner\Cookies\owner@cneteurope.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    C:\Documents and Settings\Owner\Cookies\owner@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.127:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.140:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.212:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.269:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.284:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.370:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.494:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.496:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.620:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.654:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.670:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.67:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.70:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.71:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.72:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.74:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.75:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    C:\Documents and Settings\John\Cookies\john@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.189:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
    C:\Documents and Settings\John\Cookies\john@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.222:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.223:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.224:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.225:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.226:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    C:\Documents and Settings\John\Cookies\john@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.19:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.63:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    C:\Documents and Settings\John\Cookies\john@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.33:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
    :mozilla.31:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.32:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.34:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.137:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.138:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.139:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.140:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.141:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.173:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
    :mozilla.174:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
    :mozilla.562:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
    :mozilla.399:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.400:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.153:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Com : Cleaned.
    C:\Documents and Settings\Owner\Cookies\owner@com[1].txt -> TrackingCookie.Com : Cleaned.
    C:\Documents and Settings\John\Cookies\john@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
    :mozilla.26:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.43:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Documents and Settings\John\Cookies\john@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.336:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.337:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.338:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.55:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.56:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.57:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.58:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    C:\Documents and Settings\John\Cookies\john@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.64:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.65:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.65:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.66:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.66:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.136:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.16:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.17:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.18:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.70:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
    :mozilla.116:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
    :mozilla.384:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.61:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.378:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
    :mozilla.379:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
    :mozilla.36:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.123:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
    :mozilla.133:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.134:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.135:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.21:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.22:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.23:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.147:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
    :mozilla.186:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.187:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.188:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
    :mozilla.181:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.182:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.183:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.184:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.111:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.112:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.113:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.114:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.117:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
    :mozilla.161:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.162:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.163:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.164:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.559:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.560:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    C:\Documents and Settings\John\Cookies\john@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.71:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
    :mozilla.393:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.394:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.141:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.142:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.143:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.167:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.185:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.30:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.38:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.42:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.43:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.610:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\John\Cookies\john@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\John\Cookies\john@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
    C:\Documents and Settings\Owner\Cookies\owner@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.392:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.79:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.82:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.83:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.84:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.85:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.86:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.87:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.88:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    C:\Documents and Settings\John\Cookies\john@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
    C:\Documents and Settings\John\Cookies\john@trafficmp[3].txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.415:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
    :mozilla.220:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.221:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.44:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.45:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.46:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.47:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.48:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.49:C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.201:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.202:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.203:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.204:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.205:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.206:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.428:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.72:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
    :mozilla.39:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.40:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.41:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    C:\Documents and Settings\John\Cookies\john@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.333:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.334:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.335:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    C:\WINDOWS\system32\oobrynyo.dll -> Trojan.BHO.g : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined).


    ::Report end

    this is AVG Anti Spyware report




    Logfile of HijackThis v1.99.1
    Scan saved at 8:30:25 PM, on 10/7/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5450.0004)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\John\Desktop\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {400741D2-9379-42DD-BED9-D7DBF9185DFC} - C:\WINDOWS\awvectp.dll (file missing)
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Documents and Settings\John\Desktop\Spyware Doctor\tools\iesdsg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - C:\WINDOWS\system32\oobrynyo.dll (file missing)
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\DOCUME~1\John\Desktop\SPYWAR~1\tools\iesdpb.dll
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Program Files\VSToolbar\VSToolBar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [D_V_T] C:\\dvt.exe /S \C:\\d_v_t.reg\
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1159844513\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PSPHost] "C:\Program Files\PSPHost\PSPHost.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\DOCUME~1\John\Desktop\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
    O16 - DPF: {554F4AD7-8432-4F08-F306-650E5F1558DA} - http://85.255.113.214/1/gdnUS2339.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1159216013454
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159215978798
    O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2405.exe
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: File Security Kernel Anti-Spyware Driver (ikhfile) - PCTools Research Pty Ltd. - C:\Documents and Settings\John\Desktop\Spyware Doctor\ikhfile.sys
    O23 - Service: Kernel Anti-Spyware Driver (ikhlayer) - PCTools Research Pty Ltd. - C:\Documents and Settings\John\Desktop\Spyware Doctor\ikhlayer.sys
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Documents and Settings\John\Desktop\Spyware Doctor\SDhelper.exe (file missing)
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

    this is hijackthis log






     
    redhouse, Oct 7, 2006
    #5
  6. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    HijackThis was run in safe mode, next log please run the scan in normal mode.

    Go here and download CWShredder.
    Open cwshredder.exe
    Click "Scan only".
    If anything is found, click "Fix ->"
    If nothing is found, click "Next"
    Exit CWShredder.

    If you did not install VSToolBar go to Add/Remove Programs and uninstall it.
    Then delete the folder: C:\Program Files\[bold]VSToolBar[/bold]

    Run a scan only with HijackThis, check these(if there):

    [bold]R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3...ilion&pf=laptop

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O2 - BHO: (no name) - {400741D2-9379-42DD-BED9-D7DBF9185DFC} - C:\WINDOWS\awvectp.dll (file missing)

    O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - C:\WINDOWS\system32\oobrynyo.dll (file missing)

    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)

    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

    O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Program Files\VSToolbar\VSToolBar.dll [/bold] Only if you uninstalled VSToolBar.

    [bold]O16 - DPF: {554F4AD7-8432-4F08-F306-650E5F1558DA} - http://85.255.113.214/1/gdnUS2339.exe

    O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2405.exe [/bold]

    Close all windows except HijackThis, then click "Fix checked".

    Then, go here and download [bold]ATF Cleaner[/bold].

    Open AFT Cleaner.
    Check "Select All".
    Click "Empty Selected".

    Restart and post a new HijackThis log.

    How are things?
     
    Niobis, Oct 7, 2006
    #6
  7. redhouse

    redhouse Regular member

    Joined:
    Apr 21, 2006
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    26
    Logfile of HijackThis v1.99.1
    Scan saved at 9:54:31 PM, on 10/7/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5450.0004)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\WINDOWS\ehome\ehtray.exe
    c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\LClock\LClock.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\AOL\1159844513\ee\AOLSoftware.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\John\Desktop\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Documents and Settings\John\Desktop\Spyware Doctor\tools\iesdsg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\DOCUME~1\John\Desktop\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [D_V_T] C:\\dvt.exe /S \C:\\d_v_t.reg\
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1159844513\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PSPHost] "C:\Program Files\PSPHost\PSPHost.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\DOCUME~1\John\Desktop\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1159216013454
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159215978798
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: File Security Kernel Anti-Spyware Driver (ikhfile) - PCTools Research Pty Ltd. - C:\Documents and Settings\John\Desktop\Spyware Doctor\ikhfile.sys
    O23 - Service: Kernel Anti-Spyware Driver (ikhlayer) - PCTools Research Pty Ltd. - C:\Documents and Settings\John\Desktop\Spyware Doctor\ikhlayer.sys
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Documents and Settings\John\Desktop\Spyware Doctor\SDhelper.exe (file missing)
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe


    still the same and very high cpu usage
     
    redhouse, Oct 7, 2006
    #7
  8. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Hmm, your log is clean now.

    Press Ctrl+Alt+Del > Processes tab. What program is using a high CPU and memory usage?

    Go here and run Kaspersky Online Scanner.
    Accept the terms.
    After downloading, click "My Computer".
    After scanning, click "Save report as".
    Save as a text file and post it here.
     
    Niobis, Oct 7, 2006
    #8
  9. redhouse

    redhouse Regular member

    Joined:
    Apr 21, 2006
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    26
    its hard to tell what is high.
    its just not the same as before this happen
    i can see a little improvements like mouse it not skipping around the screen when i move it
    but i can tell its not the same because when i try to play a computer games it skips stops lag
    and it used to play perfict before
    when i try to play a movie it skips and repits and frame rate is realy bad not like before
    also stupid things take up the cpu like refreshing a webpage
    extracting things from winrar
    and other small things that shouldent take up all the cpu

    i cant run Kaspersky Online Scanner dont know y. when i try to click accept it doesent do anything
     
    Last edited: Oct 7, 2006
    redhouse, Oct 7, 2006
    #9
  10. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Go here and run ActiveScan. When it finishes, save the resutls and post them.
     
    Niobis, Oct 7, 2006
    #10
  11. redhouse

    redhouse Regular member

    Joined:
    Apr 21, 2006
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    26

    Incident Status Location

    Adware:Adware/Lop Not disinfected C:\Documents and Settings\John\Application Data\ezpinst.exe
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.advertising.com/]
    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.tribalfusion.com/]
    Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.fastclick.net/]
    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.tribalfusion.com/]
    Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.fastclick.net/]
    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.tribalfusion.com/]
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.adrevolver.com/]
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.advertising.com/]
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[ad.yieldmanager.com/]
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.atdmt.com/]
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.adrevolver.com/]
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[ad.yieldmanager.com/]
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.doubleclick.net/]
    Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.ccbill.com/]
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.as-eu.falkag.net/]
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.mediaplex.com/]
    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.questionmarket.com/]
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.overture.com/]
    Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[searchportal.information.com/]
    Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\qmfvp0jj.default\cookies.txt[.toplist.cz/]
    Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt[.cdfreaks.com/]
    Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt[.club.cdfreaks.com/]
    Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b2mq7mig.default\cookies.txt[.fortunecity.com/]
     
    redhouse, Oct 8, 2006
    #11
  12. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Open HijackThis.
    Click "Open the Misc Tools section"
    Click "Generate StartupList log.
    Click Yes.
    Post that log.
     
    Niobis, Oct 8, 2006
    #12
  13. redhouse

    redhouse Regular member

    Joined:
    Apr 21, 2006
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    26
    StartupList report, 10/8/2006, 11:47:07 PM
    StartupList version: 1.52.2
    Started from : C:\Documents and Settings\John\Desktop\HijackThis_v1.99.1.EXE
    Detected: Windows XP SP2 (WinNT 5.01.2600)
    Detected: Internet Explorer v7.00 (7.00.5450.0004)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
    C:\Program Files\LClock\LClock.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\AOL\1159844513\ee\AOLSoftware.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Diablo II\Game.exe
    C:\Documents and Settings\John\Desktop\HijackThis_v1.99.1.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    Bluetooth.lnk = ?
    HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    ehTray = C:\WINDOWS\ehome\ehtray.exe
    ATIPTA = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Default) =
    QPService = "C:\Program Files\HP\QuickPlay\QPService.exe"
    eabconfg.cpl = C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    RecGuard = C:\Windows\SMINST\RecGuard.exe
    hpWirelessAssistant = C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe
    D_V_T = C:\\dvt.exe /S \C:\\d_v_t.reg\
    HP Software Update = C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    LClock = C:\Program Files\LClock\LClock.exe
    SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    HostManager = C:\Program Files\Common Files\AOL\1159844513\ee\AOLSoftware.exe
    IPHSend = C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
    !AVG Anti-Spyware = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
    MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background

    --------------------------------------------------

    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=Explorer.exe
    SCRNSAVE.EXE=*Registry value not found*
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry value not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    --------------------------------------------------


    Enumerating Browser Helper Objects:

    (no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - (no file) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}
    (no name) - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    (no name) - (no file) - {B56A7D7D-6927-48C8-A975-17DF180C71AC}

    --------------------------------------------------

    Enumerating Download Program Files:

    [WUWebControl Class]
    InProcServer32 = C:\WINDOWS\system32\wuweb.dll
    CODEBASE = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1159216013454

    [MUWebControl Class]
    InProcServer32 = C:\WINDOWS\system32\muweb.dll
    CODEBASE = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159215978798

    [ActiveScan Installer Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll
    CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab

    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\system32\webcheck.dll
    SysTray: C:\WINDOWS\system32\stobject.dll
    WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll

    --------------------------------------------------
    End of report, 7,062 bytes
    Report generated in 0.047 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
    redhouse, Oct 8, 2006
    #13
  14. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Show hidden files and folders.
    Control Panel > Folder Options > View tab > check "show hidden files and folders".

    Delete this file:
    C:\Documents and Settings\John\Application Data\[bold]ezpinst.exe[/bold]

    If access is denied delete it in safe mode.

    Run ATF Cleaner to clean cookies. Click Firefox from menu.

    Restart.

    Still high CPU usage?
     
    Niobis, Oct 8, 2006
    #14
  15. redhouse

    redhouse Regular member

    Joined:
    Apr 21, 2006
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    26
    yep
     
    redhouse, Oct 9, 2006
    #15
  16. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Damn. I hate to send you to run another online scan, but can you run Kaspersky Online Scan now? Be sure to use Internet Explorer.
     
    Niobis, Oct 9, 2006
    #16
  17. redhouse

    redhouse Regular member

    Joined:
    Apr 21, 2006
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    26
    Damn. I hate to send you to run another online scan, but can you run Kaspersky Online Scan now? Be sure to use Internet Explorer.

    i feel u. i appresiate all you have done for me and with all the time and help. ill do anyhting to fix this stupid problem excepet restore the computer because i have been done that road a couple times and its not pretty. also i cant any more because i dont have dics.

    when i go here http://www.kaspersky.com/virusscanner and on ie7 i think

    then i click on kaspersky online scanner i get this to this screen http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html

    when i hit accept iam asked to install activex. and i hit install and i get this link and i dont know what to do then
    http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html



     
    Last edited: Oct 9, 2006
    redhouse, Oct 9, 2006
    #17
  18. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Niobis, Oct 9, 2006
    #18
  19. redhouse

    redhouse Regular member

    Joined:
    Apr 21, 2006
    Messages:
    121
    Likes Received:
    0
    Trophy Points:
    26
    it said it found 8 viruses and deleted them and so many infected files i forgot to save the report for it is there any way i can get it back and show u
     
    Last edited: Oct 10, 2006
    redhouse, Oct 10, 2006
    #19
  20. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Nah, you'd have to run it again, and they wouldn't be there. Do you remember any names?

    How are things now? Internet working in normal mode?

    Post a new HijackThislog.
     
    Niobis, Oct 10, 2006
    #20
Page 1 of 3

Share This Page