We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Probs with www.007guard.com.... HELP!!!!!!!!!
Comments
-
127.0.0.1 f0.thezirius.com
127.0.0.1 f1.thezirius.com
127.0.0.1 f2.thezirius.com
127.0.0.1 f3.thezirius.com
127.0.0.1 f4.thezirius.com
127.0.0.1 f5.thezirius.com
127.0.0.1 f6.thezirius.com
127.0.0.1 f7.thezirius.com
127.0.0.1 f8.thezirius.com
127.0.0.1 f9.thezirius.com
127.0.0.1 finditquick.com
127.0.0.1 www.finditquick.com
127.0.0.1 iwantsearch.net
127.0.0.1 www.iwantsearch.net
127.0.0.1 lskdfjlerjvm.com
127.0.0.1 www.lskdfjlerjvm.com
127.0.0.1 new3sh.net
127.0.0.1 www.new3sh.net
127.0.0.1 partner.finditquick.com
127.0.0.1 popunder.adsrevenue.net
127.0.0.1 rsztriv-aaqada.com
127.0.0.1 www.rsztriv-aaqada.com
127.0.0.1 s0.thezirius.com
127.0.0.1 s1.thezirius.com
127.0.0.1 s2.thezirius.com
127.0.0.1 s2fnew.com
127.0.0.1 www.s2fnew.com
127.0.0.1 s3.thezirius.com
127.0.0.1 s4.thezirius.com
127.0.0.1 s5.thezirius.com
127.0.0.1 s6.thezirius.com
127.0.0.1 s7.thezirius.com
127.0.0.1 s8.thezirius.com
127.0.0.1 s9.thezirius.com
127.0.0.1 searchmeup.biz
127.0.0.1 www.searchmeup.biz
127.0.0.1 search-true.com
127.0.0.1 www.search-true.com
127.0.0.1 setup.theoreon.com
127.0.0.1 www.smart-security.biz
127.0.0.1 theoreon.com
127.0.0.1 www.theoreon.com
127.0.0.1 thezirius.com
127.0.0.1 www.thezirius.com
127.0.0.1 topportalsite.org
127.0.0.1 www.topportalsite.org
127.0.0.1 ueornaaqada.com
127.0.0.1 www.ueornaaqada.com
127.0.0.1 ueorn-rsztriv.com
127.0.0.1 www.ueorn-rsztriv.com
127.0.0.1 ueorn-vtvcp.com
127.0.0.1 www.ueorn-vtvcp.com
127.0.0.1 ueornygco.com
127.0.0.1 www.ueornygco.com
127.0.0.1 ueornymct.com
127.0.0.1 www.ueornymct.com
127.0.0.1 vtvcp-ueorn.com
127.0.0.1 www.vtvcp-ueorn.com
127.0.0.1 vtvcp-ymct.com
127.0.0.1 www.vtvcp-ymct.com
127.0.0.1 ygcoueorn.com
127.0.0.1 www.ygcoueorn.com
127.0.0.1 ygcovtvcp.com
127.0.0.1 www.ygcovtvcp.com
127.0.0.1 ymctaaqada.com
127.0.0.1 www.ymctaaqada.com
127.0.0.1 ymct-aaqada.com
127.0.0.1 www.ymct-aaqada.com
127.0.0.1 youniyouwo.com
127.0.0.1 www.youniyouwo.com
127.0.0.1 livetds.com
127.0.0.1 www.livetds.com
127.0.0.1 xyzsolution.com
127.0.0.1 www.xyzsolution.com
127.0.0.1 abcdperformance.com
127.0.0.1 www.abcdperformance.com
127.0.0.1 codechot.net
127.0.0.1 www.codechot.net
127.0.0.1 ataprogram.com
127.0.0.1 www.ataprogram.com
127.0.0.1 codecdvi.com
127.0.0.1 www.codecdvi.com
127.0.0.1 codecnice.net
127.0.0.1 www.codecnice.net
127.0.0.1 codecpretty.net
127.0.0.1 www.codecpretty.net
127.0.0.1 dapsolution.com
127.0.0.1 www.dapsolution.com
127.0.0.1 flycodecs.com
127.0.0.1 www.flycodecs.com
127.0.0.1 pmffprogram.com
127.0.0.1 www.pmffprogram.com
127.0.0.1 shockbabetv.com
127.0.0.1 www.shockbabetv.com
127.0.0.1 bestdailyvids.com
127.0.0.1 www.bestdailyvids.com
127.0.0.1 ad.oinadserver.com
127.0.0.1 oinadserver.com
127.0.0.1 www.oinadserver.com
127.0.0.1 ad.outerinfoads.com
127.0.0.1 outerinfoads.com
127.0.0.1 www.outerinfoads.com
127.0.0.1 campaigns.outerinfo.net
127.0.0.1 fp.outerinfo.net
127.0.0.1 nf.outerinfo.net
127.0.0.1 outerinfo.net
127.0.0.1 www.outerinfo.net
127.0.0.1 shareaza.com
127.0.0.1 www.shareaza.com
127.0.0.1 avsmanufacture.com
127.0.0.1 www.avsmanufacture.com
127.0.0.1 codecmeg.net
127.0.0.1 www.codecmeg.net
127.0.0.1 codecmpg.com
127.0.0.1 www.codecmpg.com
127.0.0.1 codecops.net
127.0.0.1 www.codecops.net
127.0.0.1 codecultra.net
127.0.0.1 www.codecultra.net
127.0.0.1 mymetavids.com
127.0.0.1 www.mymetavids.com
127.0.0.1 sysprocedure.com
127.0.0.1 www.sysprocedure.com
127.0.0.1 uc8010.com
127.0.0.1 www.uc8010.com
127.0.0.1 ucmal.com
127.0.0.1 www.ucmal.com
127.0.0.1 antispywareboot.com
127.0.0.1 www.antispywareboot.com
127.0.0.1 spybotcom.com
127.0.0.1 www.spybotcom.com
127.0.0.1 awarenesstech.com
127.0.0.1 www.awarenesstech.com
127.0.0.1 amigobore.com
127.0.0.1 www.amigobore.com
127.0.0.1 bkvcompany.com
127.0.0.1 www.bkvcompany.com
127.0.0.1 codecbsplay.com
127.0.0.1 www.codecbsplay.com
127.0.0.1 codecpro.net
127.0.0.1 www.codecpro.net
127.0.0.1 codecviva.com
127.0.0.1 www.codecviva.com
127.0.0.1 codeczang.net
127.0.0.1 www.codeczang.net
127.0.0.1 mvvproduction.com
127.0.0.1 www.mvvproduction.com
127.0.0.1 siiprogram.com
127.0.0.1 www.siiprogram.com
127.0.0.1 sisperformance.com
127.0.0.1 www.sisperformance.com
127.0.0.1 katasearch.com
127.0.0.1 www.katasearch.com
127.0.0.1 preferiti-windows.com
127.0.0.1 www.preferiti-windows.com
127.0.0.1 tuttoavolonta.com
127.0.0.1 www.tuttoavolonta.com
127.0.0.1 archivioadulti.com
127.0.0.1 www.archivioadulti.com
127.0.0.1 qoogler.com
127.0.0.1 www.qoogler.com
127.0.0.1 asafetyalways.com
127.0.0.1 www.asafetyalways.com
127.0.0.1 garfirm.com
127.0.0.1 www.garfirm.com
127.0.0.1 mymysticporn.com
127.0.0.1 www.mymysticporn.com
127.0.0.1 somenude!!!!.com
127.0.0.1 www.somenude!!!!.com
127.0.0.1 spybot-free.com
127.0.0.1 www.spybot-free.com
127.0.0.1 stable2.com
127.0.0.1 www.stable2.com
127.0.0.1 tuvcompany.com
127.0.0.1 www.errorsweeper.com
127.0.0.1 errorsweeper.com
127.0.0.1 www.hqcodectime.net
127.0.0.1 hqcodectime.net
127.0.0.1 www.pcprivacytool.com
127.0.0.1 pcprivacytool.com
127.0.0.1 www.qazcodec.net
127.0.0.1 qazcodec.net
127.0.0.1 www.www-spybotcom.com
127.0.0.1 www-spybotcom.com
127.0.0.1 www.www-SpywareBot.org
127.0.0.1 www-SpywareBot.org
127.0.0.1 www.tuvcompany.com
127.0.0.1 www.add-hhh.info
127.0.0.1 add-hhh.info
127.0.0.1 adintelligence.net
127.0.0.1 www.adintelligence.net
127.0.0.1 www.adware.pro
127.0.0.1 adware.pro
127.0.0.1 adwarealert.com
127.0.0.1 www.adwarealert.com
127.0.0.1 ad-warealert.com
127.0.0.1 www.ad-warealert.com
127.0.0.1 adwarearrest.com
127.0.0.1 www.adwarearrest.com
127.0.0.1 allcollisions.com
127.0.0.1 www.allcollisions.com
127.0.0.1 blackcodec.com
127.0.0.1 www.blackcodec.com
127.0.0.1 codecmoon.com
127.0.0.1 www.codecmoon.com
127.0.0.1 codecplay.com
127.0.0.1 www.codecplay.com
127.0.0.1 www.creatonsoft.com
127.0.0.1 creatonsoft.com
127.0.0.1 www.doofo.com
127.0.0.1 doofo.com
127.0.0.1 download.adintelligence.net
127.0.0.1 encodeinstrument.com
127.0.0.1 www.encodeinstrument.com
127.0.0.1 errorsmart.com
127.0.0.1 www.errorsmart.com
127.0.0.1 evidenceeraser.com
127.0.0.1 www.evidenceeraser.com
127.0.0.1 explorertool.net
127.0.0.1 www.explorertool.net
127.0.0.1 fapparatus.com
127.0.0.1 www.fapparatus.com
127.0.0.1 fastmediaservice.com
127.0.0.1 www.fastmediaservice.com
127.0.0.1 firecodec.com
127.0.0.1 www.firecodec.com
127.0.0.1 www.free-pc-repair.com
127.0.0.1 free-pc-repair.com
127.0.0.1 free-registrysmart.com
127.0.0.1 www.free-registrysmart.com
127.0.0.1 www.gasan.ru
127.0.0.1 gasan.ru
127.0.0.1 gicoupler.com
127.0.0.1 www.gicoupler.com
127.0.0.1 hotlinkfiles.com
127.0.0.1 www.hotlinkfiles.com
127.0.0.1 hqcodecvip.com
127.0.0.1 www.hqcodecvip.com
127.0.0.1 www.movstube.com
127.0.0.1 movstube.com
127.0.0.1 nitrocodec.com
127.0.0.1 www.nitrocodec.com
127.0.0.1 photorepositary.com
127.0.0.1 www.photorepositary.com
127.0.0.1 www.picturesbomb.com
127.0.0.1 picturesbomb.com
127.0.0.1 pornwizardry.com
127.0.0.1 www.pornwizardry.com
127.0.0.1 privacycontrol.com
127.0.0.1 www.privacycontrol.com
127.0.0.1 privacycontrols.com
127.0.0.1 www.privacycontrols.com
127.0.0.1 www.privacytower.com
127.0.0.1 privacytower.com
127.0.0.1 pvgadget.com
127.0.0.1 www.pvgadget.com
127.0.0.1 regclean.com
127.0.0.1 www.regclean.com
127.0.0.1 www.regrecall.com
127.0.0.1 regrecall.com
127.0.0.1 www.regsweep.com
127.0.0.1 regsweep.com
127.0.0.1 www.remover.org
127.0.0.1 remover.org
127.0.0.1 www.restore-pc.com
127.0.0.1 restore-pc.com
127.0.0.1 rockingmovs.com
127.0.0.1 www.rockingmovs.com
127.0.0.1 search-and-destroy.com
127.0.0.1 www.search-and-destroy.com
127.0.0.1 spacecodec.com
127.0.0.1 www.spacecodec.com
127.0.0.1 www.spywareremover.com
127.0.0.1 spywareremover.com
127.0.0.1 www.starzvideos.net
127.0.0.1 starzvideos.net
127.0.0.1 www.turbocodec.com
127.0.0.1 turbocodec.com
127.0.0.1 tw7890.com
127.0.0.1 www.tw7890.com
127.0.0.1 update.shareaza.com
127.0.0.1 videoadaptation.com
127.0.0.1 www.videoadaptation.com
127.0.0.1 www.viewdevice.com
127.0.0.1 viewdevice.com
127.0.0.1 viewutility.com
127.0.0.1 www.viewutility.com
127.0.0.1 www.vipcodecvip.com
127.0.0.1 vipcodecvip.com
127.0.0.1 www.virusheat.com
127.0.0.1 virusheat.com
127.0.0.1 websoft-a.com
127.0.0.1 www.websoft-a.com
127.0.0.1 ynotube.com
127.0.0.1 www.ynotube.com
127.0.0.1 www.ad25.com
127.0.0.1 www.ad45.com
127.0.0.1 www.ad77.com
127.0.0.1 www.ad86.com
127.0.0.1 www.antispywareupdates.net
127.0.0.1 antispywareupdates.net
127.0.0.1 www.blockcheckercontrol.com
127.0.0.1 blockcheckercontrol.com
127.0.0.1 www.dvd-codec.com
127.0.0.1 dvd-codec.com
127.0.0.1 www.mega-downloads.net
127.0.0.1 mega-downloads.net
127.0.0.1 www.reliablestats.com
127.0.0.1 reliablestats.com
127.0.0.1 www.safenavweb.com
127.0.0.1 safenavweb.com
127.0.0.1 spybotsearchudestroy.mega-downloads.net
127.0.0.1 www.spywareisolator.com
127.0.0.1 spywareisolator.com
127.0.0.1 www.spywarestop.com
127.0.0.1 spywarestop.com
127.0.0.1 www.websoftcodecdriver.com
127.0.0.1 websoftcodecdriver.com
127.0.0.1 www.websoftcodecdriver2.com
127.0.0.1 websoftcodecdriver2.com
127.0.0.1 www.winxpspeedup.com
127.0.0.1 winxpspeedup.com
127.0.0.1 www.x-webdesign.com
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\!!3FC3CF53-170B-4856-BDCD-4F65FAA7EC55}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\!!3FC3CF53-170B-4856-BDCD-4F65FAA7EC55}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\!!3FC3CF53-170B-4856-BDCD-4F65FAA7EC55}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» EndUse your judgement, and above all, be honest with yourself.
I walk with the world & the world walks with me!I don't make bad choices!!! Other people just fail to see my GENIUS !!!!
0 -
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:11:20, on 25/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - !!163D9676-810E-11DC-8314-0800200C9A66} - (no file)
O2 - BHO: (no name) - !!4A54500A-65FE-4F4A-B860-20EAE2F577F9} - (no file)
O2 - BHO: SSVHelper Class - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - !!7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - !!9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: ie-improver - {C83829DC-9A95-4923-9833-060CF209A1BF} - C:\Program Files\SystemApp\ie-improver1.dll
O2 - BHO: (no name) - {CF7B59C7-6A1C-4FB7-AFAF-36B0309F8D6D} - (no file)
O2 - BHO: (no name) - {E54F68E8-2B1E-4E32-A147-8A653AC94337} - (no file)
O3 - Toolbar: &Google - !!2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [MSF_Monitor] C:\PROGRA~1\MYSECR~1\MSFMON.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - !!4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - !!4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: !!17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: !!30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: !!4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: !!56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/2109677eade4c6dc5518/netzip/RdxIE601.cab
O16 - DPF: !!5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: !!6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1192444844968
O16 - DPF: !!6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1192444754217
O16 - DPF: !!6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://adobe.kodakgallery.co.uk/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: !!7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cathynmonboysnfriends.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: xxyvwwv - xxyvwwv.dll (file missing)
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
--
End of file - 8276 bytes
bUse your judgement, and above all, be honest with yourself.
I walk with the world & the world walks with me!I don't make bad choices!!! Other people just fail to see my GENIUS !!!!
0 -
looking at the first log, have you ever used spybots hosts file ??Ex forum ambassador
Long term forum member0 -
looking at the first log, have you ever used spybots hosts file ??
ermmmmmmmmmmmmmmmmmmmm maybe in the past (i think)
Use your judgement, and above all, be honest with yourself.
I walk with the world & the world walks with me!I don't make bad choices!!! Other people just fail to see my GENIUS !!!!
0 -
fix these in hijackthis
O2 - BHO: (no name) - !!163D9676-810E-11DC-8314-0800200C9A66} - (no file)
O2 - BHO: (no name) - !!4A54500A-65FE-4F4A-B860-20EAE2F577F9} - (no file)
O2 - BHO: (no name) - !!7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ie-improver - {C83829DC-9A95-4923-9833-060CF209A1BF} - C:\Program Files\SystemApp\ie-improver1.dll
O2 - BHO: (no name) - {CF7B59C7-6A1C-4FB7-AFAF-36B0309F8D6D} - (no file)
O2 - BHO: (no name) - {E54F68E8-2B1E-4E32-A147-8A653AC94337} - (no file)
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: xxyvwwv - xxyvwwv.dll (file missing)Ex forum ambassador
Long term forum member0 -
ermmmmmmmmmmmmmmmmmmmm maybe in the past (i think)
explains all those entries
download and run
www.superantispyware.com
the free version on the blue download button
Install it and double-click the icon on your desktop to run it.
· It will ask if you want to update the program definitions, click Yes.
· Under Configuration and Preferences, click the Preferences button.
· Click the Scanning Control tab.
· Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
· On the main screen, under Scan for Harmful Software click Scan your computer.
· On the left check C:\Fixed Drive.
· On the right, under Complete Scan, choose Perform Complete Scan.
· Click Next to start the scan. Please be patient while it scans your computer.
· After the scan is complete a summary box will appear. Click OK.
· Make sure everything in the white box has a check next to it, then click Next.
· It will quarantine what it found and if it asks if you want to reboot, click Yes.
· To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click the SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click and choose copy.
· Click close and close again to exit the program.
· Please paste that information here for me (will take about 30-40 minutes to run )Ex forum ambassador
Long term forum member0 -
fix these in hijackthis
O2 - BHO: (no name) - !!163D9676-810E-11DC-8314-0800200C9A66} - (no file)
O2 - BHO: (no name) - !!4A54500A-65FE-4F4A-B860-20EAE2F577F9} - (no file)
O2 - BHO: (no name) - !!7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ie-improver - {C83829DC-9A95-4923-9833-060CF209A1BF} - C:\Program Files\SystemApp\ie-improver1.dll
O2 - BHO: (no name) - {CF7B59C7-6A1C-4FB7-AFAF-36B0309F8D6D} - (no file)
O2 - BHO: (no name) - {E54F68E8-2B1E-4E32-A147-8A653AC94337} - (no file)
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: xxyvwwv - xxyvwwv.dll (file missing)
done mate .... now what?Use your judgement, and above all, be honest with yourself.
I walk with the world & the world walks with me!I don't make bad choices!!! Other people just fail to see my GENIUS !!!!
0 -
explains all those entries
download and run
www.superantispyware.com
the free version on the blue download button
Install it and double-click the icon on your desktop to run it.
· It will ask if you want to update the program definitions, click Yes.
· Under Configuration and Preferences, click the Preferences button.
· Click the Scanning Control tab.
· Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
· On the main screen, under Scan for Harmful Software click Scan your computer.
· On the left check C:\Fixed Drive.
· On the right, under Complete Scan, choose Perform Complete Scan.
· Click Next to start the scan. Please be patient while it scans your computer.
· After the scan is complete a summary box will appear. Click OK.
· Make sure everything in the white box has a check next to it, then click Next.
· It will quarantine what it found and if it asks if you want to reboot, click Yes.
· To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click the SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click and choose copy.
· Click close and close again to exit the program.
· Please paste that information here for me (will take about 30-40 minutes to run )
some are already checked.... uncheck them or just add what you said above?Use your judgement, and above all, be honest with yourself.
I walk with the world & the world walks with me!I don't make bad choices!!! Other people just fail to see my GENIUS !!!!
0 -
just add as shownEx forum ambassador
Long term forum member0 -
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 03/25/2008 at 07:46 PM
Application Version : 4.0.1154
Core Rules Database Version : 3424
Trace Rules Database Version: 1416
Scan type : Complete Scan
Total Scan Time : 01:27:38
Memory items scanned : 433
Memory threats detected : 0
Registry items scanned : 4753
Registry threats detected : 1
File items scanned : 16510
File threats detected : 139
Adware.Vundo Variant
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#!!4A54500A-65FE-4F4A-B860-20EAE2F577F9}
Adware.Tracking Cookie
C:\Documents and Settings\spikey\Cookies\spikey@adopt.euroclick[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@questionmarket[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@adtech[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@bs.serving-sys[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@server.iad.liveperson[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@adbrite[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@ads.adbrite[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@msnportal.112.2o7[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@112.2o7[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@rocku.adbureau[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@videoegg.adbureau[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@serving-sys[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@ads.devbook[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@ad.uk.tangozebra[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@e-2dj6wgkyqidjwbp.stats.esomniture[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@adtech[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@e-2dj6wjliwkajebp.stats.esomniture[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@apmebf[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@tracking.summitmedia.co[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@doubleclick[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@advertising[3].txt
C:\Documents and Settings\spikey\Cookies\spikey@advertising[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@adviva[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@ad1.emediate[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@adrevolver[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@adrevolver[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@doubleclick[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@ad1.emediate[3].txt
C:\Documents and Settings\spikey\Cookies\spikey@dealtime[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@adinterax[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@media.adrevolver[3].txt
C:\Documents and Settings\spikey\Cookies\spikey@statcounter[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@stat.dealtime[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@e-2dj6wjkyeid5waq.stats.esomniture[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@media.adrevolver[4].txt
C:\Documents and Settings\spikey\Cookies\spikey@media.adrevolver[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@ad.uk.tangozebra[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@media.adrevolver[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@ad.uk.tangozebra[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@msnportal.112.2o7[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@ad.uk.tangozebra[3].txt
C:\Documents and Settings\spikey\Cookies\spikey@ads.planetactive[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@adopt.euroclick[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@overture[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@e-2dj6wdkioic5gkp.stats.esomniture[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@e-2dj6wflokoajgco.stats.esomniture[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@richmedia.yahoo[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@counter.marketplaceadvisor.channeladvisor[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@tacoda[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@revsci[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@hotelopia.112.2o7[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@bs.serving-sys[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@hitbox[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@mediaplex[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@bannersng.yell[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@bs.serving-sys[3].txt
C:\Documents and Settings\spikey\Cookies\spikey@ehg-foxmovies.hitbox[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@112.2o7[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@e-2dj6whmyanajgdo.stats.esomniture[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@mediaplex[3].txt
C:\Documents and Settings\spikey\Cookies\spikey@e-2dj6wfkykkd5ggq.stats.esomniture[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@e-2dj6wfkyuoc5cdp.stats.esomniture[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@2o7[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@server.lon.liveperson[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@e-2dj6wfkokgdpieo.stats.esomniture[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@atdmt[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@server.lon.liveperson[3].txt
C:\Documents and Settings\spikey\Cookies\spikey@questionmarket[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@azjmp[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@serving-sys[3].txt
C:\Documents and Settings\spikey\Cookies\spikey@serving-sys[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@statse.webtrendslive[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@atdmt[3].txt
C:\Documents and Settings\spikey\Cookies\spikey@specificclick[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@pro-market[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@tradedoubler[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@tradedoubler[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@bluestreak[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@overture[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@bbs.porncity[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@media.mtvnservices[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@realteenpictureclub[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@questionmarket[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@www.nakedonthestreets[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@specificclick[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@adopt.euroclick[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@cz6.clickzs[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@www.tight-teenies[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@ad1.clickhype[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@ads.bnmedia[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@richmedia.yahoo[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@www.googleadservices[3].txt
C:\Documents and Settings\spikey\Cookies\spikey@adultfriendfinder[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@ads.addynamix[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@twelvefifteen[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@tribalfusion[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@imeem.112.2o7[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@2o7[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@serving-sys[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@ero-advertising[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@ads.pointroll[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@revsci[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@www.penisbot[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@adopt.specificclick[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@overture[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@prospect.adbureau[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@youporn[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@tradedoubler[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@teenrotica[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@stat.dealtime[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@track.braincash[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@advertising[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@worldsex[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@msnportal.112.2o7[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@dealtime.co[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@adbrite[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@adecn[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@azjmp[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@www.twelvefifteen[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@image.masterstats[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@clickcompare[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@www.adultcrowd[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@bannersng.yell[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@ad.zanox[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@zedo[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@adtech[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@bs.serving-sys[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@pro-market[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@adultcrowd[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@adultadworld[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@indextools[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@ads.adgoto[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@bestsexworld[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@freeadultmedia[1].txt
C:\Documents and Settings\spikey\Cookies\spikey@partypoker[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@rb4.worldsex[2].txt
C:\Documents and Settings\spikey\Cookies\spikey@tracking.summitmedia.co[1].txt
AS requested mate............. damn thing took ages lol
DISCLAIMER: I HAVE NO IDEA HOW SOME OF THE SITES MENTIONED ARE ON THE LISTS !!!!!!!!!!!!!!!!!!!!!!!!!!!!Use your judgement, and above all, be honest with yourself.
I walk with the world & the world walks with me!I don't make bad choices!!! Other people just fail to see my GENIUS !!!!
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.2K Work, Benefits & Business
- 600.8K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards