Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Task Manager Not Working - Winupdates.exe


  • This topic is locked This topic is locked
14 replies to this topic

#1 jmedeiros7

jmedeiros7

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 17 November 2005 - 10:55 PM

Logfile of HijackThis v1.99.1
Scan saved at 10:10:23 PM, on 11/17/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\RioMSC.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\winupdates\winupdates.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\BDPAUSER\Local Settings\TEMP\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [zixmkiqfrq] C:\WINDOWS\System32\jvicas.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Kstuquic] C:\Program Files\Ctijk\Rkhkkxq.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKCU\..\Run: [Soao] C:\Documents and Settings\BDPAUSER\Application Data\ttdi.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Jtfsu] C:\WINDOWS\System32\wtj.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123187472449
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)

Thanks! :thumbsup:

BC AdBot (Login to Remove)

 


#2 JG427

JG427

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 21 November 2005 - 09:08 PM

Hi, jmedeiros7.


Your copy of hijackthis has not been unzipped and is located in a temporary directory.
When the temp files are cleaned out, the program and backup files it makes will be lost.

Instead of hunting it down and moving it, let's download a new one.
Click the link below, then choose to save it to your drive. Go to the download location and double click hijackthis_sfx.exe.
A box will open, choose unzip, then close the box. A hijackthis folder will be placed at C:\Program Files\HijackThis.

http://www.merijn.org/files/hijackthis_sfx.exe




Please download The Brute Force Uninstaller
Unzip it to a folder of it’s own (c:\BFU).
Start the Brute Force Uninstaller by double clicking BFU.exe

Click the globe icon button in the upper right corner (Open Script URL..)
Download BFU script... box should open
Copy and paste this line into the box:
http://metallica.geekstogo.com/p2pnetwork.bfu

Click Ok
Then click execute in Brute Force Uninstaller.

Wait for the complete script execution box to popup and press OK.
Exit from The Brute Force Uninstaller.

Scan with hijackthis and post a fresh log.
Posted Image

#3 jmedeiros7

jmedeiros7
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 23 November 2005 - 04:25 PM

I hope i did it right... i did everything you said.
New Log:
Logfile of HijackThis v1.99.1
Scan saved at 4:22:15 PM, on 11/23/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\RioMSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\EmergencyUtils\Copy_of_Taskmgr.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [zixmkiqfrq] C:\WINDOWS\System32\jvicas.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Kstuquic] C:\Program Files\Ctijk\Rkhkkxq.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Soao] C:\Documents and Settings\BDPAUSER\Application Data\ttdi.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Jtfsu] C:\WINDOWS\System32\wtj.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123187472449
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)

#4 JG427

JG427

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 23 November 2005 - 07:59 PM

It looks like we got rid of winupdates.
Is taskmanager working now?

I couldn't find any information on this file, ttdi.exe, but I suspect it is bad.
Please submit the following file at this online malware scanner by clicking the browse button at the top of the page and navigate to:
C:\Documents and Settings\BDPAUSER\Application Data\ttdi.exe
Copy the results and post them in your next reply.

Change these settings before running the online scan to show hidden and system files:
Open Windows Explorer & Go to Tools > Folder Options.
Click on the View tab
Place a checkmark at "Show hidden files and folders"
Uncheck "Hide protected operating system files"
Uncheck "hide extensions for known file types"
click "Apply to all folders"
Click "Apply" then "OK"


Let's do some cleanup.
Scan with hijackthis and checkmark these lines:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R3 - Default URLSearchHook is missing

O4 - HKLM\..\Run: [zixmkiqfrq] C:\WINDOWS\System32\jvicas.exe

O4 - HKLM\..\Run: [Kstuquic] C:\Program Files\Ctijk\Rkhkkxq.exe

O4 - HKCU\..\Run: [Jtfsu] C:\WINDOWS\System32\wtj.exe

O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)

Close all browsers and open windows, except hijackthis, and click fix checked.
Exit from hijackthis.

Go to add\remove programs in control panel and see if Ebates or MoeMoneyMaker is listed.
Click remove if found.

Next, delete the following files or folders marked in bold:
(some may be missing, delete all you find)
C:\WINDOWS\System32\jvicas.exe
C:\Program Files\Ctijk<-- delete folder
C:\WINDOWS\System32\wtj.exe
C:\Program Files\Ebates_MoeMoneyMaker<-- delete folder

Let's run an online scan to check for any remaining bad files.
Run an online scan at Panda's Active Scan Save the log and post it in your next reply.

Restart your system after the online scan.
Scan with hijackthis and post a fresh log.

Edited by JG427, 23 November 2005 - 08:01 PM.

Posted Image

#5 jmedeiros7

jmedeiros7
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 23 November 2005 - 10:01 PM

yes!! taskmanager works...
most recent HJT log (prior to panda scan, but after i deleted those files you told me to delete):
Logfile of HijackThis v1.99.1
Scan saved at 9:39:38 PM, on 11/23/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\RioMSC.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HijackThis.exe

F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Soao] C:\Documents and Settings\BDPAUSER\Application Data\ttdi.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123187472449
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)

-i tried to run the panda activescan, but this is what came up when i ran it:
"An error has occurred downloading Panda ActiveScan. Please repeat the process. If the error occurs again, restart your system and try againPossible causes of this error are:

Not allowing the application's ActiveX control to be downloaded.

Problems with the Internet connection.

The error could be due to a download error or an installation error due to lack of hard disk space, privileges etc.,... "
I restarted my computer, and i cleared some space on my hard disk. But still, nothing.

-When i entered C:\Documents and Settings\BDPAUSER\Application Data\ttdi.exe into that website, this is what came up:
"The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file"

-And when i went to delete those files, none of them showed up when i searched for them.

I cant thank you enough for all the help your giving me, and for putting up with such a computer aliterate person such as myself... you rock. :thumbsup:

#6 JG427

JG427

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 24 November 2005 - 12:16 AM

-When i entered C:\Documents and Settings\BDPAUSER\Application Data\ttdi.exe into that website, this is what came up:
"The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file"


Check the properties of the file ttdi.exe by right clicking it, choose properties and if it does say the file size is 0 bytes
then go ahead and delete it. In any case lets fix this line in hijackthis:
O4 - HKCU\..\Run: [Soao] C:\Documents and Settings\BDPAUSER\Application Data\ttdi.exe


I would like to try a scan with ewido since panda did not work out.
The ewido scan will show malware remaining on your system, including backup locations in spybot and adaware.
Let's delete these backups to reduce the number of items in the ewido log.
You may still see several items in the ewido log, but most should not be an active infection.

Open spybot and click on recovery.
Right click and select all, then click purge selected items.

Open AdAware, if you have it installed, and click on the lock icon.
Right click and select all quarantined objects then click delete.

Clean out temporary and TIF files.
Click the start button, then click on Run..... and type in the box: cleanmgr.
Let it scan your system for files to remove.
Make sure these 3 are checked and then press *ok* to remove:
Temporary Files
Temporary Internet Files
Recycle Bin

Please download, install, and update the free version of ewido security suite:
When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Click on update in the left menu, then click the Start update button.

Next, click on the Scanner button in the left menu, then click on complete system scan.
When ewido finds something, it will pop up a notification.
Select "clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on ok.
When the scan finishes, click on "Save Report".

Post the report from ewido.
It's located in the folder at C:\Program Files\ewido\security suite\Reports.
Posted Image

#7 jmedeiros7

jmedeiros7
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 24 November 2005 - 05:43 PM

hi
i tried to do the disk cleanup... but it wouldnt go past the first stage... you know, when that window pops up that says "compress old files"
I deleted the things you told me from adaware and spybot though...
i did the virus scan, and this is the log it gave me:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 5:36:45 PM, 11/24/2005
+ Report-Checksum: 3D6ED356

+ Scan result:

:mozilla.38:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.39:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.40:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.41:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.43:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.44:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.45:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.46:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.47:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.48:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.49:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.50:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.53:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.54:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.55:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.56:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.58:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.59:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.60:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.66:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.67:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.107:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.108:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.109:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.110:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.111:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.112:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.113:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.114:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.115:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.116:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.117:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.118:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.119:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.120:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.121:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.122:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.123:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.124:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.125:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.126:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.127:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.128:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.129:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.130:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.131:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.132:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.133:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.134:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.135:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.136:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.137:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.138:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.139:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.140:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.141:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.142:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.143:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.144:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.145:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.146:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.147:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.148:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.149:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.150:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.151:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.152:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.153:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.154:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.155:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.156:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.160:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.171:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.172:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.173:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.174:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.175:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.188:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.189:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.236:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.237:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.239:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.240:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.241:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.242:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.243:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.244:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.246:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.247:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.249:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.250:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.251:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.252:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.253:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.254:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.255:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.256:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.257:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.265:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.266:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.270:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.271:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.272:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.273:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.274:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.275:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.288:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.289:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.290:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.291:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.292:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.293:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.294:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.296:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.297:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.298:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.324:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.329:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.330:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.331:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.344:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.352:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.353:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.354:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.355:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.356:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.357:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.358:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.359:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.360:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.361:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.372:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.405:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.406:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
:mozilla.407:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
:mozilla.442:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.443:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.445:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.446:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.447:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.448:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.449:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.450:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.451:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.459:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.460:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.461:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.462:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.463:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.464:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.465:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.466:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.467:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.468:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.469:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.470:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.471:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.472:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.473:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.487:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.521:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
:mozilla.522:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.528:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.531:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.532:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.546:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.547:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.548:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.553:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.554:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.572:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.597:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.603:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.604:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.608:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.628:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.636:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.640:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.641:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.644:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.645:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup
:mozilla.657:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.672:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.700:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.711:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.712:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.717:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.718:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.720:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.721:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.724:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.736:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.737:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.740:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.741:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.751:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.752:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.772:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.773:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.774:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.775:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.796:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.799:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.800:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.805:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.806:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.807:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.809:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.810:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.811:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.812:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.813:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.814:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.815:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.816:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.821:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.822:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.837:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.838:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.839:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.842:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.843:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.852:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.853:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.854:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.855:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.856:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.869:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.883:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.884:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.885:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.886:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.888:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.893:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.894:C:\Documents and Settings\BDPAUSER\Application Data\Mozilla\Firefox\Profiles\ws8alpmg.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\AceHTML Pro 6.05.8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Advanced Installer Pro 3.1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Age Of Empires III.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Ahead Nero Premium 7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Alawar Outbreak2 1.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\AllWallpapers 2.0.0.453.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\ArkLight 1.05.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Audio Formats SDK 1.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Automize 6.24.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\BadCopy Pro 3.76.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\BadCopy Pro 3.80.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\BitTorrent 4.20.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Button Studio 2.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\CCleaner 1.24.180.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Chat Watch 4.2.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Clean Disk Security 7.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\CodeSmith Professional 2.6.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\CopyPod 7.63.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\CPUkiller 2.05.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Dr.Web 4.33.1.11070.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\DSL Speed 2.09.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\F.E.A.R.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\FileMaker Pro 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\FlexPde Professional 3D 5.07.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Game XP 1.5.10.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Google Earth Pro 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\GVOX Encore 4.55.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\HyperSnap-DX 5.60.06.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\IArt 3.11.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\iNet Protector 2.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\InstallShield AdminStudio 6.0 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Kaspersky Anti-Hacker 1.5.119.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\McAfee Internet Security Suite 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Microsoft AntiSpyware 1.0.701.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\MOBILedit! 1.98.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\MPEG Video Wizard 2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Nofeel FTP Server 3.0.2600.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Norton Anti Virus 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Norton Antivirus 2006 Protection Pack.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Norton PartitionMagic 8.00.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\OfficeReady Pro 3.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Paint Shop Pro 10.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\PCBoost 3.8.15.2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\PCMedik 6.8.15.2005.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Pinnacle Studio Plus 10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Plato DVD to MP3 Ripper 3.3.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\PowerSheet 3.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\PyroTrans 2.14.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Rapidshare Premium Accounts.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Recover My Files 3.84.3300.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\RegDoctor 1.41.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\RegFreeze 5.31.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Secure Password Manager 2.15.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\SmartFTP 1.5.990.14.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Sonic Solutions ReelDVD 3.13.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Sony Vegas 6.0B.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Soundmasker Deluxe 5.0.0.25.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Spy Emergency 2005 2.0.300.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\SpyRemover 2.43.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Spyware Stopper 9.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\StarOffice Office Suite for Win 8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\StepAhead AnFX 5.2.6.8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\Super Utilities Pro 5.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
C:\Documents and Settings\BDPAUSER\Complete\

#8 jmedeiros7

jmedeiros7
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 24 November 2005 - 05:45 PM

i dont think the whole log was posted... there were almost 400 items.

#9 JG427

JG427

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 24 November 2005 - 08:17 PM

Wow, looks like ewido hit the jackpot!
If any setup.exe files are left in the folder named "complete" then delete them.

Try the following program for disk cleanup.
Download CCleaner and run the installer.
CCleaner is a utility that will remove unused and temporary files from your system.
Before running ccleaner, uncheck cookies on the windows and applications tabs, if you have cookies you do not want to remove.
Click the run cleaner button, allow it to run, then exit.

Run ewido again and post the new report.
It should be much shorter.

Many items listed by ewido are ad. cookies.
You can control the ad. cookies in firefox by clicking tools > options
Click the + at cookies
If you allow sites to set cookies, then also checkmark "for originating web site only"

Or uncheck " allow sites to set cookies" then click exceptions and paste in any web address you want to allow.
Firefox also has an extension to control cookies that I use at http://basic.mozdev.org/cookiebutton/

After following these steps, restart your system, then scan with hijackthis and post a fresh log.
Also post the new ewido report.
Posted Image

#10 jmedeiros7

jmedeiros7
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 24 November 2005 - 11:52 PM

i ran the ewido scan, and the log was empty.

this is my updated log from HJT:
Logfile of HijackThis v1.99.1
Scan saved at 11:45:41 PM, on 11/24/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\RioMSC.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HijackThis.exe

F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing)

by the way, i put my settings to block all cookies... are there any sites that i shouldnt block the cookies?
thanks

#11 JG427

JG427

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 25 November 2005 - 12:29 AM

Congratulations, your hijackthis log is clean! :thumbsup:


by the way, i put my settings to block all cookies... are there any sites that i shouldnt block the cookies?

Some sites will not work unless cookies are allowed, such as banking or purchasing items online.
You should get a notice on those sites that need cookies.
I also allow cookies on forums where it can remember my login id. and password.

I have several suggestions for improving the security on your system. All are free programs!
The first and most important is to visit windows update, download service pack 2 and any remaining critical updates.

I don't see any anti-virus running on your system. I use and recommend free version of AVG 7.
Download and install it from http://free.grisoft.com/freeweb.php/doc/2/lng/us/tpl/v5

SpywareBlaster - Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests.

Microsoft® Windows AntiSpyware (Beta)
Detects and removes known spyware from your system. Includes real time protection to monitor changes to your system and provides the option for you to allow or block the change.

IE-SPYAD is a Registry file (IE-ADS.REG) that adds a long list of sites and domains associated with known advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer.

Blocking Unwanted Parasites with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

I'll leave this thread open for a few days in case you have any questions about these programs.
JG427
Posted Image

#12 jmedeiros7

jmedeiros7
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 25 November 2005 - 01:46 AM

one thing...
i tried to download the service pack 2 from the website you provided, but the page wouldnt load.
i went to download.com and searched "windows update windows XP service pack 2"
i downloaded the program, and this message came up:
"the expected version of this product was not found on your system"
does this mean i have to download an earlier version of the windows update service pack, and then update that to the new one?
other than that, i downloaded the rest of the programs you suggested.
thanks again for all your help. :thumbsup:

#13 JG427

JG427

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 25 November 2005 - 05:22 PM

Lets try the fixes below for the update problem.
Do them one at a time, then check microsoft update again.
If it didn't help, do the next fix.
Use this link for microsoft update:
http://update.microsoft.com


Open Internet Explorer.
Click Tools, then Internet Options and click the Security tab.
Click Trusted sites, and then click Default Level.
Click the Sites button.
Clear the check box "Require server verification (https:) for all sites in this zone."

Copy the following address, then paste it into the box at "add this web site to this zone"
http://update.microsoft.com
Click ok then exit.
________________________________________________________

Open notepad by right clicking an empty area of your desktop, choose new > text document, then open it.
Copy the contents of the box below and paste into notepad.
Click file > save as and name it update.bat
Change the file type to all files, click save then exit notepad.
Double click update.bat on your desktop to run it.

cd /d %SystemRoot%\system32
regsvr32 comcat.dll /s
regsvr32 shdoc401.dll /s
regsvr32 shdoc401.dll /i /s
regsvr32 asctrls.ocx /s
regsvr32 oleaut32.dll /s
regsvr32 shdocvw.dll /I /s
regsvr32 shdocvw.dll /s
regsvr32 browseui.dll /s
regsvr32 browseui.dll /I /s
regsvr32 msrating.dll /s
regsvr32 mlang.dll /s
regsvr32 hlink.dll /s
regsvr32 mshtmled.dll /s
regsvr32 urlmon.dll /s
regsvr32 plugin.ocx /s
regsvr32 sendmail.dll /s
regsvr32 scrobj.dll /s
regsvr32 mmefxe.ocx /s
regsvr32 corpol.dll /s
regsvr32 jscript.dll /s
regsvr32 msxml.dll /s
regsvr32 imgutil.dll /s
regsvr32 thumbvw.dll /s
regsvr32 cryptext.dll /s
regsvr32 rsabase.dll /s
regsvr32 inseng.dll /s
regsvr32 iesetup.dll /i /s
regsvr32 cryptdlg.dll /s
regsvr32 actxprxy.dll /s
regsvr32 dispex.dll /s
regsvr32 occache.dll /s
regsvr32 occache.dll /i /s
regsvr32 iepeers.dll /s
regsvr32 urlmon.dll /i /s
regsvr32 cdfview.dll /s
regsvr32 webcheck.dll /s
regsvr32 mobsync.dll /s
regsvr32 pngfilt.dll /s
regsvr32 licmgr10.dll /s
regsvr32 icmfilter.dll /s
regsvr32 hhctrl.ocx /s
regsvr32 inetcfg.dll /s
regsvr32 tdc.ocx /s
regsvr32 MSR2C.DLL /s
regsvr32 msident.dll /s
regsvr32 msieftp.dll /s
regsvr32 xmsconf.ocx /s
regsvr32 ils.dll /s
regsvr32 msoeacct.dll /s
regsvr32 inetcomm.dll /s
regsvr32 msdxm.ocx /s
regsvr32 dxmasf.dll /s
regsvr32 l3codecx.ax /s
regsvr32 acelpdec.ax /s
regsvr32 mpg4ds32.ax /s
regsvr32 voxmsdec.ax /s
regsvr32 danim.dll /s
regsvr32 Daxctle.ocx /s
regsvr32 lmrt.dll /s
regsvr32 datime.dll /s
regsvr32 dxtrans.dll /s
regsvr32 dxtmsft.dll /s
regsvr32 WEBPOST.DLL /s
regsvr32 WPWIZDLL.DLL /s
regsvr32 POSTWPP.DLL /s
regsvr32 CRSWPP.DLL /s
regsvr32 FTPWPP.DLL /s
regsvr32 FPWPP.DLL /s
regsvr32 WUAPI.DLL /s
regsvr32 WUAUENG.DLL /s
regsvr32 ATL.DLL /s
regsvr32 WUCLTUI.DLL /s
regsvr32 WUPS.DLL /s
regsvr32 WUWEB.DLL /s
regsvr32 wshom.ocx /s
regsvr32 wshext.dll /s
regsvr32 vbscript.dll /s
regsvr32 scrrun.dll mstinit.exe /setup /s
regsvr32 msnsspc.dll /SspcCreateSspiReg /s
regsvr32 msapsspc.dll /SspcCreateSspiReg /s
exit

________________________________________________________

Go to Windows XP Service Pack 2 download page.
Do not follow the instructions on the page since they will take you back to windows update which isn't working.
Instead, click download near the top of the page.
Choose to save the file to your harddrive.

Go to your download location and double click WindowsXP-KB835935-SP2-ENU.exe
Allow it to run.
Posted Image

#14 jmedeiros7

jmedeiros7
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 26 November 2005 - 11:04 PM

the first fix worked...
thanks again for all your help.
I really appreciate it.
really.
:thumbsup:

#15 JG427

JG427

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 26 November 2005 - 11:51 PM

Glad we could help. :thumbsup:

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread.
This applies only to the original topic starter. Everyone else please begin a New Topic.
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users