Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Think I Have A Spyaxe Problem


  • Please log in to reply
3 replies to this topic

#1 forcechangenow7

forcechangenow7

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 06 May 2006 - 07:42 AM

I keep getting a popup in my taskbar with a little green handicap sign then a red "no" sign telling me i need to scan for virus'. i have gone through many sites so i am guessing this is spyaxe. i have used the tutorials here but nothing is working. i have used

Ad-aware
cwshredder
ewido
spy bot search and destroy
smitrem
cleanup
panda activescan

I've run them in safe mode and normal mode. i've got all of the infections gone from ad-aware.
I also have an empty folder in my program files called xerox that i've deleted twice now. its got another folder in it named "nwwia" which wont delete because its "being used by another program"

i had a virus a few days ago and just reformatted my computer, but i don't want to have to do that again.

I can't afford to buy an expensive program, the panda one is only $12.95 so i might use that if I know it will work.

what can i do to get rid of this icon? I don't know what it's doing to my computer. Should i reformat again?

here are my reports:

for ewindo:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 5:01:39 AM, 5/6/2006
+ Report-Checksum: EA93015F

+ Scan result:

:mozilla.14:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.240:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.241:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.242:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.243:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.244:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.254:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Leah\Cookies\leah@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Leah\Cookies\leah@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\WINDOWS\temp\win1.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup


::Report End

for activescan


Incident Status Location

Spyware:Cookie/Atlas DMT Not disinfected
C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Mediaplex Not disinfected
C:\Documents and Settings\Leah\Application Data\Mozilla\Firefox\Profiles\x31vptcu.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Atwola Not disinfected
C:\Documents and Settings\Leah\Cookies\leah@atwola[1].txt
Potentially unwanted tool:Application/Processor Not disinfected
C:\Documents and Settings\Leah\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Leah\Desktop\smitRem.exe[smitRem/Process.exe]
Adware:Adware/PicsPlace Not disinfected
C:\Documents and Settings\Leah\Local Settings\Temporary Internet Files\Content.IE5\GHMR8HCJ\srvhaf[1].exe
Adware:Adware/PurityScan Not disinfected
C:\Program Files\Common Files\s?mbols\cmd.exe
Adware:adware/mediatickets Not disinfected C:\WINDOWS\system32\oins.exe
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\winrcq32.dll
Adware:Adware/PicsPlace Not disinfected C:\WINDOWS\temp\win3F.tmp.exe


and for hijack

Logfile of HijackThis v1.99.1
Scan saved at 5:38:07 AM, on 5/6/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\dcomcfg.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AIM\aim.exe
C:\PROGRA~1\COMMON~1\SMBOLS~1\cmd.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\TEMP\win241.tmp.exe
C:\Program Files\HijackThis\HijackThis.exe

R3 - URLSearchHook: (no name) - {2931B94D-04F9-5B0C-8B06-5D27B7E9EB9A} - C:\WINDOWS\System32\rrpttwn.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\System32\hp48E0.tmp
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Rebs] "C:\PROGRA~1\COMMON~1\SMBOLS~1\cmd.exe" -vt mt
O4 - HKCU\..\Run: [Avxuf] C:\Program Files\Common Files\??stem32\m?hta.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1146882311999
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
O18 - Protocol: ezstor - {6344A3A0-96A7-11D4-88CC-000000000000} - C:\WINDOWS\System32\viewers\ezspp.dll
O18 - Protocol: hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
O18 - Protocol: x-asp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
O18 - Protocol: x-cnote - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
O18 - Protocol: x-hsp - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
O18 - Protocol: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\Program Files\Common Files\EzTools\wowctl2.dll
O18 - Protocol: x-zip - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
O18 - Protocol: zip - {8D32BA61-D15B-11D4-894B-000000000000} - C:\Program Files\Common Files\EzTools\hsppp.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: winrcq32 - C:\WINDOWS\SYSTEM32\winrcq32.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

any additional help would be great!

BC AdBot (Login to Remove)

 


#2 jwbirdsong

jwbirdsong

    Slaher O' Spyware


  • Members
  • 232 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:41 PM

Posted 07 May 2006 - 04:01 PM

Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.
Help with unzipping files is HERE

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Was the Ewido scan you posted from SafeMode?? and was it updated to the latest definitions?

#3 forcechangenow7

forcechangenow7
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 07 May 2006 - 05:39 PM

Thank you! I meant to post this last night but I actually went through other posts and downloaded that program and it worked. but thank you SO much for reviewing my logs. and ewido was run in safemode. it wouldnt work in normal mode. :thumbsup:

#4 jwbirdsong

jwbirdsong

    Slaher O' Spyware


  • Members
  • 232 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:41 PM

Posted 07 May 2006 - 08:48 PM

You should post an updated HijackThis log and the C:\rapport.txt as there are infections on your system that were NOT taken care of by Ewido OR the SmitfraudFix




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users