Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Illiterate


  • Please log in to reply
8 replies to this topic

#1 amcarter

amcarter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 21 November 2006 - 06:10 PM

About six months ago a Trojan horse was downloaded onto my computer and my computer said that it had stored into a temp file, and i have never been able to find it to delete it. Heck i don't know that I even could. But from this point on, my computer has been running extremely painfully slow and it has been locking up or freezing and I literally have to unplug the whole system in order to get it unfroze. I had just replaced my tower with a Dell, and then I realized I did have any of the dvd or burning ablity, Heck I can't even copy my assigments for class. Which I might add has been a pain. So when my friend told me about this forum I thought I'd drag out this tower and give ya all a try. I think we have only had it for less than two years. If someone can help me, it would be a life saver. :
hugs,
ang

BC AdBot (Login to Remove)

 


m

#2 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 21 November 2006 - 06:58 PM

Click here to download HJTsetup.exe:

http://www.thespykiller.co.uk/forum/index....=tpmod;dl=item5
Scroll down to the download section

Save HJTsetup.exe to your desktop.

Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#3 amcarter

amcarter
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 21 November 2006 - 09:43 PM

Logfile of HijackThis v1.99.1
Scan saved at 8:42:37 PM, on 11/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\CHARTE~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
C:\Program Files\Charter High-Speed Security Suite\backweb\4476822\program\fsbwsys.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\FSGK32.EXE
C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Charter High-Speed Security Suite\Common\FSMB32.EXE
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FCH32.EXE
C:\Program Files\Charter High-Speed Security Suite\Common\FAMEH32.EXE
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsqh.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsrw.exe
C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE
C:\PROGRA~1\CHARTE~1\ANTI-S~1\fsaw.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Charter High-Speed Security Suite\FSGUI\fsguidll.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
C:\Program Files\Charter High-Speed Security Suite\backweb\4476822\Program\fspex.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Charter High-Speed Security Suite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Charter High-Speed Security Suite\FSGUI\FSSW.EXE" /reboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
O4 - Global Startup: F-Secure Anti-Virus 2006.lnk = C:\Program Files\Charter High-Speed Security Suite\backweb\4476822\Program\fspex.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Block this popup - C:\Program Files\Charter High-Speed Security Suite\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?a33e1e6a734c4f978ba2bc584a1fcc82
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?a33e1e6a734c4f978ba2bc584a1fcc82
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Charter High-Speed Security Suite\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Charter High-Speed Security Suite\Anti-Spyware\ieshield.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .midi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://www.msn.com/diskless/bin/tgctlcm.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...tup1.0.0.15.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116fd.bay116.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: F-Secure Anti-Virus 2006 (BackWeb Plug-in - 4476822) - F-Secure Internet Security 2005 - C:\PROGRA~1\CHARTE~1\backweb\4476822\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Charter High-Speed Security Suite\backweb\4476822\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

#4 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 21 November 2006 - 09:46 PM

Log looks fine, but.....

Is F-Secure Anti-Virus up to date??
=================
Please click here http://www.majorgeeks.com/Sun_Java_Runtime...ment_d4648.html to download the latest version of JAVA Install the application, then go to the Add/Remove Programs options in the Control Panel and Remove ALL previous versions of JAVA.

===================

Download AVG Anti-Spyware from http://www.ewido.net/en/download/ and save that file to your desktop. Note: This is NOT the Anti Virus from AVG.

When the trial period expires it becomes feature-limited freeware but is still worth keeping as a good on-demand scanner.
1. Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double click it to launch the set up program.
2. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
3. On the main screen select the icon "Update" then select the "Update now" link.
o Next select the "Start Update" button. The update will start and a progress bar will show the updates being installed.
4. Once the update has completed, select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
5. Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
6. Under "Reports"
o Select "Automatically generate report after every scan"
o Un-Select "Only if threats were found"
Close AVG Anti-Spyware. Do Not run a scan just yet, we will run it in safe mode.
1. Reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.

IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning as it may interfere with the scanning process:
2. Launch AVG Anti-Spyware by double clicking the icon on your desktop.
3. Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
4. AVG will now begin the scanning process. Please be patient as this may take a little time.
Once the scan is complete, do the following:
5. If you have any infections you will be prompted. Then select "Apply all actions."
6. Next select the "Reports" icon at the top.
7. Select the "Save report as" button in the lower lef- hand of the screen and save it to a text file on your system (make sure to remember where you saved that file. This is important).
8. Close AVG Anti-Spyware and reboot your system back into Normal Mode.
Post the log from AVG and a new HiJack log
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#5 amcarter

amcarter
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 21 November 2006 - 11:56 PM

I am not sure exactly what I am suppost to be downloading from the first link. It brought up the spy doctor and I think it was called mechanical registry. Can you please be more specific. Not very wise with all this computer lingo. LOL!
Thanks so much for everything that you have done so far!
Hugs,
Ang

#6 amcarter

amcarter
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 22 November 2006 - 08:05 AM

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 6:38:22 AM 11/23/2006

+ Scan result:



C:\Documents and Settings\jack carter\Application Data\ShopperReports -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\db -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\report -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\res1 -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\cs\res1\WhiteList.dbs -> Adware.HotBar : No action taken.
C:\Documents and Settings\jack carter\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : No action taken.
C:\Program Files\whInstall -> Adware.Webhancer : No action taken.
C:\Program Files\whInstall\whAgent.inf -> Adware.Webhancer : No action taken.
C:\Program Files\whInstall\whInstaller.ini -> Adware.Webhancer : No action taken.
C:\System Volume Information\_restore{55AD45FB-8993-4F27-867B-0B74F04FFF84}\RP112\A0163772.dll -> Adware.Zango : No action taken.
C:\System Volume Information\_restore{55AD45FB-8993-4F27-867B-0B74F04FFF84}\RP100\A0155788.0xe -> Downloader.Zlob.va : No action taken.
C:\WINDOWS\system32\ld100.tmp -> Downloader.Zlob.va : No action taken.
C:\WINDOWS\system32\regperf.0xe -> Downloader.Zlob.va : No action taken.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\8TAVCPIZ\WinAntiVirusPro2006FreeInstall[1].cab/UWA6P_0001_N822M1605NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@msnportal.112.2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@betzipcom.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@chicagosuntimes.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@entrepreneur.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@gmgmacmortgage.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@harpo.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@heavyhammerinc.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@adbrite[1].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@stats.adbrite[1].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@z1.adserver[1].txt -> TrackingCookie.Adserver : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@www.belstat[2].txt -> TrackingCookie.Belstat : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@www.burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@cz5.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@vip.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@vip2.clickzs[2].txt -> TrackingCookie.Clickzs : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@com[1].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@enhance[2].txt -> TrackingCookie.Enhance : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@tracking.g3x[1].txt -> TrackingCookie.G3x : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@ehg-netbankinc.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@hotlog[1].txt -> TrackingCookie.Hotlog : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@image.masterstats[1].txt -> TrackingCookie.Masterstats : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@data2.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@data1.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@data2.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@data4.perf.overture[2].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@questionmarket[1].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@edge.ru4[1].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@starware[2].txt -> TrackingCookie.Starware : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\carter boys\Cookies\carter boys@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@webstat[2].txt -> TrackingCookie.Web-stat : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@web-stat[2].txt -> TrackingCookie.Web-stat : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@clickthrough.wegcash[2].txt -> TrackingCookie.Wegcash : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@free.wegcash[1].txt -> TrackingCookie.Wegcash : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@programs.wegcash[2].txt -> TrackingCookie.Wegcash : No action taken.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\jack carter.CARTERCOMPUTER\Cookies\jack carter@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\zdj.0xe -> Trojan.LowZones.dm : No action taken.


::Report end

#7 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 22 November 2006 - 10:19 AM

That first link was to get the latest version of java as one malware exploits the older versions
=================
IE - Block Third party cookies
1. Click on the Tools button on the Internet Explorer tool bar.
2. Highlight and click on Internet options at the bottom of the Tools menu.
3. Select the Privacy Tab of the Internet Options menu.
4. Select the Advanced... button at the bottom of the screen.
5. Select override automatic cookie handling button.
6. To block third party cookies select block under "Third-party cookies".
7. Select "always allow session cookies".
8. Click on the OK button at the bottom of the screen.

=================
Clean Posted Image

Turn off restore points, boot, turn them back on – here’s how

http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#8 amcarter

amcarter
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 22 November 2006 - 04:25 PM

i am not seeing what you are talking about. I can't find the cookie thing that you were talking about. Please help me.
Hugs,
Angela

#9 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 22 November 2006 - 04:47 PM

Read it carefully, many have followed those directions
"Nothing could be finer than to be in South Carolina ............"

Member ASAP




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users