Tech Support Guy banner
Cancel
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice

HJT log need help

2000 Views 21 Replies 4 Participants Last post by  D_Trojanator
S
Started with an msn "worm" ... a link that got clicked and sends that same link to everyone else on your list. Anyways I am unable to update Bitdefender virus scan and unable to go on there website.. I am not sure if I am still sending links out to people on my msn but anyways... Someone tell me whats going on Thanks.

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
D:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
D:\Program Files\Softwin\BitDefender10\bdmcon.exe
D:\Program Files\Softwin\BitDefender10\bdagent.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Softwin\BitDefender10\vsserv.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\DOCUME~1\Chris\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [BDMCon] "D:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [MSConfig] D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM+ Messages - Unknown owner - D:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000282 (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
See less See more
Save
Like
Status
Not open for further replies.
1 - 11 of 22 Posts
S
Thanks, I did what you said and this is what I have came up with.

HJT

D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
F3 - REG:win.ini: load=D:\WINDOWS\system32\kisjwglzz\winlogon.exe
F3 - REG:win.ini: run=D:\WINDOWS\system32\kisjwglzz\winlogon.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [BDMCon] "D:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [winlogon] ?
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: winlogon.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

and blbeta

12/31/06 09:54:56 [Info]: BlackLight Engine 1.0.55 initialized
12/31/06 09:54:56 [Info]: OS: 5.1 build 2600 (Service Pack 2)
12/31/06 09:55:07 [Note]: 7019 4
12/31/06 09:55:07 [Note]: 7005 0
12/31/06 09:55:12 [Note]: 7006 0
12/31/06 09:55:12 [Note]: 7011 1248
12/31/06 09:55:13 [Note]: 7026 0
12/31/06 09:55:14 [Note]: 7026 0
12/31/06 09:55:28 [Note]: FSRAW library version 1.7.1021
12/31/06 10:05:10 [Note]: 7007 0
See less See more
Save
Like
S
sorry here you go:
Thanks

Logfile of HijackThis v1.99.1
Scan saved at 10:06:26 AM, on 31/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
D:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
D:\Program Files\Softwin\BitDefender10\bdmcon.exe
D:\Program Files\Softwin\BitDefender10\bdagent.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Softwin\BitDefender10\vsserv.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
F3 - REG:win.ini: load=D:\WINDOWS\system32\kisjwglzz\winlogon.exe
F3 - REG:win.ini: run=D:\WINDOWS\system32\kisjwglzz\winlogon.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [BDMCon] "D:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [winlogon] ?
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: winlogon.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
See less See more
Save
Like
S
alright I had a problem downloading msnvirrem.exe it said something about a copy error... also now my virus scan (bitdefender) is picking it up as a virus or something ..

And when I went in safemode that file was not present.

Also when I ran the hijackthis scan. I got the following popup

"For some reason your system denied write access to the hosts file. If any Hijacked domains are in the file, HiJackThis may not be able to fix this.

If that happens you need to edit the file yourself with notepad.
Notepad. "D:\windows\system32\drivers\etc\hosts"

Anyways... heres the hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 11:24:14 AM, on 01/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
D:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
D:\Program Files\Softwin\BitDefender10\bdmcon.exe
D:\Program Files\Softwin\BitDefender10\bdagent.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Softwin\BitDefender10\vsserv.exe
D:\WINDOWS\system32\wuauclt.exe
D:\sUBs\ComboFix.exe
D:\WINDOWS\system32\cmd.exe
D:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [BDMCon] "D:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

and the combofix log:

Chris - 07-01-01 11:14:41.47 Service Pack 2
ComboFix 06.11.27 - Running from: "D:\Documents and Settings\Chris\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

D:\WINDOWS\system32\netstat.com
D:\WINDOWS\system32\taskkill.com
D:\Program Files\Inetget2
D:\Program Files\Common Files\{3AD12A89-063A-4105-1101-020201190002}
D:\Program Files\Common Files\{6AD12A89-063A-4105-1101-020201190002}

((((((((((((((((((((((((((((((( Files Created from 2006-12-01 to 2007-01-01 ))))))))))))))))))))))))))))))))))

2006-12-31 22:04 d-------- D:\Documents and Settings\Chris\Application Data\Google
2006-12-31 22:02 d-------- D:\Program Files\Google
2006-12-31 15:11 12,800 --a------ D:\ieupdate.exe
2006-12-31 00:25 d-------- D:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-12-31 00:23 d-------- D:\WINDOWS\system32\PreInstall
2006-12-31 00:22 22,752 --a------ D:\WINDOWS\system32\spupdsvc.exe
2006-12-31 00:22 d--h----- D:\WINDOWS\$hf_mig$
2006-12-31 00:14 d-------- D:\Program Files\Lavasoft
2006-12-30 23:57 d-------- D:\RootkitNO
2006-12-30 23:41 25,773 --a------ D:\WINDOWS\system32\drivers\regguard.sys
2006-12-30 23:30 d-------- D:\Program Files\Ipwindows
2006-12-30 22:55 92,485 --a------ D:\gp.exe
2006-12-30 22:51 d-------- D:\Documents and Settings\Chris\Application Data\Bitdefender
2006-12-30 22:43 d-------- D:\Documents and Settings\All Users\Application Data\BitDefender
2006-12-30 22:42 d-------- D:\Program Files\Softwin
2006-12-30 22:31 d--hs---- D:\Config.Msi
2006-12-30 22:24 d-------- D:\Program Files\Common Files\Softwin
2006-12-30 21:47 d-a------ D:\Documents and Settings\All Users\Application Data\TEMP
2006-12-30 21:09 d-------- D:\Documents and Settings\Chris\Application Data\Lavasoft
2006-12-30 19:52 d-------- D:\WINDOWS\system32\SoftwareDistribution
2006-12-30 18:20 d--h----- D:\WINDOWS\PIF
2006-12-30 18:01 d-------- D:\Documents and Settings\All Users\Application Data\Symantec
2006-12-30 17:59 d-------- D:\Program Files\Common Files\Symantec Shared
2006-12-30 17:31 d--hs---- D:\WINDOWS\system32\kisjwglzz

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-01-01 11:15 -------- d-------- D:\Program Files\Common Files
2006-12-31 22:02 -------- d--h----- D:\Program Files\InstallShield Installation Information
2006-12-31 22:01 -------- d---s---- D:\Documents and Settings\Chris\Application Data\Microsoft
2006-12-31 22:01 -------- d-------- D:\Program Files\Common Files\InstallShield
2006-12-31 03:22 -------- d-------- D:\Program Files\Internet Explorer
2006-12-31 03:12 -------- d-------- D:\Program Files\Windows Media Player
2006-12-31 03:04 -------- d-------- D:\Program Files\Outlook Express
2006-12-31 03:04 -------- d-------- D:\Program Files\Common Files\System
2006-12-30 23:25 -------- d-------- D:\Program Files\Messenger
2006-12-07 17:02 2174976 --a------ D:\WINDOWS\system32\wmvcore.dll
2006-11-07 21:06 679424 --a------ D:\WINDOWS\system32\inetcomm.dll
2006-10-19 05:56 713216 --a------ D:\WINDOWS\system32\sxs.dll
2006-10-13 04:35 65536 --a------ D:\WINDOWS\system32\nwwks.dll
2006-10-13 04:35 64000 --a------ D:\WINDOWS\system32\nwapi32.dll
2006-10-13 04:35 142336 --a------ D:\WINDOWS\system32\nwprovau.dll
2006-10-02 05:19 62 --ahs---- D:\Documents and Settings\Chris\Application Data\desktop.ini

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MsnMsgr"="\"D:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"winlogon"=""
"MSMSGS"="\"D:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"BDMCon"="\"D:\\Program Files\\Softwin\\BitDefender10\\bdmcon.exe\" /reg"
"BDAgent"="\"D:\\Program Files\\Softwin\\BitDefender10\\bdagent.exe\""
"winlogon"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\0]
"Operation"=dword:00000001
"Target"="\\??\\D:\\PROGRA~1\\IPWIND~1\\IPWINS.EXE"
"Source"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\ApprovedByRegRun2\AntiRepl\1]
"Operation"=dword:00000001
"Target"="D:\\PROGRA~1\\COMMON~1\\{6AD12~1\\UPDATE.EXE"
"Source"=""

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,36,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="D:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="D:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoAdminPage"="1"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Completion time: 07-01-01 11:16:03.20
D:\ComboFix.txt ... 07-01-01 11:16
See less See more
Save
Like
S
I am unable to download the avg program... When I click on the link my net just does not find the page ... same as the previous program you talked about in the previous post (two posts ago...)
I will do what I am able to do and post the current HJT log.
Save
Like
S
Also I am having a problem with the copying and pasting of the bold text into the notepad... once i save it and go to open it I get "fix.reg is not a vaild win32 application."
Save
Like
S
didnt work
Save
Like
S
It only happens to certain sites.. that link and also the bitdefender site for sure..

still nothing but problems.. downloaded that hoster program .. oepn it up and get a warning pop-up:
"Your hosts file is marked as a "system file" and can NOT be manipulated. Press ok to remove hidden and system attributes."
I clicked ok and get and error pop-up

"Error: Cannot open file D:\windows\system32\drivers\etc\hosts"

Yep so thats all..
Save
Like
S
hey no reply from me in abit but heres the AVG and HJT logs..

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 6:28:51 PM 11/01/2007

+ Scan result:

C:\System Volume Information\_restore{70536AB7-69C8-4B78-AA77-BC69549E54A7}\RP122\A0070583.exe -> Adware.DealHelper : Cleaned.
:mozilla.463:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.464:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.240:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.241:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.242:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.243:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.244:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.351:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.533:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.620:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.569:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.66:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.68:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.107:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.108:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.209:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.210:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.211:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.444:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.445:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.304:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.305:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.306:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.307:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.308:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.309:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.33:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.34:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.35:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.36:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.37:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.30:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.57:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.58:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.459:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.203:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.100:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.106:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.99:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.161:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.162:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.163:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.164:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.167:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.168:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.115:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.116:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.42:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Com : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Com : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.20:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.185:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.186:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.216:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.218:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.223:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.227:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.228:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.414:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.563:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.21:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.22:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.23:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.24:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.90:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.92:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.93:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.95:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.303:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned.
:mozilla.353:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.556:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.109:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.110:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.111:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.193:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.226:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.298:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.376:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.527:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.541:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.581:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.582:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.589:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.590:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.591:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.192:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.267:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.270:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.271:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.277:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.278:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Liveperson : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.235:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.140:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.141:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.460:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Paycounter : Cleaned.
:mozilla.259:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.260:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.261:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.262:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.234:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.238:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.46:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.47:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.48:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.423:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.428:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.429:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.430:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.431:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.432:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.433:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.434:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.435:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.154:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.155:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.215:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.217:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.557:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.558:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.559:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.560:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Sexlist : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Sextracker : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.Sextracker : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.Sextracker : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.129:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.130:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.131:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.132:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.133:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.134:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.135:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.136:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.137:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.138:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.120:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.122:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.123:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.294:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.524:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.525:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.142:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.519:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.38:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.387:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.388:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.389:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.390:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.83:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][1].txt -> TrackingCookie.Xxxcounter : Cleaned.
:mozilla.25:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.29:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
D:\Documents and Settings\Chris\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.326:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.327:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.328:C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\6iinbwz0.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

::Report end
See less See more
Save
Like
S
And HJT

Logfile of HijackThis v1.99.1
Scan saved at 7:54:19 PM, on 11/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
D:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
D:\Program Files\Softwin\BitDefender10\bdmcon.exe
D:\Program Files\Softwin\BitDefender10\bdagent.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [BDMCon] "D:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

thank you
See less See more
Save
Like
S
It runs ok .. but now that I have Bitdefender and AVG always running its slow When starting up CPU usage is 100% ... only 256mb of ram would probably be the cause... Also my interent explorer is "glitchy" It was always like that. It is when I scroll that it is glitchy.



Does everything look fine to you though?
Save
Like
1 - 11 of 22 Posts
Status
Not open for further replies.
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Hardware Virus & Other Malware Removal Off Topic Lounge Thread Games & Discussion Networking
Top