Tech Support Guy banner
Cancel

virus problem?

Jump to Latest Follow
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 10 of 10 Posts
TALON75

· Registered
Joined
·
18 Posts
Discussion Starter · #1 ·
hello , I am having a problem with explorer that i cannot figure out . i keep getting the following message when i enter a new web site- SITEADV.exe- BAD IMAGE - The app or dll C:\program files\NEWDOTNET\newdotnet7_22.dll is not a valid windows image . please check against your install diskette .

this seems to have started after installing McAfee and trying to uninstall Winantivirus, but i keep getting popups from winantivirus trying to get to download thier program . after reading several other posts i went ahead and created a HJT log . any help would be greatly appreciated .

Logfile of HijackThis v1.99.1
Scan saved at 2:45:16 PM, on 12/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\Explorer.EXE
C:\Program Files\SiteAdvisor\4608\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\SiteAdvisor\4608\SiteAdv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://mail.yahoo.com/?.redir=ymmapi9&.clntymver=2004.11.23.1&.cldefstat=Def0
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O2 - BHO: BhoApp Class - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - C:\Program Files\WinBudget\bin\matrix.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [ERS_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe"
O4 - HKLM\..\Run: [DC6_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\4608\SiteAdv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O20 - AppInit_DLLs:
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\4608\SAService.exe
 
TALON75

· Registered
Joined
·
18 Posts
Discussion Starter · #2 ·
read some more post and saw the pattern , so i downloaded panda active scan and created the file below . i will now also down load avg spyware and post the results when ready . i am glad i found this message board , even though no one has helped me directly yet i have found some very useful info .

Incident Status Location

Spyware:spyware/new.net Not disinfected c:\program files\newdotnet\newdotnet7_22.dll
Potentially unwanted tool:application/winantivirus2006 Not disinfected c:\program files\common files\WinAntiVirus Pro 2006
Potentially unwanted tool:application/mywebsearch Not disinfected hkey_local_machine\software\FocusInteractive
Potentially unwanted tool:application/funweb Not disinfected hkey_local_machine\software\FunWebProducts
Potentially unwanted tool:application/iwon Not disinfected hkey_local_machine\software\iWon
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][3].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][5].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][3].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/AspinallsOnlineCasino Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
 
TALON75

· Registered
Joined
·
18 Posts
Discussion Starter · #3 ·
the file was too large here is the rest of it , again thanks for any help and have a merry christmas .

Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][1].txt
Spyware:Cookie/PayCounter Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/WegCash Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][1].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\TONY\Cookies\[email protected][1].txt
Potentially unwanted tool:Application/DriveCleaner Not disinfected C:\Documents and Settings\TONY\Local Settings\Temporary Internet Files\Content.IE5\FJ97FXSS\installdrivecleanerstart[1].exe
Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Documents and Settings\TONY\Local Settings\Temporary Internet Files\Content.IE5\GPGJGR87\WinAntiVirusPro2006FreeInstall[1].exe
Potentially unwanted tool:Application/iWon Not disinfected C:\Program Files\iWon\iWonSlot\1.bin\IWONSLOT.DLL
 
TALON75

· Registered
Joined
·
18 Posts
Discussion Starter · #4 ·
here is my AVG report , i hope someone can help me . system seems to be ok right now but want to make sure everything is cured so that the problems don't persist . thanks

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:07:03 PM 12/23/2006

+ Scan result:

C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041117.DLL -> Adware.IWon : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKU\S-1-5-21-2365430957-3993245626-2034127582-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DC6_check -> Adware.Systemdoctor : Cleaned with backup (quarantined).
C:\Program Files\WinAntiVirus Pro 2006 -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\Program Files\WinAntiVirus Pro 2006\msvcp71.dll -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041063.sys -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041066.dll -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041068.sys -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041069.dll -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041071.ini -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041072.dll -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041075.dll -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041076.cpl -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041077.dll -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041081.exe -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041086.sys -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP313\A0041122.exe -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
HKLM\SYSTEM\CurrentControlSet\Services\vspf -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
HKLM\SYSTEM\CurrentControlSet\Services\vspf\Enum -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
HKLM\SYSTEM\CurrentControlSet\Services\vspf\Security -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
HKLM\SYSTEM\CurrentControlSet\Services\vspf_hk -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
HKLM\SYSTEM\CurrentControlSet\Services\vspf_hk\Enum -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
HKLM\SYSTEM\CurrentControlSet\Services\vspf_hk\Security -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
HKU\S-1-5-21-2365430957-3993245626-2034127582-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
HKU\S-1-5-21-2365430957-3993245626-2034127582-1007\Software\WinAntiVirus Pro 2006 -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
HKU\S-1-5-21-2365430957-3993245626-2034127582-1007\Software\WinAntiVirus Pro 2006\Settings -> Adware.WinAntiVirus : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][2].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Bluemountain : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][1].txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][1].txt -> TrackingCookie.Etracker : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Hitslink : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][1].txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][1].txt -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][10].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][1].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][2].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][3].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][4].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][5].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][6].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][7].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][8].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][9].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Owner\Cookies\owner[email protected][2].txt -> TrackingCookie.Tracking101 : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\TONY\Cookies\[email protected][2].txt -> TrackingCookie.Wegcash : Cleaned.

::Report end

and here is a new HJT report , do i need to do a new panda report also?

Logfile of HijackThis v1.99.1
Scan saved at 10:33:09 PM, on 12/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\SiteAdvisor\4608\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\SiteAdvisor\4608\SiteAdv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://mail.yahoo.com/?.redir=ymmapi9&.clntymver=2004.11.23.1&.cldefstat=Def0
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O2 - BHO: BhoApp Class - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - C:\Program Files\WinBudget\bin\matrix.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [ERS_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe"
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\4608\SiteAdv.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O20 - AppInit_DLLs:
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (mctskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\4608\SAService.exe
 
TALON75

· Registered
Joined
·
18 Posts
Discussion Starter · #5 ·
looks like i spoke too soon . i am no longer getting the siteadv.exe- bad image window but explorer is still having to close when i am browsing . i guess i will wait for one of the experts to reply as i have surpassed my computer knowledge .

i'm thinking these files may need to be removed

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing


of course i won't do anything untill i get some real advise , but these seem fishy to me .
 
1 - 10 of 10 Posts
Status
Not open for further replies.
About this Discussion
9 Replies
1 Participant
Last post:
TALON75
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Hardware Virus & Other Malware Removal Windows XP Off Topic Lounge Thread Games & Discussion
Top