Ad:

Viruses, Spyware and other Nasties Discussion Thread
Marked Solved
Views: 2261

Aug 14th, 2005

Need Help Stumped

Expand Post »

I'm pretty Computer literate. But I have been stumped with this latest problem.

My gf's Dads Laptop currently is getting errors.

Everytime I click on My Computer it gives me the error, "Your current security settings prohibit running ActiveX controls on this page. As a result, the page may not display correctly."

I have used the internet settings through control panel and set them all to medium and reset like most people say. But when I click on My computer after a restart it says the same old thing. And changing the options doesn't allow me to use My Computer. I have ran Ad-Aware but still also when he connects to the internet he gets tons of Pop-ups which I thought ad-aware would help get rid of. This is his Hijack-This Log.

Logfile of HijackThis v1.99.1
Scan saved at 12:04:40 AM, on 8/13/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\slserv.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\XPsys.exe
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINNT\system32\hphmon05.exe
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\PROGRA~1\THEWEA~1\DWHeartbeatMonitor.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINNT\system32\HPZipm12.exe
C:\DriverLoad\svchost.exe
C:\DriverLoad\svchost.exe
C:\DriverLoad\svchost.exe
C:\DriverLoad\svchost.exe
C:\DriverLoad\svchost.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINNT\system32\hphmon05.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [DWHeartbeatMonitor] C:\PROGRA~1\THEWEA~1\DWHeartbeatMonitor.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://lovefreegames.aavalue.com/LFG...games_live.cab
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINNT\SYSTEM32\slserv.exe

If anyone can tell me anything I would greatly appreciate it.

Similar Threads

Using UTF's, IndexOf's and substrings in Java
100% CPU USAGE on and off! ;/ in Windows NT / 2000 / XP
stumped!! in Troubleshooting Dead Machines
Completely stumped by sudden IE slowdown in Web Browsers
Boot Problems...HELP in Windows NT / 2000 / XP

purpleheadedd

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

4 posts
since Aug 2005

Permalink

Aug 14th, 2005

Re: Need Help Stumped

Bump. Pls assist.

purpleheadedd

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

4 posts
since Aug 2005

Permalink

Aug 14th, 2005

O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - [url]http://Re: Need Help Stumped

Hi,
Download Ewido and install it. Then run, you will receive a warning message saying "Database not found", click "OK" for this. Next in the main screen, click "Update" and click "Start Update". After the update process, exit from Ewido.

Download CCleaner and install it.

Reboot in Safe Mode:-
Restart (or switch ON) the PC.
Then, keep tapping the F8 Key.
From the menu that will be displayed, out of which choose Safe Mode and press Enter.

Run HijackThis and click Do only a System scan.
Then put a check mark infront of below listed entries:-

O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://lovefreegames.aavalue.com/LFG...games_live.cab

Close all other open programs except Hijackthis and click the button Fix Checked in HijackThis.

Exit from HijackThis. Delete this file:-
C:\WINNT\XPsys.exe
C:\DriverLoad\svchost.exe

Run CCleaner:-

Click "Options" button and here go to "Advanced" tab and uncheck the option "Only delete files in Windows Temp folder older than 48 hours".
Click OK to exit from the Options.
Finally click "Run Cleaner" and click "OK" to continue cleaning.

Run Ewido:-

Click on the "Scanner" button in the left menu, then click on the "Start" button.
If ewido finds anything, it will pop up a notification. You can select "Clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on OK.
When the scan finishes, click on "Save Report". This will create a text file.

Open Internet Explorer, go to Tools Menu > Internet Options. Here click Programs tab. Then click Reset Web Settings button. Click "Apply" and "OK". Exit from Internet Explorer.

Reboot to Normal Mode. Run HijackThis again, click Do a System scan and save log, and post the fresh log along with the Ewido log.
Post back whether you recive the error when you try to open My Computer or not. Also, do you what is this folder ---> C:\DriverLoad ? What files are there in that folder?

swatkat

Reputation Points: 25

Solved Threads: 51

Practically a Master Poster

Offline

642 posts
since Jul 2005

Permalink

Aug 15th, 2005

Re: Need Help Stumped

Simply amazing. I used both those problems exactly in the order you told me to. And everything seems to work perfect now. No more popups, no more errors, Flawless. Great work swatkat!!

New Logs
______________

Logfile of HijackThis v1.99.1
Scan saved at 5:09:00 PM, on 8/14/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\slserv.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\PROGRA~1\THEWEA~1\DWHeartbeatMonitor.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\HJT\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [DWHeartbeatMonitor] C:\PROGRA~1\THEWEA~1\DWHeartbeatMonitor.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1124063524872
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINNT\SYSTEM32\slserv.exe

Ewido
_________________

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 4:38:03 PM, 8/14/2005
+ Report-Checksum: 59EF4707

+ Scan result:

C:\0xf9.exe -> TrojanDownloader.Apher : Cleaned with backup
C:\all.exe -> TrojanDownloader.Delf.ia : Cleaned with backup
:mozilla.12:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.13:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.14:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.15:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.16:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.26:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.27:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.28:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.29:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.30:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.31:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.32:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.33:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.34:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.35:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.36:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.37:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup
:mozilla.42:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.67:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.68:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.69:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.70:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.71:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.72:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.73:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.74:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.75:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.76:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.77:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.78:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.79:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.80:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.81:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.82:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.83:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.84:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.85:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.86:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.87:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.92:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.93:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.96:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.97:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.98:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.101:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.112:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.113:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.114:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.115:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.117:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.121:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.122:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.127:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.128:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
:mozilla.129:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.130:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.131:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.132:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.133:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.134:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.135:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.136:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.137:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.138:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.139:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.140:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.141:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.142:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.143:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.144:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.145:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.146:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.147:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.148:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.149:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.151:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.152:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.153:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.154:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.178:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.181:C:\Documents and Settings\George\Application Data\Mozilla\Profiles\default\izxju9wr.slt\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\George\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\BlackBox.class-7fe6e43c-18acc7a9.class -> Trojan.Java.ClassLoader.f : Cleaned with backup
C:\Documents and Settings\George\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-649054b4-505001fa.class -> Trojan.ClassLoader.Dummy.d : Cleaned with backup
C:\Documents and Settings\George\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Gummy.class-2b2ef6f1-62d95a9c.class -> Trojan.Java.Femad : Cleaned with backup
C:\Documents and Settings\George\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-57911cca-50f8e661.class -> Trojan.Byteverify : Cleaned with backup
C:\Documents and Settings\George\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-58757bc4-7ef98a11.class -> Trojan.Java.Femad : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@abetterinternet[2].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@ad.adition[1].txt -> Spyware.Cookie.Adition : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@cz11.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@cz3.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@cz4.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@cz7.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@cz8.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@cz9.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@vip.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@www.burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\George\Cookies\george@www.myaffiliateprogram[1].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\A5BSTCFA\ass[2].html -> Not-A-Virus.Exploit.HTML.Mht : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\A5BSTCFA\new[1].exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\BBXJJ9GS\abiuninst[1].exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\BBXJJ9GS\sex[1].ani -> Not-A-Virus.Exploit.MS05-002 : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\BBXJJ9GS\sex[2].ani -> Not-A-Virus.Exploit.MS05-002 : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\BBXJJ9GS\xpehbamnow[1].exe -> TrojanDownloader.Apher : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\D40ZLH89\sex[1].ani -> Not-A-Virus.Exploit.MS05-002 : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\JREOXD0Y\tl7000[1].dll -> TrojanProxy.Sobit.d : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\KF3FE01D\sex[1].ani -> Not-A-Virus.Exploit.MS05-002 : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\KLEBKLUB\xxxmovies[1].cab/99930078.exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\Q17CLKZE\all[1].exe -> TrojanDownloader.Delf.ia : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\Q17CLKZE\lll[1].exe -> Dialer.Generic : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\Q17CLKZE\sex[1].ani -> Not-A-Virus.Exploit.MS05-002 : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\Q17CLKZE\thnall4c[1].exe -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\SRF36C9H\index[4].htm -> Not-A-Virus.Exploit.VBS.Phel.a : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\SRF36C9H\sex[1].ani -> Not-A-Virus.Exploit.MS05-002 : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\SRF36C9H\sex[2].ani -> Not-A-Virus.Exploit.MS05-002 : Cleaned with backup
C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\SRF36C9H\web[2].htm -> TrojanDownloader.VBS.Psyme.ap : Cleaned with backup
C:\WINNT\14707.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\15758.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\24471.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\29878.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\34141.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\40878.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\46417.exe -> Dialer.Generic : Cleaned with backup
C:\WINNT\47917.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\59927.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\67660.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\72489.exe -> Dialer.Generic : Cleaned with backup
C:\WINNT\80029.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\86950.exe -> Dialer.Generic : Cleaned with backup
C:\WINNT\91007.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\dsr.dll -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\dsr.exe -> Trojan.Imiserv.c : Cleaned with backup
C:\WINNT\yahoo22.exe -> Spyware.Hijacker.Generic : Cleaned with backup

::Report End

purpleheadedd

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

4 posts
since Aug 2005

Permalink

Aug 16th, 2005

Re: Need Help Stumped

Hi,
Log looks clean

I am glad that we could help you! If you dont experience any problems, please post back, so that i could mark this thread as "Solved" !

swatkat

Reputation Points: 25

Solved Threads: 51

Practically a Master Poster

Offline

642 posts
since Jul 2005

Permalink

Aug 17th, 2005

Re: Need Help Stumped

Problem Solved go ahead and mark it.

purpleheadedd

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

4 posts
since Aug 2005

This thread is solved

Either the thread starter or a moderator has marked this thread as solved. You can most likely trust the responses and answers given. There is most likely no reason for any further responses to be posted here. If you have a related question, please start a new thread in this forum instead.

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: please review my HJT log and advise on hacktool.rootkit

Next Thread in Viruses, Spyware and other Nasties Forum Timeline: spyware nasty

DaniWeb Message

Cancel Changes

User Name
Password