0

Recents escapades with "Red circles", followed by relentless attacks of unwanted "items" (one session with AdAware revealed 82 extras !!), like recent encounter with Alexa, found by AdAware (gave me some chills, reading description) and EzuLa, found by Spyware hunter 2.0, but not (I think) HijackThis and AdAware (logs posted below), made me much more serious about computer protection.

I downloaded all Critical Updates, but now I just don't know what other tools to download and use, just too many of them, having multiple tools makes me wonder about possible conflicts between them, therefore I'm kindly asking this community for advice on a perfect essential pack of those free real-time detection and removal tools:

- Win98SE OS, AP - laptop WLAN connection, ADSL. I have Norton AV 5.02.04 installed and AdAware 1.06 free version without AdWatch. Please give me some hints:

- Personal firewall ?
- Anti-spyware ?
- Anti-malware ?
- Did I forget something, like NAV5.0 no good and should I get something else ?

Recent posts:

Log Contents provided by Enigma Software Group, Inc.
###########################Runnning Processes DATA###########################
processName = C:\WINDOWS\SYSTEM\KERNEL32.DLL File Size = 55296 File Path = C:\WINDOWS\SYSTEM\USER32.DLL ModuleMD5 = a35c00929e92697fc943116f14cfe2c2
processName = C:\WINDOWS\SYSTEM\MSGSRV32.EXE File Size = 45056 File Path = C:\WINDOWS\SYSTEM\CFGMGR32.DLL ModuleMD5 = 570017a206d3bec656e2f275120e534e
processName = C:\WINDOWS\SYSTEM\MPREXE.EXE File Size = 81920 File Path = C:\WINDOWS\SYSTEM\MSNP32.DLL ModuleMD5 = 9dc8ac67ca154703a2561e24540e30f5
processName = C:\WINDOWS\SYSTEM\MMTASK.TSK File Size = 471040 File Path = C:\WINDOWS\SYSTEM\KERNEL32.DLL ModuleMD5 = 375b0813980ae17dcc689e913ab9dd7b
processName = C:\WINDOWS\SYSTEM\MSTASK.EXE File Size = 6416 File Path = C:\WINDOWS\SYSTEM\MSIDLE.DLL ModuleMD5 = 26bd5df330fc606c534a8151d7f3af95
processName = C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE File Size = 471040 File Path = C:\WINDOWS\SYSTEM\KERNEL32.DLL ModuleMD5 = 375b0813980ae17dcc689e913ab9dd7b
processName = C:\WINDOWS\EXPLORER.EXE File Size = 98304 File Path = C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\MSCORLD.DLL ModuleMD5 = 05a716610d8a3cf709d790ffbe802b35
processName = C:\WINDOWS\TASKMON.EXE File Size = 28672 File Path = C:\WINDOWS\TASKMON.EXE ModuleMD5 = f795110611101279aa15997801abaca0
processName = C:\WINDOWS\SYSTEM\SYSTRAY.EXE File Size = 147456 File Path = C:\WINDOWS\SYSTEM\USBUI.DLL ModuleMD5 = 48bb1f700db4f6e3aa93badca18ecf5c
processName = C:\WINDOWS\SYSTEM\IRMON.EXE File Size = 135168 File Path = C:\WINDOWS\SYSTEM\IRMON.EXE ModuleMD5 = 06607bd392a972f46a26b323edd733d3
processName = C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKL.EXE File Size = 43520 File Path = C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKL.EXE ModuleMD5 = 33355993e43ca867c9ca2b3be9238805
processName = C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKT.EXE File Size = 47616 File Path = C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKT.EXE ModuleMD5 = 93fc0fcecd1975233ecf6a1c4296ce8c
processName = C:\WINDOWS\SYSTEM\ATICWD32.EXE File Size = 36864 File Path = C:\WINDOWS\SYSTEM\ATIMPPIF.DLL ModuleMD5 = 0a12c7b36cda33a8c14066f0a2a4bed4
processName = C:\WINDOWS\SYSTEM\ATITASK.EXE File Size = 14336 File Path = C:\WINDOWS\SYSTEM\ATITADEF.RSC ModuleMD5 = 1c994c2b11e4fd4756013736311c2a47
processName = C:\WINDOWS\SYSTEM\FPDISP3A.EXE File Size = 210944 File Path = C:\WINDOWS\SYSTEM\FPDISP3A.EXE ModuleMD5 = 1bc7046133e0a8aa9f151302053131be
processName = C:\WINDOWS\SYSTEM\SPOOL32.EXE File Size = 36864 File Path = C:\WINDOWS\SYSTEM\MSPP32.DLL ModuleMD5 = 3e4a377d4fd175ddde49c04fd812d2ed
processName = C:\PROGRAM FILES\ONSPEC\USB DISK\FLASHKSK.EXE File Size = 245760 File Path = C:\PROGRAM FILES\ONSPEC\USB DISK\FLASHKSK.EXE ModuleMD5 = 4a5a77c063122021a3579dc7007c25c1
processName = C:\WINDOWS\SYSTEM\INTERNAT.EXE File Size = 24576 File Path = C:\WINDOWS\SYSTEM\INDICDLL.DLL ModuleMD5 = 2e3dfedcf410f0878b7453bc884d3d3f
processName = C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE File Size = 1930240 File Path = C:\WINDOWS\SYSTEM\MSI.DLL ModuleMD5 = 065235089c3cadee6e77c42ccd87250d
processName = C:\WINDOWS\SYSTEM\USBMONIT.EXE File Size = 32768 File Path = C:\WINDOWS\SYSTEM\USBMONIT.EXE ModuleMD5 = 90abf4b2628aaed2cee93297446a6223
processName = C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\DISTILLR\ACROTRAY.EXE File Size = 43520 File Path = C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\DISTILLR\ACROTRAY.EXE ModuleMD5 = fd5cc2461987ba223501c3ec60fbfd2e
processName = C:\PCSYNC\QDCTRAY.EXE File Size = 28672 File Path = C:\PCSYNC\QDCTRAY.EXE ModuleMD5 = 0e4b535454828aa2c0da7a5495c341ac
processName = C:\PROGRAM FILES\PSION\PSIWIN\PSCONSV.EXE File Size = 204800 File Path = C:\PROGRAM FILES\PSION\PSIWIN\PRC32CLI.DLL ModuleMD5 = 5f45b16e497b5b70d510cc9b1479c930
processName = C:\WINDOWS\SYSTEM\DDHELP.EXE File Size = 43520 File Path = C:\WINDOWS\SYSTEM\ATIVPE32.DLL ModuleMD5 = 4f81da00ed9f021e975fbac3f4f61c93
processName = C:\WINDOWS\SYSTEM\WMIEXE.EXE File Size = 16384 File Path = C:\WINDOWS\SYSTEM\WMIEXE.EXE ModuleMD5 = 3dfe9ca6728c02ccd8309dc66b1dfeb1
processName = C:\PROGRAM FILES\PSION\PSIWIN\ELOGERR.EXE File Size = 105984 File Path = C:\PROGRAM FILES\PSION\PSIWIN\PRC32RES.DLL ModuleMD5 = 2341c2c903f2d6ec96e4f822c6de42c2
processName = C:\PROGRAM FILES\NETGEAR\WG511V2\WLANCFG5.EXE File Size = 17920 File Path = C:\WINDOWS\SYSTEM\MSADP32.ACM ModuleMD5 = 97b27a41f9a3ff5de278089f6348529e
processName = C:\PROGRAM FILES\CLICKTOCONVERT\C2CMONITOR.EXE File Size = 1339392 File Path = C:\WINDOWS\SYSTEM\SHDOCVW.DLL ModuleMD5 = a79348b75da190ec91e2ba5ccf5c25be
processName = C:\PROGRAM FILES\SIOL\ADSL\APP\ENTERNET.EXE File Size = 217088 File Path = C:\WINDOWS\SYSTEM\RASAPI32.DLL ModuleMD5 = 42d0948af31f83263291d2c086334793
processName = C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE File Size = 45568 File Path = C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKH.DLL ModuleMD5 = 2775f21110eaf050c4221e84f9534ab1
processName = C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\SPYHUNTER.EXE File Size = 49152 File Path = C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\ESGI_MD5H.DLL ModuleMD5 = 825ef6e7a427885e9d0f1e994c92dc4f
###########################REGISTRY MD5 DATA###########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
Name=ScanRegistry Data=C:\WINDOWS\scanregw.exe /autorun FileSize = 86016 MD5=f123231689e2ab2fa5c636b99314501f
Name=TaskMonitor Data=C:\WINDOWS\taskmon.exe FileSize = 28672 MD5=f795110611101279aa15997801abaca0
Name=SystemTray Data=SysTray.Exe FileSize = 32768 MD5=
Name=IrMon Data=IrMon.exe FileSize = 135168 MD5=
Name=Compaq PK Daemon Data=C:\Program Files\COMPAQ\Programmable Keys 95\CPQKL.EXE FileSize = 43520 MD5=33355993e43ca867c9ca2b3be9238805
Name=Compaq PK Tray Notification Data=C:\Program Files\COMPAQ\Programmable Keys 95\cpqkt.exe FileSize = 47616 MD5=93fc0fcecd1975233ecf6a1c4296ce8c
Name=SynTPLpr Data=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe FileSize = 81920 MD5=d340029a57770a09300892fdece58bc6
Name=SynTPEnh Data=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe FileSize = 180736 MD5=913d160836bccee77e32a0db8ca1b201
Name=AtiCwd32 Data=Aticwd32.exe FileSize = 20992 MD5=
Name=AtiKey Data=Atitask.exe FileSize = 190976 MD5=
Name=FinePrint Dispatcher Data=C:\WINDOWS\SYSTEM\fpdisp3a.exe FileSize = 210944 MD5=1bc7046133e0a8aa9f151302053131be
Name=USB Disk Data=C:\PROGRA~1\ONSPEC\USBDIS~1\FLashKsk.exe FileSize = 245760 MD5=4a5a77c063122021a3579dc7007c25c1
Name=Necutray Data=LEXAREJ0.EXE FileSize = 69699 MD5=
Name=internat.exe Data=internat.exe FileSize = 28672 MD5=
Name=LoadPowerProfile Data=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme FileSize = MD5=
Name=Norton Auto-Protect Data=C:\PROGRA~1\NORTON~3\NAVAPW32.EXE /LOADQUIET FileSize = 42496 MD5=96514acdc0249a071ca6dbb804fb3e37
Name=Gene USB Monitor Data=C:\WINDOWS\SYSTEM\USBMonit.exe FileSize = 32768 MD5=90abf4b2628aaed2cee93297446a6223
Name=CriticalUpdate Data=C:\WINDOWS\SYSTEM\wucrtupd.exe -startup FileSize = 131072 MD5=047d008c28818ff85cd77daede62bc3e
Name=SpyHunter Data=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
FileSize = 2469888 MD5=b0966fa7fbc70d83e6bdbf7257247bff
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEEX>
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
<HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN>
<HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE>
#############################FILE MD5 DATA#############################
<C:\WINDOWS\Start Menu\Programs\StartUp>
File Path = C:\WINDOWS\Start Menu\Programs\StartUp\Microsoft Find Fast.lnk File Size = 0 md5=8384b0a602a02ba02a8ee8d9f2edade8
File Path = C:\WINDOWS\Start Menu\Programs\StartUp\Acrobat Assistant.lnk File Size = 0 md5=1cd82aaa4f4a73237fd3cbfad75043e2
File Path = C:\WINDOWS\Start Menu\Programs\StartUp\PC sync Quick Data Copy.lnk File Size = 0 md5=d4974a4aa874ea836c33f22f12adda56
File Path = C:\WINDOWS\Start Menu\Programs\StartUp\PsiWin 2.3 Connection Server.lnk File Size = 0 md5=730b942c38ae2fcd1e66964e0bc6afa8
File Path = C:\WINDOWS\Start Menu\Programs\StartUp\NETGEAR WG511v2 Wireless Assistant.lnk File Size = 0 md5=02fb61f6e6ac3a1d3205016fdf5f93a5
File Path = C:\WINDOWS\Start Menu\Programs\StartUp\C2CMonitor.lnk File Size = 0 md5=5f75b2820c45015c58bfed4cc328735f
##########################BROWSER ADD-ON DATA##########################
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar>
CLSID = {8E718888-423F-11D2-876E-00A0C9082467} FilePath = C:\WINDOWS\SYSTEM\MSDXM.OCX File Size = 1676800 File MD5 = d3d8b0684ed7a88ffce4956880907827 Description = 0
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {4D5C8C25-D075-11d0-B416-00C04FB90376} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1339392 File MD5 = a79348b75da190ec91e2ba5ccf5c25be
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars>
CLSID = {EFA24E64-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1339392 File MD5 = a79348b75da190ec91e2ba5ccf5c25be
CLSID = {EFA24E62-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1339392 File MD5 = a79348b75da190ec91e2ba5ccf5c25be
CLSID = {EFA24E61-B078-11D0-89E4-00C04FC9E26E} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1339392 File MD5 = a79348b75da190ec91e2ba5ccf5c25be
CLSID = {32683183-48a0-441b-a342-7c2a440a9478} FilePath = C:\WINDOWS\SYSTEM\BROWSEUI.DLL File Size = 1017856 File MD5 = 4ccefd261eb9c0481f3eadb60305a07f
<HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects>
CLSID = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} FilePath = C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL File Size = 54248 File MD5 = fc7850324464e4d19a24a03d882b5cc4
<HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions>
CLSID = {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} FilePath = File Size = 0 File MD5 =
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions>
CLSID = CmdMapping FilePath = File Size = 0 File MD5 =
<HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks>
CLSID = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} FilePath = C:\WINDOWS\SYSTEM\SHDOCVW.DLL File Size = 1339392 File MD5 = a79348b75da190ec91e2ba5ccf5c25be Description =
##########################LSP CHAIN DATA##########################
<HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS>
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 Filepath = C:\WINDOWS\SYSTEM\mswsosp.dll File Size = 45056 File MD5 = 2eba36408c384ee019f5057dccaec178
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = a32939baa19bbb961fcf175b67d172e9
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = a32939baa19bbb961fcf175b67d172e9
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 Filepath = C:\WINDOWS\SYSTEM\msafd.dll File Size = 45056 File MD5 = a32939baa19bbb961fcf175b67d172e9
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 Filepath = C:\WINDOWS\SYSTEM\rsvpsp.dll File Size = 40960 File MD5 = 22c581bd17d4422bfd294e7b30524709
Sequence Num = SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 Filepath = C:\WINDOWS\SYSTEM\rsvpsp.dll File Size = 40960 File MD5 = 22c581bd17d4422bfd294e7b30524709
##########################UNINSTALL DATA##########################
<HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL>
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ICW
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InetFind DisplayName = Find... On the Internet
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSJavaVM
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MSTASK
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\OutlookExpress DisplayName = Microsoft Outlook Express 6
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\FrontPageExpress
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Shockwave
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Shockwaveflash DisplayName = Macromedia Flash Player 8
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Chl99
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Corel Uninstaller DisplayName = Corel Uninstaller
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Norton Utilities DisplayName = Norton Utilities 2000 for Windows
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Norton Web Services DisplayName = Norton Web Services
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveAdvisor DisplayName = LiveAdvisor (Symantec Corporation) InstallLocation = C:\Program Files\Common Files\Symantec Shared\LiveAdvisor
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip DisplayName = WinZip
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Compaq User-Programmable Keys DisplayName = Compaq User-Programmable Keys
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey DisplayName = Synaptics TouchPad
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Norton AntiVirus DisplayName = Norton AntiVirus 5.0 for Windows
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ATI Mach64 Display Driver DisplayName = ATI mach64 Display Driver
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ACDSee 32 DisplayName = ACDSee 32
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE40 DisplayName = Microsoft Internet Explorer 6 SP1 and Internet Tools
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE_EXTRA
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Branding
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Paint Shop Pro 6.0 DisplayName = Paint Shop Pro 6.0 (ESD)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Compaq56VLGlobalInternalModem DisplayName = Compaq 56VL Global Internal Modem
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Office8.0 DisplayName = Microsoft Office 97, Professional Edition
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime 3.0 DisplayName = QuickTime 3.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Acrobat 4.0 DisplayName = Adobe Acrobat 4.0 InstallLocation = C:\Program Files\Adobe\Acrobat 4.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HTPE3 DisplayName = HyperTerminal Private Edition v5.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\pcANYWHERE32 DisplayName = pcANYWHERE32
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{1727CD47-A408-11d2-AFAD-00C04F72FB3E} DisplayName = VBA InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{E8814A8F-3B06-11D3-8CD7-00C04F72C04D} DisplayName = Microsoft Visual Studio Service Pack 3 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{BBE93894-6608-11d3-9F6A-006008A88EC8} DisplayName = Microsoft Repository InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{3388E964-4C4F-11D3-9F66-006008A88EC8} DisplayName = Visio 2000 (IE) InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\K12xxComponents DisplayName = Tektronix K12xx Protocol Tester
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WinPcap DisplayName = WinPcap
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\FinePrint DisplayName = FinePrint
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime DisplayName = QuickTime for Windows (16-bit)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\USB Disk 1.00 DisplayName = OnSpec USB Disk
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{A4D7B764-4140-11D4-88EB-0050DA3579C0} DisplayName = Nero - Burning Rom InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\setup DisplayName = setup (Remove only)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\128PATCH
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\expinst
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HTMLHelp
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\fontcore
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ADIELangPack
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEREADME
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdate1.7 DisplayName = LiveUpdate 1.7 (Symantec Corporation) InstallLocation = C:\Program Files\Symantec\LiveUpdate
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DivXNetworks
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Lettra Art DisplayName = Lettra Art 5.0 By Harshal Mahadevia
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\DIVXCodec DisplayName = DivX Codec 3.1alpha release
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SLD CODEC PACK 1.5.3 DisplayName = SLD CODEC PACK 1.5.3
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{B8E89E40-984E-11D3-A0DC-00004CE35A6C} DisplayName = Store'n'Go
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows 98 Service Pack 1 DisplayName = Windows 98 Service Pack 1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting DisplayName = NetMeeting 3.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{99D42EC7-652B-4819-B3E6-6450C815E03F} DisplayName = Odyssey Client InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{B93D24B3-928D-4805-B379-4AA47CB3794E} DisplayName = NETGEAR WG511v2 54 Mbps Wireless PC Card InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B93D24B3-928D-4805-B379-4AA47CB3794E} DisplayName = NETGEAR WG511v2 54 Mbps Wireless PC Card InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ADSL DisplayName = ADSL
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{73006B34-9743-4A39-AC37-38EDFCEB6DCE} DisplayName = Adobe Product/Adobe Studio Update 10/2001
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal DisplayName = Ad-Aware SE Personal
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\AdobeESD DisplayName = Adobe Download Manager 1.2 (Remove Only)
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-A00000000001} DisplayName = Adobe Reader 6.0.1 InstallLocation = C:\Program Files\Adobe\Acrobat 6.0\Reader\
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{47935855-8323-4340-8502-0DEAB47624BB} DisplayName = Dohodnina 2004 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\GENEUIDE DisplayName = USB Storage Driver
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\PsiWin 2.3 DisplayName = PsiWin 2.3
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{E2028666-731E-4AE7-B2CC-0A3FB7000C0A} DisplayName = JumpDrive Pro InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\WMP7 DisplayName = Windows Media Player 7.1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis DisplayName = HijackThis 1.99.1
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Panda ActiveScan DisplayName = Panda ActiveScan
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Click to Convert / PDF Toolbox DisplayName = Click to Convert / PDF Toolbox
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IEData
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\VGX
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\ieupdate DisplayName = Internet Explorer Q891781
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\oeupdate DisplayName = Outlook Express Q837009
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\908519 DisplayName = Windows 98 KB908519 Update
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\896358 DisplayName = Windows 98 KB896358 Update
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\888113 DisplayName = Windows 98 Q888113 Update
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\891711 DisplayName = Windows 98 KB891711 Update
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Q823559 DisplayName = Windows 98 Q823559 Update
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft NetShow Player 2.0
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} DisplayName = Microsoft .NET Framework 1.1 InstallLocation =
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Windows Critical Update Notification DisplayName = Microsoft Windows Critical Update Notification
Subkey Name = Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE5B8E34-973C-4FBE-AC83-99F064009FC7} DisplayName = SpyHunter InstallLocation = C:\Program Files\Enigma Software Group\SpyHunter

_________________________________________________________

Logfile of HijackThis v1.99.1
Scan saved at 22:22:39, on 04.06.2006
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\IRMON.EXE
C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKL.EXE
C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\CPQKT.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\WINDOWS\SYSTEM\FPDISP3A.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\ONSPEC\USB DISK\FLASHKSK.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\WINDOWS\SYSTEM\USBMONIT.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\DISTILLR\ACROTRAY.EXE
C:\PCSYNC\QDCTRAY.EXE
C:\PROGRAM FILES\PSION\PSIWIN\PSCONSV.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETGEAR\WG511V2\WLANCFG5.EXE
C:\PROGRAM FILES\CLICKTOCONVERT\C2CMONITOR.EXE
C:\PROGRAM FILES\PSION\PSIWIN\ELOGERR.EXE
C:\PROGRAM FILES\SIOL\ADSL\APP\ENTERNET.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\BOSTJAN\SOFTWARE\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Encyclopćdia Britannica, Inc.
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [IrMon] IrMon.exe
O4 - HKLM\..\Run: [Compaq PK Daemon] C:\Program Files\COMPAQ\Programmable Keys 95\CPQKL.EXE
O4 - HKLM\..\Run: [Compaq PK Tray Notification] C:\Program Files\COMPAQ\Programmable Keys 95\cpqkt.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher] C:\WINDOWS\SYSTEM\fpdisp3a.exe
O4 - HKLM\..\Run: [USB Disk] C:\PROGRA~1\ONSPEC\USBDIS~1\FLashKsk.exe
O4 - HKLM\..\Run: [Necutray] LEXAREJ0.EXE
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~3\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\SYSTEM\USBMonit.exe
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O4 - Startup: PC sync Quick Data Copy.lnk = C:\PCSYNC\QDCTRAY.EXE
O4 - Startup: PsiWin 2.3 Connection Server.lnk = C:\Program Files\Psion\PsiWin\Psconsv.exe
O4 - Startup: NETGEAR WG511v2 Wireless Assistant.lnk = C:\Program Files\NETGEAR\WG511v2\wlancfg5.exe
O4 - Startup: C2CMonitor.lnk = C:\Program Files\ClickToConvert\C2CMonitor.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37680.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 193.189.160.23,193.189.160.13

_________________________________________________________

Ad-Aware SE Build 1.06r1
Logfile Created on:4. junij 2006 22:47:10
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R110 31.05.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):6 total references
Tracking Cookie(TAC index:3):10 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

04.06.2006 22:47:10 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [KERNEL32.DLL]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293882147
Threads : 4
Priority : High
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft(R) Windows(R) Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright (C) Microsoft Corp. 1991-1999
OriginalFilename : KERNEL32.DLL
#:2 [MSGSRV32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294944187
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft(R) Windows(R) Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright (C) Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE
#:3 [MPREXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294947403
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft(R) Windows(R) Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright (C) Microsoft Corp. 1993-1998
OriginalFilename : MPREXE.EXE
#:4 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294939955
Threads : 1
Priority : Normal
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-1998
OriginalFilename : mmtask.tsk
#:5 [MSTASK.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294845587
Threads : 2
Priority : Normal
FileVersion : 4.71.1972.1
ProductVersion : 4.71.1972.1
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 2000
OriginalFilename : mstask.exe
#:6 [KB891711.EXE]
FilePath : C:\WINDOWS\SYSTEM\KB891711\
ProcessID : 4294849083
Threads : 1
Priority : Normal
FileVersion : 4.10.2223
ProductVersion : 4.10.2222
ProductName : Microsoft(R) Windows(R) Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows KB891711 component
InternalName : KB891711
LegalCopyright : Copyright (C) Microsoft Corp. 1991-2005
OriginalFilename : KB891711.EXE
#:7 [EXPLORER.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294844131
Threads : 18
Priority : Normal
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
ProductName : Microsoft(R) Windows NT(R) Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1997
OriginalFilename : EXPLORER.EXE
#:8 [TASKMON.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294879263
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft(R) Windows(R) Operating System
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
LegalCopyright : Copyright (C) Microsoft Corp. 1998
OriginalFilename : TASKMON.EXE
#:9 [SYSTRAY.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294860307
Threads : 2
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft(R) Windows(R) Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright (C) Microsoft Corp. 1993-1998
OriginalFilename : SYSTRAY.EXE
#:10 [IRMON.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294898303
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft Infrared Support
CompanyName : Microsoft Corporation
FileDescription : Microsoft Infrared Control Panel
InternalName : Infrared
LegalCopyright : © 1998 Microsoft. Portions © Hewlett-Packard
OriginalFilename : irmon.exe
#:11 [CPQKL.EXE]
FilePath : C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\
ProcessID : 4294888675
Threads : 1
Priority : Normal
FileVersion : 1.10.A1
ProductVersion : 1.10.A1
ProductName : Compaq Programmable Keys
CompanyName : Compaq Computer Corporation
FileDescription : Compaq Programmable Keys Daemon Loader App
InternalName : cpqkl
LegalCopyright : Copyright © 1995,1997 Compaq Computer Corporation
OriginalFilename : cpqkl.exe
#:12 [CPQKT.EXE]
FilePath : C:\PROGRAM FILES\COMPAQ\PROGRAMMABLE KEYS 95\
ProcessID : 4294779991
Threads : 1
Priority : Normal
FileVersion : 1.10.D1
ProductVersion : 1.10.D1
ProductName : Compaq Programmable Keys Taskbar Notification
CompanyName : Compaq Computer Corporation
FileDescription : Compaq Programmable Keys Taskbar Notification
InternalName : CPQKT
LegalCopyright : Copyright © 1995,1998 Compaq Computer Corporation
OriginalFilename : cpqkt.exe
Comments : Compaq Programmable Keys Taskbar Notification
#:13 [ATICWD32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294783295
Threads : 2
Priority : Normal
FileVersion : 4.11.2559
ProductVersion : 4.11.2559
ProductName : ATI Technologies Inc.
CompanyName : ATI Technologies Inc.
FileDescription : ATI Common Windows Display Driver Extension
InternalName : ATICWD32
LegalCopyright : Copyright © ATI Technologies Inc., 1998
OriginalFilename : ATICWD32.EXE
#:14 [ATITASK.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294786167
Threads : 1
Priority : Normal
FileVersion : 4.11.2315
ProductVersion : 4.11.2315
ProductName : ATI Technologies, Inc.
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Task Application
InternalName : AtiTask
LegalCopyright : Copyright © ATI Technologies Inc. 1998
OriginalFilename : AtiTask
#:15 [FPDISP3A.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294877231
Threads : 1
Priority : Normal
FileVersion : 3.60
ProductVersion : 3.60
ProductName : FinePrint
CompanyName : Single Track Software
FileDescription : FinePrint
InternalName : fpdisp3
LegalCopyright : Copyright (c) 1995-1999 Single Track Software0
OriginalFilename : fpdisp3.exe
#:16 [SPOOL32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294778591
Threads : 2
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft(R) Windows(R) Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright (C) Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe
#:17 [FLASHKSK.EXE]
FilePath : C:\PROGRAM FILES\ONSPEC\USB DISK\
ProcessID : 4294798091
Threads : 1
Priority : Normal
FileVersion : V1.05
ProductVersion : V1.05
ProductName : FlashKiosk Application
CompanyName : CompuApps, Inc.
FileDescription : FlashKiosk Application for the Flash Toaster
InternalName : FlashKiosk
LegalCopyright : Copyright (C) 2000 CompuApps, Inc
OriginalFilename : FlashKsk.EXE
Comments : FlashKiosk
#:18 [INTERNAT.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294814111
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft(R) Windows(R) Operating System
CompanyName : Microsoft Corporation
FileDescription : Keyboard Language Indicator Applet
InternalName : INTERNAT
LegalCopyright : Copyright (C) Microsoft Corp. 1998
OriginalFilename : INTERNAT.EXE
#:19 [NAVAPW32.EXE]
FilePath : C:\PROGRAM FILES\NORTON ANTIVIRUS\
ProcessID : 4294807331
Threads : 6
Priority : Normal
FileVersion : 5.3.2.50
ProductVersion : 5.3.2.50
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Agent
InternalName : NAVAPW32
LegalCopyright : Copyright (C) Symantec Corporation 1991-1998
OriginalFilename : NAVAPW32.DLL
#:20 [USBMONIT.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294714539
Threads : 1
Priority : Normal
FileVersion : 1, 1, 0, 0
ProductVersion : 1, 1, 0, 0
ProductName : Gene USB Monitor
CompanyName : General
FileDescription : Gene USB Monitor
InternalName : USBMonitor
LegalCopyright : Copyright (C) 2000-2004
OriginalFilename : USBMonit.exe
#:21 [ACROTRAY.EXE]
FilePath : C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\DISTILLR\
ProcessID : 4294765175
Threads : 1
Priority : Normal

#:22 [QDCTRAY.EXE]
FilePath : C:\PCSYNC\
ProcessID : 4294770579
Threads : 1
Priority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 2, 1, 0, 1
ProductName : PC sync for Windows
CompanyName : Yellow Computing Computersysteme GmbH
FileDescription : QDCTray
InternalName : QDCTray
LegalCopyright : Yellow Computing Copyright © 1999
OriginalFilename : QDCTray.exe
#:23 [PSCONSV.EXE]
FilePath : C:\PROGRAM FILES\PSION\PSIWIN\
ProcessID : 4294758923
Threads : 2
Priority : Normal
FileVersion : 1, 0, 0, 131
ProductVersion : 1, 0, 0, 1
ProductName : EPOC Connect.
CompanyName : Symbian Ltd.
FileDescription : Connection Manager Application
InternalName : PSCONSV
LegalCopyright : Copyright (C) Symbian Ltd. 1999
LegalTrademarks : EPOC
OriginalFilename : PSCONSV.EXE
#:24 [WMIEXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294711819
Threads : 3
Priority : Normal
FileVersion : 5.00.1755.1
ProductVersion : 5.00.1755.1
ProductName : Microsoft(R) Windows NT(R) Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1998
OriginalFilename : wmiexe.exe
#:25 [WLANCFG5.EXE]
FilePath : C:\PROGRAM FILES\NETGEAR\WG511V2\
ProcessID : 4294731179
Threads : 5
Priority : Normal
FileVersion : 3, 1, 4, 300
ProductVersion : 1, 0, 0, 1
ProductName : NetgearCUv2 Application
FileDescription : NetgearCUv2 MFC Application
InternalName : NETGEAR WG511v2 Smart Configuration
LegalCopyright : Copyright (C) 2003
OriginalFilename : NetgearCUv2.EXE
#:26 [C2CMONITOR.EXE]
FilePath : C:\PROGRAM FILES\CLICKTOCONVERT\
ProcessID : 4294680675
Threads : 2
Priority : Normal

#:27 [ELOGERR.EXE]
FilePath : C:\PROGRAM FILES\PSION\PSIWIN\
ProcessID : 4294588531
Threads : 2
Priority : Normal
FileVersion : 1, 0, 0, 17
ProductVersion : 1, 0, 0, 1
ProductName : EPOC Connect.
CompanyName : Symbian Ltd.
FileDescription : logerr MFC Application
InternalName : logerr
LegalCopyright : Copyright (C) Symbian Ltd. 1999
LegalTrademarks : EPOC
OriginalFilename : logerr.EXE
#:28 [ENTERNET.EXE]
FilePath : C:\PROGRAM FILES\SIOL\ADSL\APP\
ProcessID : 4294790951
Threads : 1
Priority : Normal

#:29 [DDHELP.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294418311
Threads : 5
Priority : Realtime
FileVersion : 4.09.00.0900
ProductVersion : 4.09.00.0900
ProductName : Microsoft® DirectX for Windows®
CompanyName : Microsoft Corporation
FileDescription : Microsoft DirectX Helper
InternalName : DDHelp.exe
LegalCopyright : Copyright © Microsoft Corp. 1994-2002
OriginalFilename : DDHelp.exe
#:30 [AD-AWARE.EXE]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\
ProcessID : 4294431559
Threads : 2
Priority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@ehg-idg.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:anyuser@ehg-idg.hitbox.com/
Expires : 04.06.2007 22:33:16
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@as-us.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:77
Value : Cookie:anyuser@as-us.falkag.net/
Expires : 04.06.2007 22:37:56
LastSync : Hits:77
UseCount : 0
Hits : 77
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [EMAIL="anyuser@doubleclick"]anyuser@doubleclick[/EMAIL][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:anyuser@doubleclick.net/
Expires : 04.06.2006 22:48:08
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [EMAIL="anyuser@hitbox"]anyuser@hitbox[/EMAIL][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:anyuser@hitbox.com/
Expires : 04.06.2007 22:33:16
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [EMAIL="anyuser@statcounter"]anyuser@statcounter[/EMAIL][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:anyuser@statcounter.com/
Expires : 03.06.2011 13:02:50
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 5
Objects found so far: 11

Deep scanning and examining files (c:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [EMAIL="anyuser@statcounter"]anyuser@statcounter[/EMAIL][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : c:\WINDOWS\Profiles\vagajan\Cookies\anyuser@statcounter[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@as-us.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : c:\WINDOWS\Profiles\vagajan\Cookies\anyuser@as-us.falkag[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [EMAIL="anyuser@doubleclick"]anyuser@doubleclick[/EMAIL][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : c:\WINDOWS\Profiles\vagajan\Cookies\anyuser@doubleclick[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [EMAIL="anyuser@hitbox"]anyuser@hitbox[/EMAIL][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : c:\WINDOWS\Profiles\vagajan\Cookies\anyuser@hitbox[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@ehg-idg.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : c:\WINDOWS\Profiles\vagajan\Cookies\anyuser@ehg-idg.hitbox[1].txt
Disk Scan Result for c:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16
23:09:41 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:22:31.0
Objects scanned:66899
Objects identified:10
Objects ignored:0
New critical objects:10

3
Contributors
3
Replies
4
Views
11 Years
Discussion Span
Last Post by tayspen
0

Please download Spybot Search & Destroy.

Follow all the instructions on this website to run a scan with both of these softwares.

I know you said you have already ran AdAware, but just to be sure, please make sure you have the latest versions here: AdAware.

Please use the above website, and make sure everything is configured right.


Here is my you are clean speech

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

  1. Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.

    You can find instructions on how to enable and reenable system restore here:

    Managing Windows Millenium System Restore

    or

    Windows XP System Restore Guide

    Reenable system restore with instructions from tutorial above

  2. Make your Internet Explorer more secure - This can be done by following these simple instructions:
    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on the Security tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.
      1. Change the Download signed ActiveX controls to Prompt
      2. Change the Download unsigned ActiveX controls to Disable
      3. Change the Initialize and script ActiveX controls not marked as safe to Disable
      4. Change the Installation of desktop items to Prompt
      5. Change the Launching programs and files in an IFRAME to Prompt
      6. Change the Navigate sub-frames across different domains to Prompt
      7. When all these settings have been made, click on the OK button.
      8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
    5. Next press the Apply button and then the OK to exit the Internet Properties page.
  3. Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

    See this link for a listing of some online & their stand-alone antivirus programs:

    Virus, Spyware, and Malware Protection and Removal Resources

  4. Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  5. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

    For a tutorial on Firewalls and a listing of some available ones see the link below:

    Understanding and Using Firewalls

  6. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  7. Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.

    A tutorial on installing & using this product can be found here:

    Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers

  8. Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

    A tutorial on installing & using this product can be found here:

    Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

  9. Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

    A tutorial on installing & using this product can be found here:

    Using SpywareBlaster to protect your computer from Spyware and Malware

  10. Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

here are some additional utilities that will enhance your safety

  • IE/Spyad <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
  • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
  • Google Toolbar <= Get the free google toolbar to help stop pop up windows.
  • Winpatrol <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
    Using Winpatrol to protect your computer from malicious software
0

Sorry for taking so long to reply, I've been away for a week, but today I finally managed to find so time and do my homework according to your instructions. Here's the outcome:

- AdAware checked for latest version, I already have latest build 1.06. I made all necessary changes to settings.

- Spybot Search&Destroy downloaded, installed and run for any bad things, it didn't find anything alarming, except complete Spyware Hunter, which is no good if you have a free version (no removal tool), so I uninstalled later on manually.

- Anti Virus program: I have Norton AV 5.02.04 that is regulary updated, so I don't see the point of installing another AV program, only if you would recommend one that is more efficient than NAV, so that I would uninstall NAV and replace it with another program.

- Firewall: I chose ZoneLabs Zone Alarm - free version, with all default settings untill I learn more.

- Spyware Blaster: downloaded and installed

- I checked for any new Win98 Microsoft updates

- I made some minor changes in IE / Security / Internet settings, they were pretty much already set as they should be

- Downloaded and installed SpyAd for ZonedOut + ZonedOut Utility

- Downloaded and ran a batch file for MVPS Hosts

Till here everything downloaded and installed smoothly, but then...I downloaded the last recommendation, Winpatrol. When I ran installation, I got "Preparing for.." window, but when it finished preparations, it disappeared and then nothing, 5 minutes still nothing, 15 minutes - nothing, but the machine literally stopped to respond. Everything, like navigating Win Explorer, opening folders, mouse pointer movement, it all worked soooooooooooooo sloooooooooooooow. Somehow I managed to reboot (I could read a book meanwhile) and start installation program again. Same story, so I crawled to Internet and Winpatrol website, trying to find some reasoning for this. And then, just out of the blue...here we go, like a snail - Winpatrol installation. It took half an hour to complete !

As I'm typing this (after another reboot following Winpatrol installation), things are a bit better, but the machine is still staggering (even letters that I type in the Reply text box are not exactly up to my speed), so perhaps this Winpatrol is just that bit too much for my aging laptop.

Thanks for everything, I suppose we can close both threads as solved and answered, the "Red circles" and this one as well. If you would like to add some additional advice regarding my homework (Anti Virus recommendation, Winpatrol problems..), you are most welcome :)

Kind regards

Sebastian

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.