Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » HijackThis Log(RESOLVED)

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

HijackThis Log(RESOLVED)

Reply
Page 1 of 2 1 2
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #1 (permalink)  
Old 12-10-2006, 03:14 AM
Newbie
D-A-L Newbie
  
Join Date: Oct 2006
Posts: 6
rockyh89 Is a beginner here at D-A-L
HijackThis Log(RESOLVED)
Hi,
I am having trouble with popups of two kinds. In the first, internet explorer windows pop up one after another until it reaches a certain number, and it takes over the screen, about 100 or so. Also, I have a popup that says i have visited certain sites that are harmful, download this etc.
I hope this helps
The following is my Hijack this log
Logfile of HijackThis v1.99.1
Scan saved at 10:04:51 PM, on 11/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\unlocker\UnlockerAssistant.ex e
C:\WINDOWS\System32\svchost.exe
c:\program files\common files\aol\1158533557\ee\aolsoftware.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\ewido anti-malware\oldewido.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 205.196.83.17:80
F2 - REG:system.ini: UserInit=userinit.exe,ngokfit.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\PROGRA~1\COMMON~1\unlocker\UnlockerAssistant.e xe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [keyboard] c:\\kybrdff_18.exe
O4 - HKLM\..\Run: [defender] c:\\dfndrff_e.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1158533557\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.alienware.com
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/Yazzl...cab?refid=1123
O18 - Protocol: bw+0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

Thank you so much in advance.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 12-10-2006, 09:29 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: HijackThis Log
Welcome,



Download AVG anti-spyware from HERE and save that file to your desktop. Different from the AVG you have.

This is a 30 day trial of the program
  1. Once you have downloaded AVG anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
  2. Select "Change state" to inactivate 'Resident Shield' and 'Automatic Updates'. Right click on ewido in the system tray and uncheck "Start with Windows".
  3. Go to Start > Run and type: services.msc
  4. Press "OK".
  5. In Services, click the "Extended tab" and scroll down the list to find AVG anti-spyware 7.5 guard.
  6. When you find the guard service, double-click on it.
  7. In the Properties Window > General Tab that opens, click the "Stop" button.
  8. From the drop-down menu next to "Startup Type", click on "Manual".
  9. Now click "Apply", then "OK" and close the Services window.
  10. Once the setup is complete you will need run AVG anti-spyware and update the definition files.
  11. On the main screen select the icon "Update" then select the "Update now" link.
  12. Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
    If you are having problems with the updater, manually update with the AVG anti-spyware Full database installer from here.
[*]Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.[*]Once in the Settings screen click on "Recommended actions" and then select "Quarantine".[*]Under "Reports"
  • Select "Automatically generate report after every scan"
  • Un-Select "Only if threats were found"
Close AVG anti-spyware Do Not run a scan yet.
Click My Computer, then C:\
In the menu bar, File->New->Folder.
That will create a folder named New Folder, which you can rename to "BFU"

Please download Brute Force Uninstaller to your desktop.
  • Right click the BFU folder on your desktop, and choose Extract All
  • Click "Next"
  • In the box to choose where to extract the files to,
  • Click "Browse"
  • Click on the + sign next to "My Computer"
  • Click on "Local Disk (C or whatever your primary drive is
  • Click "Make New Folder"
  • Type in BFU
  • Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
3. RIGHT-CLICK HERE and choose "Save As" (in IE it's "Save Target As") in order to download Alcra PLUS Remover.
Save it in the same folder you made earlier (c:\BFU).

Do not run the Uninstaller and the Remover yet.

Please reboot into Safemode:
Turn on the computer.
Immediately begin tapping the F8 key.
Use the arrow keys to highlight Safe Mode and press the Enter key.
  • Lauch AVG anti-spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • ewido will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system. Make sure to remember where you save that file.
Now close AVG anti-spyware..

Open My Computer and navigate to the c:\BFU folder. Start the Brute Force Uninstaller by doubleclicking BFU.exe

Behind the scriptline to execute field click the folder icon and select alcanshorty.bfu

Press execute and let it do its job.

Wait for the complete script execution box to pop up and press OK.
Press exit to terminate the BFU program.


Post a new hijackthis log
Post the AVG anti-spyware log

thanks.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Last edited by Neal; 12-10-2006 at 09:31 PM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 13-10-2006, 07:04 PM
Newbie
D-A-L Newbie
  
Join Date: Oct 2006
Posts: 6
rockyh89 Is a beginner here at D-A-L
Re: HijackThis Log
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:12:33 AM 11/12/2006

+ Scan result:



C:\Program Files\VIA\mehow.exe -> Adware.Agent : Ignored.
C:\WINDOWS\aeebmrmb.exe -> Adware.BookedSpace : Ignored.
HKU\S-1-5-21-117609710-823518204-682003330-1003\Software\Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c} -> Adware.Generic : Ignored.
HKU\S-1-5-21-117609710-823518204-682003330-1003_Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c} -> Adware.Generic : Ignored.
C:\WINDOWS\system32ftuninst.exe -> Adware.Linkmaker : Ignored.
C:\WINDOWS\system32\chkdsk.dll -> Adware.PurityScan : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[1].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[2].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[3].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[4].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[5].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[6].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[7].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[8].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[9].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[10].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[11].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[12].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[13].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[14].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[1].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[2].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[3].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[4].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[5].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[6].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[7].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[8].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CD2FGH6V\popup[9].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[1].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[2].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[3].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[4].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[5].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[6].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[7].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[8].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[1].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[2].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[3].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[4].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[5].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[6].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[7].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[8].htm -> Hijacker.Agent.a : Ignored.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[9].htm -> Hijacker.Agent.a : Ignored.
C:\Program Files\Microsoft Office\memeh.html -> Hijacker.Small.jf : Ignored.
C:\Program Files\Microsoft.NET\popokyxov.html -> Hijacker.Small.jf : Ignored.
C:\System Volume Information\_restore{A71C4701-4ECB-4074-8BFC-1927E3958F20}\RP255\A0066530.exe -> Hijacker.VB.ly : Ignored.
:mozilla.50:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.51:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.52:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.53:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.54:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@adbrite[2].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Ignored.
:mozilla.426:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.427:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.428:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.429:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.62:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.63:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.466:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstbeacon : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Ignored.
:mozilla.100:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.467:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstnet : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@burstnet[1].txt -> TrackingCookie.Burstnet : Ignored.
:mozilla.392:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickhype : Ignored.
:mozilla.115:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Ignored.
:mozilla.116:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Ignored.
:mozilla.117:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Ignored.
:mozilla.118:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Ignored.
:mozilla.119:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Ignored.
:mozilla.120:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Ignored.
:mozilla.352:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Ignored.
:mozilla.353:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@c.enhance[2].txt -> TrackingCookie.Enhance : Ignored.
:mozilla.139:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Esomniture : Ignored.
:mozilla.57:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.58:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.59:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Euroclick : Ignored.
:mozilla.77:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Falkag : Ignored.
:mozilla.440:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.441:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.442:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.443:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored.
:mozilla.444:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@www.myaffiliateprogra m[1].txt -> TrackingCookie.Myaffiliateprogram : Ignored.
:mozilla.302:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Revenue : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@banners.searchingboot h[2].txt -> TrackingCookie.Searchingbooth : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@searchingbooth[2].txt -> TrackingCookie.Searchingbooth : Ignored.
:mozilla.309:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.310:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.311:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.312:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.313:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.97:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored.
:mozilla.174:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : Ignored.
:mozilla.175:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : Ignored.
:mozilla.455:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@h.starware[1].txt -> TrackingCookie.Starware : Ignored.
:mozilla.324:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.325:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.326:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.327:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.328:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.329:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.330:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.331:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored.
:mozilla.334:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.335:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.336:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored.
:mozilla.400:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@tacoda[2].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Ignored.
:mozilla.376:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yadro : Ignored.
:mozilla.388:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.389:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.390:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.391:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignored.
C:\Documents and Settings\Keith\Cookies\keith@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignored.
:mozilla.381:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : Ignored.
:mozilla.382:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : Ignored.
:mozilla.383:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : Ignored.
C:\WINDOWS\system32\1024 -> Trojan.Small : Ignored.
C:\WINDOWS\system32\1024\ld5F50.tmp -> Trojan.Small : Ignored.


::Report end

Logfile of HijackThis v1.99.1
Scan saved at 11:48:10 AM, on 11/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 205.196.83.17:80
F2 - REG:system.ini: UserInit=userinit.exe,ngokfit.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\PROGRA~1\COMMON~1\unlocker\UnlockerAssistant.e xe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1158533557\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.alienware.com
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/Yazzl...cab?refid=1123
O18 - Protocol: bw+0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

These are my logs, and again Thank you so much.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 14-10-2006, 12:12 AM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: HijackThis Log
You did not quarantine everyhting AVG found like the instructions said. So plesae re-scan and quarantine all. Thanks.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 17-10-2006, 11:42 AM
Newbie
D-A-L Newbie
  
Join Date: Oct 2006
Posts: 6
rockyh89 Is a beginner here at D-A-L
Re: HijackThis Log
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 6:38:44 AM 11/16/2006

+ Scan result:



C:\Program Files\VIA\mehow.exe -> Adware.Agent : No action taken.
C:\WINDOWS\aeebmrmb.exe -> Adware.BookedSpace : No action taken.
HKU\S-1-5-21-117609710-823518204-682003330-1003\Software\Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c} -> Adware.Generic : No action taken.
HKU\S-1-5-21-117609710-823518204-682003330-1003_Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c} -> Adware.Generic : No action taken.
C:\System Volume Information\_restore{A71C4701-4ECB-4074-8BFC-1927E3958F20}\RP280\A0077626.exe -> Adware.Linkmaker : No action taken.
C:\WINDOWS\system32\chkdsk.dll -> Adware.PurityScan : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[2].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[3].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[4].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[2].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[3].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[4].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[5].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[6].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[7].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[2].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[3].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[4].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[2].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[3].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[4].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[5].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[2].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[3].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[4].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[5].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[2].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[3].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[2].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[2].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[3].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[4].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[5].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[2].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[3].htm -> Hijacker.Agent.a : No action taken.
C:\Program Files\Microsoft Office\memeh.html -> Hijacker.Small.jf : No action taken.
C:\Program Files\Microsoft.NET\popokyxov.html -> Hijacker.Small.jf : No action taken.
C:\System Volume Information\_restore{A71C4701-4ECB-4074-8BFC-1927E3958F20}\RP255\A0066530.exe -> Hijacker.VB.ly : No action taken.
:mozilla.180:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.181:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.341:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.342:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.343:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@adbrite[2].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.79:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.80:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.81:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.82:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.83:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.84:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.216:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstbeacon : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : No action taken.
:mozilla.77:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.78:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.43:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.44:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.45:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.46:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.47:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.48:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@clickbank[1].txt -> TrackingCookie.Clickbank : No action taken.
:mozilla.567:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickhype : No action taken.
:mozilla.389:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.390:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.391:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.392:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.393:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.394:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.540:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.541:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.184:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Com : No action taken.
:mozilla.245:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.246:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.247:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.248:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@adservices6.enhance[1].txt -> TrackingCookie.Enhance : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@c.enhance[1].txt -> TrackingCookie.Enhance : No action taken.
:mozilla.410:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.344:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.356:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.601:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.602:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.603:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.604:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.605:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@www.myaffiliateprogra m[1].txt -> TrackingCookie.Myaffiliateprogram : No action taken.
:mozilla.159:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.160:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Onestat : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.17:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@banners.searchingboot h[2].txt -> TrackingCookie.Searchingbooth : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@searchingbooth[1].txt -> TrackingCookie.Searchingbooth : No action taken.
:mozilla.233:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.234:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.235:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.236:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.237:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.238:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.284:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.285:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.433:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : No action taken.
:mozilla.434:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : No action taken.
:mozilla.616:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@h.starware[1].txt -> TrackingCookie.Starware : No action taken.
:mozilla.197:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.200:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.201:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.202:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.203:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.204:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.205:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.206:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.207:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@statcounter[1].txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.103:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.104:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.56:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.57:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.58:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.59:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@anat.tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@login.tracking101[1].txt -> TrackingCookie.Tracking101 : No action taken.
:mozilla.110:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Trafic : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@web-stat[1].txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.262:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yadro : No action taken.
:mozilla.73:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.74:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.75:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.76:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Keith\Cookies\keith@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.560:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.561:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.562:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : No action taken.
C:\WINDOWS\system32\1024 -> Trojan.Small : No action taken.
C:\WINDOWS\system32\1024\ld5F50.tmp -> Trojan.Small : No action taken.


::Report end


Logfile of HijackThis v1.99.1
Scan saved at 6:39:24 AM, on 11/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\AOL\1158533557\ee\aolsoftware.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
F2 - REG:system.ini: UserInit=userinit.exe,ngokfit.exe
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web

Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web

Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\PROGRA~1\COMMON~1\unlocker\UnlockerAssistant.e xe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1158533557\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.alienware.com
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/Yazzl...cab?refid=1123
O18 - Protocol: bw+0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f

"%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 17-10-2006, 11:22 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: HijackThis Log
It says "no action taken", you must quarantine, instructions explain how to do that from my post. Thanks.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 18-10-2006, 12:04 PM
Newbie
D-A-L Newbie
  
Join Date: Oct 2006
Posts: 6
rockyh89 Is a beginner here at D-A-L
Re: HijackThis Log
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:01:09 AM 11/17/2006

+ Scan result:



C:\Program Files\VIA\mehow.exe -> Adware.Agent : Cleaned with backup (quarantined).
C:\WINDOWS\aeebmrmb.exe -> Adware.BookedSpace : Cleaned with backup (quarantined).
HKU\S-1-5-21-117609710-823518204-682003330-1003\Software\Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-117609710-823518204-682003330-1003_Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c} -> Adware.Generic : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{A71C4701-4ECB-4074-8BFC-1927E3958F20}\RP280\A0077626.exe -> Adware.Linkmaker : Cleaned with backup (quarantined).
C:\WINDOWS\system32\chkdsk.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[5].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[6].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[7].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[5].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[5].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[5].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[5].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[6].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[7].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Program Files\Microsoft Office\memeh.html -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\Program Files\Microsoft.NET\popokyxov.html -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{A71C4701-4ECB-4074-8BFC-1927E3958F20}\RP255\A0066530.exe -> Hijacker.VB.ly : Cleaned with backup (quarantined).
:mozilla.170:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.171:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.331:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.332:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.333:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.78:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.79:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.80:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.81:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.82:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.83:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.206:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.76:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.77:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.47:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.48:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.49:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.50:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.51:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.557:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.379:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.380:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.381:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.382:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.383:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.384:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.530:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.531:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.174:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.235:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.236:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.237:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.238:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@adservices6.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@c.enhance[2].txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.400:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.334:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.346:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.591:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.592:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.593:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.594:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.595:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@server.lon.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@www.myaffiliateprogra m[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.152:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.153:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.32:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@banners.searchingboot h[2].txt -> TrackingCookie.Searchingbooth : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@searchingbooth[2].txt -> TrackingCookie.Searchingbooth : Cleaned.
:mozilla.223:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.224:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.225:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.226:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.227:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.228:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.274:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.275:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.423:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.424:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.606:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@h.starware[1].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.187:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.190:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.191:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.192:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.193:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.194:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.195:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.196:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.197:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.19:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.20:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.21:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.22:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.25:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.27:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.105:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Trafic : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.252:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.72:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.73:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.74:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.75:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.550:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.551:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.552:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ld5F50.tmp -> Trojan.Small : Cleaned with backup (quarantined).


::Report end---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:01:09 AM 11/17/2006

+ Scan result:



C:\Program Files\VIA\mehow.exe -> Adware.Agent : Cleaned with backup (quarantined).
C:\WINDOWS\aeebmrmb.exe -> Adware.BookedSpace : Cleaned with backup (quarantined).
HKU\S-1-5-21-117609710-823518204-682003330-1003\Software\Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-117609710-823518204-682003330-1003_Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c} -> Adware.Generic : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{A71C4701-4ECB-4074-8BFC-1927E3958F20}\RP280\A0077626.exe -> Adware.Linkmaker : Cleaned with backup (quarantined).
C:\WINDOWS\system32\chkdsk.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\412B0TQB\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[5].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[6].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\6LW3UT65\popup[7].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\852VOP2R\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\85Y3G1E7\popup[5].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\87NFI0X9\popup[5].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8T6RW16F\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\8XYZCD2F\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CDQ3G5IV\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\CLQR4L67\popup[5].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\SHUJK9MZ\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[2].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[3].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[4].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[5].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[6].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\UZIJQD6N\popup[7].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Program Files\Microsoft Office\memeh.html -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\Program Files\Microsoft.NET\popokyxov.html -> Hijacker.Small.jf : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{A71C4701-4ECB-4074-8BFC-1927E3958F20}\RP255\A0066530.exe -> Hijacker.VB.ly : Cleaned with backup (quarantined).
:mozilla.170:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.171:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.331:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.332:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.333:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.78:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.79:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.80:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.81:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.82:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.83:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.206:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.76:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.77:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.47:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.48:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.49:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.50:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.51:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.557:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.379:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.380:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.381:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.382:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.383:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.384:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.530:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.531:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.174:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.235:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.236:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.237:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.238:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@adservices6.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@c.enhance[2].txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.400:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.334:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.346:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.591:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.592:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.593:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.594:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.595:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@server.lon.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@www.myaffiliateprogra m[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
:mozilla.152:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.153:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.32:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@banners.searchingboot h[2].txt -> TrackingCookie.Searchingbooth : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@searchingbooth[2].txt -> TrackingCookie.Searchingbooth : Cleaned.
:mozilla.223:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.224:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.225:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.226:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.227:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.228:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.274:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.275:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.423:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.424:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : Cleaned.
:mozilla.606:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@h.starware[1].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.187:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.190:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.191:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.192:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.193:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.194:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.195:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.196:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.197:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.19:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.20:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.21:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.22:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.25:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.27:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.105:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Trafic : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.252:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.72:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.73:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.74:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.75:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Keith\Cookies\keith@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.550:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.551:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.552:C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\1nepp4ay.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024\ld5F50.tmp -> Trojan.Small : Cleaned with backup (quarantined).


::Report end

Logfile of HijackThis v1.99.1
Scan saved at 7:02:01 AM, on 11/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\AOL\1158533557\ee\aolsoftware.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
F2 - REG:system.ini: UserInit=userinit.exe,ngokfit.exe
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\PROGRA~1\COMMON~1\unlocker\UnlockerAssistant.e xe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1158533557\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.alienware.com
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/Yazzl...cab?refid=1123
O18 - Protocol: bw+0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 19-10-2006, 12:46 AM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: HijackThis Log
Excellent, thanks for that.


Looks like you have Ewido and AVG anti-spyware and they are basically the same except AVG is a little better then Ewido. We need to disable them temporarily for the hijackthis fixes below.



Please disable AVG Anti-Spyware temporarily.

1. Open AVG Anti-Spyware and click on Shield.
2. Make sure the "Resident Shield is.." option is Inactive
3. Close the tool - You can re-enable it after your computer is clean


ewido

1. Open ewido by double-clicking the yellow 'e' icon in the system tray.
2. In the 'Your security status' section, toggle the ewido Guard realtime protection 'off' by clicking 'active' which will then change the protection status to 'inactive'.
3. When you reboot, ewido will prompt you as to whether you would like to "Restart the guard?".
4. Reply 'no' and set it to 'inactive' for the duration of your cleanup.


Run hijackthis and click on scan button and put checks next to these:


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com-Did you set this yourself as start page? If not fix it.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
F2 - REG:system.ini: UserInit=userinit.exe,ngokfit.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.alienware.com-Same as above

O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/Yazz....cab?refid=1123


Nothing open but hijackthis and click on fix checked


Come back and post a new hijackthis log and tell me how your computer is behaving now. Thanks.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Last edited by Neal; 19-10-2006 at 12:49 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 19-10-2006, 02:49 AM
Newbie
D-A-L Newbie
  
Join Date: Oct 2006
Posts: 6
rockyh89 Is a beginner here at D-A-L
Re: HijackThis Log
K

Logfile of HijackThis v1.99.1
Scan saved at 9:46:36 PM, on 11/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\AOL\1158533557\ee\aolsoftware.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HJT\HijackThis.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.alienware.com
O18 - Protocol: bw+0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {69DEEC5E-DC98-4486-8989-78D38D97F286} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 19-10-2006, 03:13 AM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: HijackThis Log
How is your computer behaving now?
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hijackthis log(RESOLVED) Kizzmit5 Spyware, Adware, Viruses and HijackThis Logs 25 30-01-2006 11:06 PM
HijackThis Log(RESOLVED) jjde86 Spyware, Adware, Viruses and HijackThis Logs 9 20-12-2005 10:45 AM
HijackThis log (Resolved) wph Spyware, Adware, Viruses and HijackThis Logs 10 05-11-2004 10:28 PM
HijackThis Log (Resolved) fr_jack Spyware, Adware, Viruses and HijackThis Logs 6 03-09-2004 09:40 PM
Hijackthis.log - Help if you can (Resolved) Malanca Spyware, Adware, Viruses and HijackThis Logs 10 03-08-2004 02:59 PM


All times are GMT +1. The time now is 08:45 PM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav