|
My Hijack this log
|
|
lost2
Suspended due to non-functional email address
|
2. March 2006 @ 23:37 |
Link to this message
|
Hello I am have followed the steps as wrote to do, however I am still have spy wear on my computer, every time i do a search it deletes the files however when I restart the computer the spy wear is back. I have a little icon in my taskbar in the bottom right-hand side, it is a windows sign, which flashes to a red X, and it also has a bubble, which says
"Your computer is infected possible harmful infection was detected on your pc the system will now download and install the most efficient spy ware removal program to prevent private data loss and your identify theft click here to protect your pc from the biggest spy ware threats"
My hijack this log is below any help would be great thank you in advance
Logfile of HijackThis v1.99.1
Scan saved at 09:06:21, on 03/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\SpyFalcon\SpyFalcon.exe
C:\Program Files\SpyFalcon\SpyFalcon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
D:\hjt\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.co.uk/cd_redirects/wanadoohome R3 - URLSearchHook: (no name) - {6E62342A-8494-AA34-C804-AE98B11DA4CD} - C:\WINDOWS\system32\icehkmf.dll (file missing)
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SpyFalcon] C:\Program Files\SpyFalcon\SpyFalcon.exe /h
O4 - HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/... O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/n... O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123 O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: winbcr32 - winbcr32.dll (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
|
Advertisement
|
|
|
Senior Member
|
3. March 2006 @ 02:32 |
Link to this message
|
Hi, I am working with your log and I'll post you back soon.
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
This message has been edited since posting. Last time this message was edited on 3. March 2006 @ 02:33
|
Senior Member
|
3. March 2006 @ 06:51 |
Link to this message
|
Hi again lost2.
You have a trojan (and also some other malware) in your computer which has disabled your firewall and antivirus (if you had those).
Download one firewall and one antivirus to your desktop but do NOT install those yet because the trojan will disable those too.
These are good (free) firewalls:
ZoneAlarm --> http://www.zonelabs.com Kerio--> http://www.sunbelt-software.com/Kerio.cfm Outpost-> http://www.agnitum.com
These are good (free) antivirus programs:
AVG Antivirus --> http://www.grisoft.com Avast --> http://www.avast.com
Cleaning instructions:
Download smitrem to your desktop. http://noahdfear.geekstogo.com/click%20counter/click.php?id=1 Do NOT run it yet.
Download FixSF.ger to your desktop. http://www.bleepingcomputer.com/files/reg/FixSF.reg Do NOT run it yet.
Update Ewido but do NOT scan yet.
1. Doubleclick smitRem.exe and click Start. Folder named smitrem will apper to your desktop.
2. Doubleclick FixSF.reg file (on your desktop) and answer yes to any questions.
3. Restart your computer to the safe mode (Press F8 button when computer is starting and choose safe mode)
4. Go to the Control Panel -> Add or remove programs -> Search for SpyFalcon and remove it if found
5. It may ask that if you want to restart your computer. DO NOT restart your computer yet.
6.Make your hidden files visible:
->On the Tools menu in Windows Explorer, click Folder Options.
->Click the View tab.
->Under Hidden files and folders, click Show hidden files and folders.
7. Delete these if found:
C:\Program Files\-->SpyFalcon<-- the entire folder
C:\Windows\System32\-->dxmpp.dll<-- file
8.Go to the smitrem folder in your desktop and run RunThis.bat and follow the instructions.
Then, run HijackThis and fix these entries (if found): (Do a system scan only, check entries, close all other windows, press Fix checked)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R3 - URLSearchHook: (no name) - {6E62342A-8494-AA34-C804-AE98B11DA4CD} - C:\WINDOWS\system32\icehkmf.dll (file missing)
O4 - HKLM\..\Run: [SpyFalcon] C:\Program Files\SpyFalcon\SpyFalcon.exe /h
O4 - HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O20 - Winlogon Notify: winbcr32 - winbcr32.dll (file missing)
9. Delete these files if found:
C:\WINDOWS\system32\-->icehkmf.dll<--
C:\Program Files\Common Files\Microsoft Shared\Web Folders\-->ibm00001.exe<--
10. Use the Windows "search" function (make sure that you search from hidden files and folders and from system folders too)
Search for this and delete if found: winbcr32.dll
11. Empty the Recycle Bin
12. Make your hidden files invisible again:
->On the Tools menu in Windows Explorer, click Folder Options.
->Click the View tab.
->Under Hidden files and folders, click Do not show hidden files and folders.
12.Scan yor computer with Ewido and save the log file.
13. Install the firewall that you downloaded earlier.
14. Install the antivirus that you downloaded earlier.
15. Restart your computer normally.
16. Run HijackThis and post its fresh log and Ewido's log to here so we can see if you computer is now clean.
That trojan that you had on your computer also steals information so I suggest that you visit here:
http://www.dslreports.com/faq/10451
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
This message has been edited since posting. Last time this message was edited on 3. March 2006 @ 06:58
|
lost2
Suspended due to non-functional email address
|
3. March 2006 @ 11:08 |
Link to this message
|
thank you so much for your help so far. the little bubble thing has no gone. do you know how i can restart my windows firewall once again thank you so very much
here is my Hijackthis log
Logfile of HijackThis v1.99.1
Scan saved at 21:01:47, on 03/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
D:\hjt\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\64e2437d95199b5524dcb427cff47e97\update\update.exe
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/... O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/n... O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
and Ewido's log
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 20:33:23, 03/03/2006
+ Report-Checksum: AD40A8BB
+ Scan result:
:mozilla.12:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned without backup
:mozilla.14:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.15:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.16:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.20:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.21:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.22:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Falkag : Cleaned without backup
:mozilla.27:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Overture : Cleaned without backup
:mozilla.28:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Overture : Cleaned without backup
:mozilla.46:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.47:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.48:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.49:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.50:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.51:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.52:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.53:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.55:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned without backup
:mozilla.70:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned without backup
:mozilla.71:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned without backup
:mozilla.81:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned without backup
:mozilla.84:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Adviva : Cleaned without backup
:mozilla.94:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.95:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.96:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.104:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.108:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned without backup
:mozilla.125:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned without backup
:mozilla.130:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Com : Cleaned without backup
:mozilla.133:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned without backup
:mozilla.151:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.166:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Spylog : Cleaned without backup
:mozilla.168:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned without backup
:mozilla.177:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned without backup
:mozilla.190:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Yadro : Cleaned without backup
:mozilla.193:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Goclick : Cleaned without backup
:mozilla.194:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lxbl3fon.default\cookies.txt -> TrackingCookie.Onestat : Cleaned without backup
C:\Program Files\SpyFalcon -> Adware.SpyFalcon : Cleaned without backup
::Report End
|
Advertisement
|
|
|
Senior Member
|
4. March 2006 @ 00:04 |
Link to this message
|
You're welcome lost2. Your log is now clean :)
There is no need for you to start the windows firewall because you already have Kerio running. Kerio is many times better than the windows firewall.
Running two program based firewalls usually causes problems. So don't start windows firewall, your computer is safe with Kerio firewall.
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
|
|