Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Thursday 28.11.2024 / 05:02
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > hello can anyone help me please
Show topics
 
Forums
Forums
Hello can anyone help me please
  Jump to:
 
Posted Message
lisa1978
Suspended due to non-functional email address
_ 		25. April 2006 @ 11:20 _ Link to this message    Send private message to this user   
my pc has been running really slow, and for the past few months it keeps restarting on its own, i have tried and tried to sort it but with no luck i have found 2 trogans but its still nowhere as fast as it should be when it restarts i get a microsoft message saying its recovered from a serious error with this message
Virus alert: a virus has been detected on your computer

Thank you for submitting an error report.

Problem description

The error was likely caused by a computer virus that is known by the following names:

* Win32/Apropos.B
* WinNT/Zufyx.A
* Spyware.Apropos.C
* Trojan.Win32.Crypt.t

i have used the online tool they say use which picked up surf acurancy which i have removed from my program lists but it must still be on my pc somewhere, but microsoft cant get rid of it, tried doing it manually with the link on the surf acurancy website but it just reinstalls it,

this is my hijack this log if any help

Logfile of HijackThis v1.99.1
Scan saved at 20:14:40, on 25/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ntl\ntl Netguard\fws.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ntl\ntl Netguard\RPS.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\BBC News alerts\skinkers.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ntl\broadband medic\bin\mpbtn.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ntlworld.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ntlworld.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://bbmedic.ntlworld.com/medic/tour/bbdemo.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\ntl\ntl Netguard\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\ntl\ntl Netguard\FBHR.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [APZdAt] "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cxtpls_loader.exe" /PC=CP.IST2 /SHUN /UNAR="/CTUN" /PC=CP.IST2 /SHUN /UNAR="/CTUN"
O4 - HKLM\..\Run: [ntl Netguard] "C:\Program Files\ntl\ntl Netguard\RPS.exe"
O4 - HKLM\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BBC News alerts] C:\Program Files\BBC News alerts\skinkers.exe
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/en-us/wlscb...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DBFECB3F-B78F-442E-AE46-4952E6F17545} (Bonusprint Image Uploader Version 3.5) - http://webalbum.bonusprint.com/UK/downloads//ImageUploader3.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
[ + quote]
Advertisement
_ 		__
Eskimo1
Junior Member
_ 		25. April 2006 @ 12:01 _ Link to this message    Send private message to this user   
Try freeware virus remover AVG for free, Spybot search and destroy, and ada-ware personal edition, all avaliable on www.download.com. If they are not able to get rid of the virus or atleast quarentine it then the last ditch efforts would be restore the computer to an earlier date, or CRTL + ALT + DEL and check the processes tab. Sometime viruses/spyware run on ur computer and can be picked up by the task manager, end the task then try to quarentine/delete it. If that dosen't work unfortunately you may be looking at a re-install of ur OS.


[ + quote]
Eskimo!
JaPK
Senior Member
_ 		25. April 2006 @ 21:41 _ Link to this message    Send private message to this user   
@lisa1978
Ok, you got a apropos rootkit infection

Cleaning instructions:

Move HijackThis into its own folder C:\HJT

Go to Control Panel -> Add/Remove programs -> Remove Spyware Cleaner
SpywareCleaner can't be trusted, more information -> http://www.spywarewarrior.com/rogue_anti-spyware.htm

Download aproposfix.exe to your desktop -> http://swandog46.geekstogo.com/aproposfix.exe
Do not use this yet.

Download ATF Cleaner by Atribune to your desktop -> http://www.atribune.org/ccount/click.php?id=1
Do NOT run yet.

Run HijackThis, press Do a system scan only and checkmark these entries: (if found)

O4 - HKLM\..\Run: [APZdAt] "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cxtpls_loader.exe" /PC=CP.IST2 /SHUN /UNAR="/CTUN" /PC=CP.IST2 /SHUN /UNAR="/CTUN"
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot

Then close all other windows, (including your browser) and press Fix checked button.

Restart your computer to the safemode -> http://www.pchell.com/support/safemode.shtml

Doubleclick aproposfix.exe and unzip it to your desktop. Open the folder AproposFix from your desktop and run the file RunThis.bat. Follow the instructions.

When it is ready, run ATF Cleaner -> Check select all -> Press Empty selected

Restart your computer normally.

Post a new HijackThis log and the contents of log.txt file (from the AproposFix folder on yuor desktop)

@Eskimo1
Apropos is a rootkit so it needs some special treatment....

[ + quote]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.

This message has been edited since posting. Last time this message was edited on 25. April 2006 @ 21:43
lisa1978
Suspended due to non-functional email address
_ 		26. April 2006 @ 01:19 _ Link to this message    Send private message to this user   
thankyou

heres my new log

Logfile of HijackThis v1.99.1
Scan saved at 10:13:01, on 26/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ntl\ntl Netguard\fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ntl\ntl Netguard\RPS.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\BBC News alerts\skinkers.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ntl\broadband medic\bin\mpbtn.exe
C:\hjt\HijackThis.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ntlworld.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ntlworld.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://bbmedic.ntlworld.com/medic/tour/bbdemo.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\ntl\ntl Netguard\pkR.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\ntl\ntl Netguard\FBHR.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ntl Netguard] "C:\Program Files\ntl\ntl Netguard\RPS.exe"
O4 - HKLM\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BBC News alerts] C:\Program Files\BBC News alerts\skinkers.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/en-us/wlscb...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DBFECB3F-B78F-442E-AE46-4952E6F17545} (Bonusprint Image Uploader Version 3.5) - http://webalbum.bonusprint.com/UK/downloads//ImageUploader3.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

and the log from aproposfix folder

Log of AproposFix v1.1

************

Running from directory:
C:\Documents and Settings\Administrator\Desktop\aproposfix

************



Registry entries found:

[HKEY_LOCAL_MACHINE\Software\L5PitAzFgXpDEiEXUC]

[HKEY_LOCAL_MACHINE\Software\L5PitAzFgXpDEiEXUC\CtxPlus]
"TotalAttempts"=dword:00000001
"URL"="http://dl13.contextplus.net/storage/cpi/2.0.30/CP.IST2/<<tr...
"DownloadAttempts"=dword:00000001
"Content-Length"=dword:00191325
"RunAttempts"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\L5PitAzFgXpDEiEXUC\TH]
@=""


************

No service found!

Removing hidden folder:
No folder found!

Deleting files:


Backing up files:
Done!

Removing registry entries:

REGEDIT4

[-HKEY_CURRENT_USER\Software\L5PitAzFgXpDEiEXUC]
[-HKEY_LOCAL_MACHINE\Software\L5PitAzFgXpDEiEXUC]

Done!

Finished!


thankyou Lisa
[ + quote]
JaPK
Senior Member
_ 		26. April 2006 @ 06:29 _ Link to this message    Send private message to this user   
Ok, did you restart your computer into the safe mode before you ran RunThis.bat from AproposFix folder?
[ + quote]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
lisa1978
Suspended due to non-functional email address
_ 		26. April 2006 @ 06:57 _ Link to this message    Send private message to this user   
yes i did but i couldnt find the spyware cleaner in my add and remove program list
[ + quote]
JaPK
Senior Member
_ 		26. April 2006 @ 07:22 _ Link to this message    Send private message to this user   
Ok, download Blacklight and save it to your desktop http://www.f-secure.com/blacklight/try.shtml

Doubleclick blbeta.exe, accept agreement, click > Scan, then > Next

You'll see a list what have been found. There will appear a log in desktop named fsbl.xxxxxxx.log (xxxxxxx will be random numbers ).

Don't choose Rename if something was found!

Copy and paste this log to your next reply.

And delete this folder -> C:\Program Files\Spyware Cleaner
[ + quote]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.

This message has been edited since posting. Last time this message was edited on 26. April 2006 @ 07:23
lisa1978
Suspended due to non-functional email address
_ 		26. April 2006 @ 10:15 _ Link to this message    Send private message to this user   
04/26/06 19:08:33 [Info]: BlackLight Engine 1.0.35 initialized
04/26/06 19:08:33 [Info]: OS: 5.1 build 2600 (Service Pack 2)
04/26/06 19:08:34 [Note]: 7019 4
04/26/06 19:08:34 [Note]: 7005 0
04/26/06 19:08:38 [Note]: 7006 0
04/26/06 19:08:38 [Note]: 7011 1624
04/26/06 19:08:39 [Note]: 7026 0
04/26/06 19:08:39 [Note]: 7026 0
04/26/06 19:08:40 [Note]: FSRAW library version 1.7.1015
04/26/06 19:10:11 [Note]: 7007 0


Is the spyware cleaner, named something else, like microsoft or Spybot searcha nd destroy cause i cant find anything just called spyware cleaner

thanks
[ + quote]
JaPK
Senior Member
_ 		26. April 2006 @ 19:27 _ Link to this message    Send private message to this user   
No, if the folder exists it should be named Spyware Cleaner.

Make your hidden files visible -> http://www.bleepingcomputer.com/tutorials/tutorial62.html

Go to My Computer
-> C drive
-> Program Files
-> Delete Spyware Cleaner if found
[ + quote]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
lisa1978
Suspended due to non-functional email address
_ 		28. April 2006 @ 11:42 _ Link to this message    Send private message to this user   
hello i just done what you said to do and still no joy in finding spyware cleaner
[ + quote]
JaPK
Senior Member
_ 		28. April 2006 @ 21:35 _ Link to this message    Send private message to this user   
Ok if you can't find it, it is ok.

You could do this:

Download and install Ewido, UPDATE it -> http://www.ewido.net/en/download/

Run scan with Ewido, clean what it finds and post the Ewido log to here.

Which version of Limewire are you using?
[ + quote]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
lisa1978
Suspended due to non-functional email address
_ 		29. April 2006 @ 01:31 _ Link to this message    Send private message to this user   
limewire is 4.8.1 if that helps not sure if thats the version

heres the scan report

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 10:29:16, 29/04/2006
+ Report-Checksum: 6F944A75

+ Scan result:

:mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Adviva : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.226:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.250:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.251:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.252:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.274:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.275:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.287:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.307:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.308:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.309:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.310:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.317:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.319:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.326:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.327:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.328:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.329:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.330:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.331:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.335:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.344:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.346:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.347:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.348:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.354:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.356:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.357:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.381:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.382:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.383:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.384:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.385:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.386:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.405:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.406:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.407:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.408:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.409:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.410:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.411:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.412:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.413:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.414:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.419:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.420:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.421:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.422:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.426:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.430:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.431:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.432:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.438:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.451:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.467:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.493:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.504:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.510:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.532:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.533:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.534:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.539:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.541:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.542:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.552:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.553:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.554:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.555:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.570:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.580:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.582:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.583:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.584:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.585:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.586:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.587:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.588:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.589:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.595:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.606:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.607:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.608:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.613:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\estp8p79.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup


::Report End

thankyou
[ + quote]
Advertisement
_ 		__
 
_
JaPK
Senior Member
_ 		29. April 2006 @ 02:15 _ Link to this message    Send private message to this user   
Ok, Limewire might contain spyware so you should remove it and start using some clean program...

So Go to Control Panel -> Add/Remove programs -> Remove Limewire if found.

Then fix this with HijackThis: (if found)
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

Then delete this folder:
C:\Program Files\LimeWire

More info here -> http://www.spywareinfo.com/articles/p2p

But otherwise you are clean =)
[ + quote]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > hello can anyone help me please
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2024 by AfterDawn Ltd.

  IDG TechNetwork