please help me clean up my computer(RESOLVED)
-
Re: please help me clean up my computer
-
I'm happy for you that your internet connection is back.
Go to add/remove program and remove:
BearShare
Spy-Ad Exterminator 1.02.2---bad program
Viewpoint Media Player
For your information, spysweeper and spywaredoctor are both good programs but running both can cause conflicts/problems and I suggest you remove one of them.
Never mind kaspersky for now do this if you can:
Please download, install, update and scan your system with the free version of Ewido trojan scanner: www.ewido.net/en/download/
1. When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
2. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
3. From the main ewido screen, click on UPDATE in the left menu, then click the Start update button.
4. After the update finishes (the status bar at the bottom will display "Update successful"), click on the Scanner button in the left menu, then click on the Start button. This scan can take quite a while to run.
5. NOTE: During some scans with ewido it is finding cases of false positives.
* You will need to step through the process of cleaning files one-by-one.
* If ewido detects a file you KNOW TO BE LEGITIMATE, select NONE as the action.
* DO NOT select "Perform action on all infections"
* If you are unsure of any entry found SELECT NONE for now.
* When the scan is finished, click the Save report button at the bottom of the screen.
* Save the report to your desktop
6. When the scan finishes, click on "Save Report". This will create a text file. Please then paste the contents of the text file to this thread, along with a new HijackThis log.
Make sure you are set to normal startup. Click Start -> Run -> Type Msconfig -> Press Enter -> make sure Startup is set to Normal.
Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.
-
here is my hijack log:
Logfile of HijackThis v1.99.1
Scan saved at 3
36 AM, on 1/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\Root\csrss.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum Suite\UIWatcher.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\mscompls.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\My Downloads\hijackthis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = local.,
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ZoneLabs] C:\WINDOWS\system32\Root\csrss.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [System service78] C:\WINDOWS\etb\pokapoka78.exe
O4 - HKLM\..\Run: [stratas] lockx.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum Suite\UIWatcher.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr. exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Lookup on CD - c:\AHD4withThesaurus\ahd.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?link...38&clcid=0x409
O17 - HKLM\System\CS2\Services\Tcpip\..\{3BED031E-0DE2-4ECF-8623-7B665271B162}: NameServer = 192.168.0.1
O20 - Winlogon Notify: doceula - C:\WINDOWS\MICROS~1.NET\doceula.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
Last edited by AhhhChu; 08-01-2006 at 12:28 PM.
-
gahhh. i dunno y, but my computers really slow. no, actually jsut the internet connection. like i cant logg onto myspace. i dunno but do you tink tit mite be because i delete yield manager?
-
and also, when i google on my toolbar, it doesnt even work?
-
do you tink i can just restore my computer way way way back. and do all this agen. just so i might be able to have a better internet connection.
-
nvm. for some reason i cant restore it.
-
and this is my scan:
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 3:07:26 AM, 1/8/2006
+ Report-Checksum: CE5FCCA9
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Ignored
HKLM\SOFTWARE\Classes\CLSID\{38D2A281-0444-433C-9ED6-A2851795F32A} -> Spyware.CosmoPopup : Ignored
HKLM\SOFTWARE\Classes\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{5E594162-60A9-487D-84B8-DBDD716CB862} -> Spyware.VirtualBouncer : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{E0D3B292-A0B0-4640-975C-2F882E039F52} -> Spyware.AdDestroyer : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498} -> Spyware.P2PNetworking : Ignored
:mozilla.27:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Ignored
:mozilla.28:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Ignored
:mozilla.29:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Ignored
:mozilla.30:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Ignored
:mozilla.31:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Ignored
:mozilla.47:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.48:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.49:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.50:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.51:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.52:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.53:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.77:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.78:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.79:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.80:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.81:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.82:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.54:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Yieldmanager : Ignored
:mozilla.55:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Yieldmanager : Ignored
:mozilla.60:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.61:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.62:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.63:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.64:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.65:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.66:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.67:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.68:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.69:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.70:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.71:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.72:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.73:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.74:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.75:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.76:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.77:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.78:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.79:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.80:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.81:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.82:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.83:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.84:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.85:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.86:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Advertising : Ignored
:mozilla.94:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Tribalfusion : Ignored
:mozilla.99:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Fastclick : Ignored
:mozilla.100:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Fastclick : Ignored
:mozilla.104:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Webtrendslive : Ignored
:mozilla.105:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Webtrendslive : Ignored
:mozilla.106:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Bfast : Ignored
:mozilla.108:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.109:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.110:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.111:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.112:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.117:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Adserver : Ignored
:mozilla.118:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Adserver : Ignored
:mozilla.119:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Adserver : Ignored
:mozilla.136:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Burstnet : Ignored
:mozilla.137:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Burstnet : Ignored
:mozilla.138:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.139:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.140:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Valueclick : Ignored
:mozilla.141:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Valueclick : Ignored
:mozilla.142:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Com : Ignored
:mozilla.143:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Com : Ignored
:mozilla.150:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Targetnet : Ignored
:mozilla.166:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.167:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.176:C:\Documents and Settings\Simon Chu\Application Data\Netscape\NSB\Profiles\7xjdxf9b.default\cookie s.txt -> Spyware.Cookie.Coremetrics : Ignored
C:\Documents and Settings\Simon Chu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc hive.jar-1f79c4c2-34baca53.zip/BlackBox.class -> Trojan.Java.ClassLoader.z : Ignored
C:\Documents and Settings\Simon Chu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc hive.jar-1f79c4c2-34baca53.zip/Beyond.class -> Downloader.Java.OpenConnection.v : Ignored
C:\Documents and Settings\Simon Chu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc hive.jar-2a9b46ed-6df7a346.zip/BlackBox.class -> Trojan.Java.ClassLoader.z : Ignored
C:\Documents and Settings\Simon Chu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc hive.jar-2a9b46ed-6df7a346.zip/Beyond.class -> Downloader.Java.OpenConnection.v : Ignored
C:\Documents and Settings\Simon Chu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc hive.jar-52a4015b-66da0680.zip/BlackBox.class -> Trojan.Java.ClassLoader.z : Ignored
C:\Documents and Settings\Simon Chu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc hive.jar-52a4015b-66da0680.zip/Beyond.class -> Downloader.Java.OpenConnection.v : Ignored
C:\Documents and Settings\Simon Chu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc hive.jar-6ad1acec-3e72e969.zip/BlackBox.class -> Trojan.Java.ClassLoader.z : Ignored
C:\Documents and Settings\Simon Chu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc hive.jar-6ad1acec-3e72e969.zip/Beyond.class -> Downloader.Java.OpenConnection.v : Ignored
C:\Documents and Settings\Simon Chu\Local Settings\Application Data\Wildtangent\Cdacache\00\00\1B.dat/files\wtvh.dll -> Spyware.WildTangent : Ignored
C:\Program Files\My Downloads\Win-Spy Eval Setup.exe/7.txt -> Logger.WinSpy.j : Ignored
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWFX5_0001_NI53TESTNetInstaller.e xe -> Not-A-Virus.Downloader.Agent.f : Ignored
C:\WINDOWS\Downloaded Program Files\UWFX5_0001_NI53TESTNetInstaller.exe -> Not-A-Virus.Downloader.Agent.f : Ignored
C:\WINDOWS\Downloaded Program Files\UWFX5_0001_NI53VMNetInstaller.exe -> Not-A-Virus.Downloader.Agent.f : Ignored
C:\WINDOWS\system32\NSP.007 -> Not-A-Virus.Monitor.Ardamax.a : Ignored
C:\WINDOWS\system32\P2P Networking -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\P2P Networking\Cache -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\P2P Networking\Cache\Database -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\updatev01.exe -> Adware.Saha : Ignored
C:\WINDOWS\system32\updatev03.exe -> Adware.Saha : Ignored
C:\xz.bat -> Trojan.KillProc.a : Ignored
:mozilla.60:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Simon Chu\Application Data\Mozilla\Firefox\Profiles\onjzv9s6.default\coo kies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
::Report End
-
Re-scan with Ewido and stay with it and remove what it finds. only a few things were removed.
Also
Go here to learn how to show hidden files/folders:
http://www.xtra.co.nz/help/0,,4155-1916458,00.html#5
Download Clean.bat to your desktop(Save page as or Save as): for later use to clean out your TEMPORARY and PREFETCH files.
http://www.thatcomputerguy.us/downloads/clean.bat
Run hijackthis and click on scan button and put checks next to these:
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [stratas] lockx.exe
Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.
Hunt for and delete if present:
C:\Program files\Common files\WinTools < folder
lockx.exe < file
Now run that clean batch file you created earlier, type in 'Y' a couple of times and press enter at the prompts.
Go to Start > Run and type: CLEANMGR.EXE and hit enter.
When prompted select the C: drive and click ok.
Check the boxes for:
Temporary Internet Files
Downloaded Program Files
Recycle Bin
Temporary Files
Click OK or Enter
Reboot normal mode and post a new hijackthis log please.
-
do i remove yield manager as well. cause when i go on myspace. i see at the bottom sayin yield manager.
Full Member
