How to remove IntCodec?(RESOLVED)
-
How to remove IntCodec?(RESOLVED)
Somehow I managed to install this little piece of software it said it was needed for Quicktime and the site looked legit so I said alright. While it was installing ZA keep asking me questions and I said allow to most but the part about changing the homepage and stuff I denied.
Now I've got a stupid little question mark in the system tray that pops up every now and then.
http://img177.imageshack.us/my.php?i...hunter3yw2.png
and I try to remove it with spybot it never deletes the actual folder I've tried to clean it with Ewido it never deletes the folder and it's still there even now
what can I do to remove this I downloaded prevx1 because I searched for it and it said this is the only tool that will remove it completely but I haven't used it yet.
-
I used the smtfrd fix and it seems to have removed it completely.
but I'm going to delete all the restore points and then turn it back on.
anything else I should do?
-
Welcome,
Go here http://www.d-a-l.com/help/showthread.php?t=32403
There is a link there for hijackthis, download and install and copy/paste the log back here.
-
Alright, here's the log.
Logfile of HijackThis v1.99.1
Scan saved at 9:49:29 PM, on 9/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: metaspinner GmbH - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\PROGRA~1\BUYERT~1\IEBUTT~2.DLL
O2 - BHO: metaspinner GmbH - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: amazon Search - C:\Program Files\Buyertools Reminder\Searchamazon.htm
O8 - Extra context menu item: amazon Start Search - C:\Program Files\Buyertools Reminder\Searchamazon.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: eBay - Advanced Search - C:\Program Files\Buyertools Reminder\SearchEbaypower.htm
O8 - Extra context menu item: eBay - Homepage - C:\Program Files\Buyertools Reminder\SearchEbay.htm
O8 - Extra context menu item: eBay - My eBay - C:\Program Files\Buyertools Reminder\SearchEbaymein.htm
O8 - Extra context menu item: eBay Start Search - C:\Program Files\Buyertools Reminder\SearchEbay.htm
O8 - Extra context menu item: Google Search - C:\Program Files\Buyertools Reminder\SearchGoogle.htm
O8 - Extra context menu item: Google Start Search - C:\Program Files\Buyertools Reminder\SearchGoogle.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\common\yinsthelper.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SDEService - Unknown owner - C:\Program Files\Zyl Soft\Shut Down Expert\SDEServ.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
-
HI,
Don't see a thing...
Download and install
Ewido anti-spyware
4.0 (uninstall any previous version first).- Click the Download BUTTON. On the next page click the
Download now BUTTON. - Save and then install (Run) from the save location.
- Open/Run ewido anti-spyware
- Wait a few moments and Ewido should Auto update itself (note date of last
update). If it doesn't update, click the update ICON at top of
screen:
- Click on the Update now LINK at the top of the window
- Click on the Start update button
- Wait for the update to download and install
- This is very important to get the LATEST
updates
- Click on the Status ICON
- Under "Your computers Security"
Click change status on Resident shield to inactive
(ONLY consider activation of that feature once you are
clean)
- Click on the Scanner ICON at the top of the window
- Click on the Settings tab then select Recommended Actions
and choose Quarantine
Close ALL open Windows / Programs / Folders. Please start
Ewido, and run a full scan:
- Click on the default Status ICON and select
the Scan now LINK.
OR
- Click on the Scanner ICON . Select the Scan
TAB.
- Select Complete System Scan. Ewido will now begin to scan your
system.
- If Ewido finds anything it will list them in the Preview WINDOW:
- Make sure that Set all elements to: shows
Quarantine, if not click on the link and choose
Quarantine from the popup menu. - Select Apply all actions at the bottom of the window (and the
items found will be quarantined - and recoverable, if any items are needed
back).
- When the scan has completed, click on the Save Scan Report button
and save the scan to your Desktop where it can be easily found. - Copy and paste the EWIDO scan results into your next
post. - Close Ewido.
Go here BitDefender and run an online scan with BitDefender (you will need to use Internet Explorer for this scan). When the ActiveX Control has loaded, click on "Click here to scan" and grab a coffee.
When BitDefender completes the scan, select the "Detected Problems" tab. Click on "Click here to export scan". Save the file as an HTML to your Desktop. Then click on the saved file and allow it to open with your browser. Go to Edit - Select All then copy/paste that log back here. Post back and let us know what it found (post the log).
Open Hijackthis.
Click the "Open the Misc Tools" section Button.
Click the "Open Uninstall Manager" Button.
Click the "Save list..." Button.
Save it to your desktop. Copy and paste the contents into your reply.
And post a new HJT log also..
-
When you said get a coffee you weren't kidding it took forever for that bitdefender scan to complete.
But anyway here's the ewido log:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 11:16:03 PM 9/12/2006
+ Scan result:
HKU\S-1-5-21-682003330-1303643608-2146954855-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{479FD0CF-5BE9-4C63-8CDA-B6D371C67BD5} -> Adware.Generic : Cleaned with backup (quarantined).
:mozilla.220:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.221:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.216:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.217:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.20:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.60:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.61:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.285:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
:mozilla.62:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.63:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.199:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.282:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.283:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.284:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.312:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.39:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.40:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.41:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.197:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.198:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.48:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.264:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.265:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.266:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.267:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.74:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.113:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.114:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.115:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.116:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.165:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.166:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.167:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.168:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.169:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.19:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.214:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.215:C:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\km647rve.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
::Report end
and here's the bitdefender scan:
BitDefender Online Scanner
Scan report generated at: Wed, Sep 13, 2006 - 01:51:25
Scan path: A:\;C:\;D:\;E:\;F:\;
Statistics
Time
02:30:05
Files
451401
Folders
6646
Boot Sectors
4
Archives
9937
Packed Files
35832
Results
Identified Viruses
1
Infected Files
1
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
1
Engines Info
Virus Definitions
453940
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Crown Ambassador\My Documents\Downloads\Compressed\TextAloud Mp3.rar=>Free Popup Blocker.exe=>(NSIS o)=>lzma_solid_nsis0003
Detected with: Adware.Softomate.P
C:\Documents and Settings\Crown Ambassador\My Documents\Downloads\Compressed\TextAloud Mp3.rar=>Free Popup Blocker.exe=>(NSIS o)=>lzma_solid_nsis0003
Disinfection failed
C:\Documents and Settings\Crown Ambassador\My Documents\Downloads\Compressed\TextAloud Mp3.rar=>Free Popup Blocker.exe=>(NSIS o)=>lzma_solid_nsis0003
Deleted
C:\Documents and Settings\Crown Ambassador\My Documents\Downloads\Compressed\TextAloud Mp3.rar=>Free Popup Blocker.exe=>(NSIS o)
Update failed
D:\WINDOWS\system32\wbem\updprov.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\viewprov.dll
Clean
D:\WINDOWS\system32\wbem\wbemads.dll
Clean
D:\WINDOWS\system32\wbem\wbemads.tlb
Clean
D:\WINDOWS\system32\wbem\wbemcntl.dll
Clean
D:\WINDOWS\system32\wbem\wbemcomn.dll
Clean
D:\WINDOWS\system32\wbem\wbemcons.dll
Clean
D:\WINDOWS\system32\wbem\wbemcons.mfl
Clean
D:\WINDOWS\system32\wbem\wbemcons.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wbemcons.mof
Clean
D:\WINDOWS\system32\wbem\wbemcons.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wbemcore.dll
Clean
D:\WINDOWS\system32\wbem\wbemdisp.dll
Clean
D:\WINDOWS\system32\wbem\wbemdisp.tlb
Clean
D:\WINDOWS\system32\wbem\wbemess.dll
Clean
D:\WINDOWS\system32\wbem\wbemperf.dll
Clean
D:\WINDOWS\system32\wbem\wbemprox.dll
Clean
D:\WINDOWS\system32\wbem\wbemsvc.dll
Clean
D:\WINDOWS\system32\wbem\wbemtest.exe
Clean
D:\WINDOWS\system32\wbem\wbemupgd.dll
Clean
D:\WINDOWS\system32\wbem\whqlprov.mof
Clean
D:\WINDOWS\system32\wbem\winmgmt.exe
Clean
D:\WINDOWS\system32\wbem\winmgmtr.dll
Clean
D:\WINDOWS\system32\wbem\wmi.mfl
Clean
D:\WINDOWS\system32\wbem\wmi.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmi.mof
Clean
D:\WINDOWS\system32\wbem\wmi.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmiadap.exe
Clean
D:\WINDOWS\system32\wbem\wmiapres.dll
Clean
D:\WINDOWS\system32\wbem\wmiaprpl.dll
Clean
D:\WINDOWS\system32\wbem\wmiapsrv.exe
Clean
D:\WINDOWS\system32\wbem\wmic.exe
Clean
D:\WINDOWS\system32\wbem\wmiclimofformat.xsl
Clean
D:\WINDOWS\system32\wbem\wmiclitableformat.xsl
Clean
D:\WINDOWS\system32\wbem\wmiclitableformatnosys.xs l
Clean
D:\WINDOWS\system32\wbem\wmiclivalueformat.xsl
Clean
D:\WINDOWS\system32\wbem\wmicookr.dll
Clean
D:\WINDOWS\system32\wbem\wmidcprv.dll
Clean
D:\WINDOWS\system32\wbem\wmimsg.dll
Clean
D:\WINDOWS\system32\wbem\wmipcima.dll
Clean
D:\WINDOWS\system32\wbem\wmipcima.mfl
Clean
D:\WINDOWS\system32\wbem\wmipcima.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipcima.mof
Clean
D:\WINDOWS\system32\wbem\wmipcima.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipdskq.dll
Clean
D:\WINDOWS\system32\wbem\wmipdskq.mfl
Clean
D:\WINDOWS\system32\wbem\wmipdskq.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipdskq.mof
Clean
D:\WINDOWS\system32\wbem\wmipdskq.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipicmp.dll
Clean
D:\WINDOWS\system32\wbem\wmipicmp.mfl
Clean
D:\WINDOWS\system32\wbem\wmipicmp.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipicmp.mof
Clean
D:\WINDOWS\system32\wbem\wmipicmp.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipiprt.dll
Clean
D:\WINDOWS\system32\wbem\wmipiprt.mfl
Clean
D:\WINDOWS\system32\wbem\wmipiprt.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipiprt.mof
Clean
D:\WINDOWS\system32\wbem\wmipiprt.mof=>(unicode)
Clean
BitDefender Online Scanner
Scan report generated at: Wed, Sep 13, 2006 - 01:51:25
Scan path: A:\;C:\;D:\;E:\;F:\;
Statistics
Time
02:30:05
Files
451401
Folders
6646
Boot Sectors
4
Archives
9937
Packed Files
35832
Results
Identified Viruses
1
Infected Files
1
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
1
Engines Info
Virus Definitions
453940
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Crown Ambassador\My Documents\Downloads\Compressed\TextAloud Mp3.rar=>Free Popup Blocker.exe=>(NSIS o)=>lzma_solid_nsis0003
Detected with: Adware.Softomate.P
C:\Documents and Settings\Crown Ambassador\My Documents\Downloads\Compressed\TextAloud Mp3.rar=>Free Popup Blocker.exe=>(NSIS o)=>lzma_solid_nsis0003
Disinfection failed
C:\Documents and Settings\Crown Ambassador\My Documents\Downloads\Compressed\TextAloud Mp3.rar=>Free Popup Blocker.exe=>(NSIS o)=>lzma_solid_nsis0003
Deleted
C:\Documents and Settings\Crown Ambassador\My Documents\Downloads\Compressed\TextAloud Mp3.rar=>Free Popup Blocker.exe=>(NSIS o)
Update failed
D:\WINDOWS\system32\wbem\updprov.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\viewprov.dll
Clean
D:\WINDOWS\system32\wbem\wbemads.dll
Clean
D:\WINDOWS\system32\wbem\wbemads.tlb
Clean
D:\WINDOWS\system32\wbem\wbemcntl.dll
Clean
D:\WINDOWS\system32\wbem\wbemcomn.dll
Clean
D:\WINDOWS\system32\wbem\wbemcons.dll
Clean
D:\WINDOWS\system32\wbem\wbemcons.mfl
Clean
D:\WINDOWS\system32\wbem\wbemcons.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wbemcons.mof
Clean
D:\WINDOWS\system32\wbem\wbemcons.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wbemcore.dll
Clean
D:\WINDOWS\system32\wbem\wbemdisp.dll
Clean
D:\WINDOWS\system32\wbem\wbemdisp.tlb
Clean
D:\WINDOWS\system32\wbem\wbemess.dll
Clean
D:\WINDOWS\system32\wbem\wbemperf.dll
Clean
D:\WINDOWS\system32\wbem\wbemprox.dll
Clean
D:\WINDOWS\system32\wbem\wbemsvc.dll
Clean
D:\WINDOWS\system32\wbem\wbemtest.exe
Clean
D:\WINDOWS\system32\wbem\wbemupgd.dll
Clean
D:\WINDOWS\system32\wbem\whqlprov.mof
Clean
D:\WINDOWS\system32\wbem\winmgmt.exe
Clean
D:\WINDOWS\system32\wbem\winmgmtr.dll
Clean
D:\WINDOWS\system32\wbem\wmi.mfl
Clean
D:\WINDOWS\system32\wbem\wmi.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmi.mof
Clean
D:\WINDOWS\system32\wbem\wmi.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmiadap.exe
Clean
D:\WINDOWS\system32\wbem\wmiapres.dll
Clean
D:\WINDOWS\system32\wbem\wmiaprpl.dll
Clean
D:\WINDOWS\system32\wbem\wmiapsrv.exe
Clean
D:\WINDOWS\system32\wbem\wmic.exe
Clean
D:\WINDOWS\system32\wbem\wmiclimofformat.xsl
Clean
D:\WINDOWS\system32\wbem\wmiclitableformat.xsl
Clean
D:\WINDOWS\system32\wbem\wmiclitableformatnosys.xs l
Clean
D:\WINDOWS\system32\wbem\wmiclivalueformat.xsl
Clean
D:\WINDOWS\system32\wbem\wmicookr.dll
Clean
D:\WINDOWS\system32\wbem\wmidcprv.dll
Clean
D:\WINDOWS\system32\wbem\wmimsg.dll
Clean
D:\WINDOWS\system32\wbem\wmipcima.dll
Clean
D:\WINDOWS\system32\wbem\wmipcima.mfl
Clean
D:\WINDOWS\system32\wbem\wmipcima.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipcima.mof
Clean
D:\WINDOWS\system32\wbem\wmipcima.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipdskq.dll
Clean
D:\WINDOWS\system32\wbem\wmipdskq.mfl
Clean
D:\WINDOWS\system32\wbem\wmipdskq.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipdskq.mof
Clean
D:\WINDOWS\system32\wbem\wmipdskq.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipicmp.dll
Clean
D:\WINDOWS\system32\wbem\wmipicmp.mfl
Clean
D:\WINDOWS\system32\wbem\wmipicmp.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipicmp.mof
Clean
D:\WINDOWS\system32\wbem\wmipicmp.mof=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipiprt.dll
Clean
D:\WINDOWS\system32\wbem\wmipiprt.mfl
Clean
D:\WINDOWS\system32\wbem\wmipiprt.mfl=>(unicode)
Clean
D:\WINDOWS\system32\wbem\wmipiprt.mof
Clean
D:\WINDOWS\system32\wbem\wmipiprt.mof=>(unicode)
Clean
here's the hijack this list:
µTorrent
Ad-Aware SE Personal
Adobe Photoshop CS
Adobe Reader 7.0.5 Language Support
Adobe Reader 7.0.8
Adobe® Photoshop® Album Starter Edition 3.0
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
Ares 1.9.0
AT&T Labs' Natural Voices - Desktop 1.4
AT&T Self Support Tool
Auction Auto Bidder
Audacity 1.2.4
Avanquest update
AVG Free Edition
BroadJump Client Foundation
Buyertools Reminder
CardRd81
CCHelp
CCleaner (remove only)
CCScore
CivCity
CR2
DeadAIM
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSCT
ESSEMAIL
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTUTOR
ESSvpaht
ESSvpot
ewido anti-spyware 4.0
HijackThis 1.99.1
HLPCCTR
HLPIndex
HLPPDOCK
HLPSFO
Insaniquarium Deluxe 1.0
Internet Download Manager
J2SE Runtime Environment 5.0 Update 6
Kodak EasyShare software
KSU
Macromedia Flash Player 8
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft Reader
Microsoft Rise Of Nations
Microsoft Text-to-Speech Engine 4.0 (English)
Motorola Phone Tools
Mozilla Firefox (1.5.0.6)
MP3 Player Utilities 4.00
MSXML4 Parser
Need for Speed™ Most Wanted
Nero OEM
News Rover
Notifier
NVIDIA Drivers
OfotoXMI
Opera 9.01
OTtBP
OTtBPSDK
PCDLNCH
PeerGuardian 2.0
QuickTime
RapidCheck v0.3
Real Alternative 1.48
Realtek AC'97 Audio
San Andreas Mod Installer
San Andreas Mod Installer
SFR
SFR2
Shareaza version 2.2.1.0
Shut Down Expert 4.89
Spybot - Search & Destroy 1.4
Trojan Remover 6.4.9
TrojanHunter 4.2
TuneUp Utilities 2006
Turbo Lister 2
TVUPlayer 2.2.0
Tweak UI
VCAMCEN
VideoLAN VLC media player 0.8.4a
Virtual Villagers (remove only)
VPRINTOL
Windows Media Format Runtime
Windows Media Player 10
WinRAR archiver
WinWay Resume - Express Edition
Wisdom-soft ScreenHunter 4.0 Free
XP Codec Pack
ZoneAlarm Pro
Last edited by PlatinumMoto; 13-09-2006 at 08:07 AM.
-
why didn't AVG find these?
-
What is your computer doing now?
-
what do you mean what is it doing now? Do you mean am I having any more problems? if yes, then no I don't have that icon in the taskbar and I haven't had any problems.
-
That's what I meant. Everything OK then?
