AtPartners.inf?? Hijack This Log(RESOLVED)
-
AtPartners.inf?? Hijack This Log(RESOLVED)
When I run my Norton Antivirus Scan it says I have a virus called AtPartners.inf but it can't delete it. Hopefully you cats can help me.
Here is my Hijack This Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:15:06 PM, on 12/26/07
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON INTERNET SECURITY\ISSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\DIGSTREAM\DIGSTREAM.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 4\CREATECD\CREATECD.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\ADBLOCKING\NSMDTR.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F1 - win.ini: run=hpfsched
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBARBHO.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [devldr16.exe] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\ADAPTEC\EASYCD~1\CREATECD\CREATECD.EXE -r
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SndSrvc] C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSRVC.EXE
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [ALU Scheduler Service] C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe"
O4 - HKLM\..\RunServices: [ccProxy] C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\.DEFAULT\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User 'Default user')
O4 - .DEFAULT Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (User 'Default user')
O4 - .DEFAULT Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: LimeShop Preferences - file://c:\Program Files\topMoxie\TEMP\limeshop_script.htm�
�
O8 - Extra context menu item: &Viewpoint Search - res://C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL/CXTSEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PROGRA~1\PARTYP~1\IEEXTE~1.DLL
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PROGRA~1\PARTYP~1\IEEXTE~1.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O15 - Trusted Zone: *.corning-cc.edu
O16 - DPF: Yahoo! MLB StatTracker - http://aud8.sports.yahoo.com/java/y/mlbst8250_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/posb_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/game.../y/mjst3_x.cab
O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/game...ts/y/wt0_x.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {A221AC20-294F-11D5-890B-0090278F1040} (ygsm Class) - http://phone.yahoo.com/plugin/ygsmcom7.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/game...ts/y/ct0_x.cab
O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.roings.com/cabs/mmed.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/p...im/install.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
--
End of file - 9539 bytes
And here is the Uninstall List from HiJack This:
Adaptec DirectCD
Adaptec Easy CD Creator 4
Ad-Aware SE Personal
Adobe Acrobat 4.0
Adobe Photoshop 6.0
Adobe SVG Viewer
Adobe Type Manager 4.1
AOL Instant Messenger
Caesar 3
CoralEurobetPoker
Creative PlayCenter
Dell ResourceCD
Digital Camera Suite
Electronic Arts Game Updater
ESPNMotion
EverQuest
EverQuest: Planes of Power
EverQuest: Shadows of Luclin
EverQuest: SOV
Google Toolbar for Internet Explorer
HijackThis 2.0.2
HP DeskJet 830C Series (Remove only)
HyperLoad
IE Host
IntelliMP3 3.03 (remove only)
Internet Explorer Q903235
Internet Explorer Q916281
Japanese Language Support
Java 2 Runtime Environment Standard Edition v1.3.1_03
Kazaa Media Desktop 2.1.1
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Macromedia Flash 4
Macromedia Flash Player 8
MaxSpeed
Memorex 6136 U Scanner Driver
MGI PhotoSuite 8.1 (Remove Only)
MGI PhotoSuite III SE (Remove Only)
MGI VideoWave III (Remove Only)
Microsoft .NET Framework 1.1
Microsoft Data Access Components KB870669
Microsoft Golf CD-ROM Version 2.0
Microsoft Internet Explorer 6 SP1 and Internet Tools
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft Outlook Express 6
Microsoft VGX Q833989
Microsoft Windows Critical Update Notification
Morpheus Preview Edition
MSN Gaming Zone
Need For Speed II
Network Play System (Patching)
Norton Internet Security 2005 (Symantec Corporation)
NVIDIA Display Driver
NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
Outlook Express Q837009
PartyPoker
PharaohDemo
Poker Tracker Version 2.04.00
PokerPages Software
QuickTime
RealDownload
RealPlayer
RichFX Player
Shockwave
Sound Blaster Live! Value
SpyBlast
Spybot - Search & Destroy
Spybot - Search & Destroy 1.3
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
Windows 98 KB891711 Update
Windows 98 KB896358 Update
Windows 98 KB908519 Update
Windows 98 KB918547 Update
Windows 98 Q823559 Update
Windows 98 Q840315 Update
Windows 98 Q888113 Update
Windows 98 Q890175 Update
Windows Media Player 7.1
WinZip
Worms Armageddon
Yahoo! Messenger
Thanks so much for the help.
-
You have Kaaza and it needs to go before we do anything else:
First, Download LSPFix.exe to a convenient location. Do NOT run this program. This is only to be used if you lose Internet Access after removing Kazaa.
Next, download KazaaBegone.zip, and unzip it to a convenient location.
Run KazaaBegone- Double click KazaaBegone from where you unzipped it.
- Select Search & destroy all installed components
- Click Go
- Close KazaaBegone
In the event that you lose Internet access after removing Kazaa, please double-click LSPFix.exe that you downloaded earlier. Check the "I know what I'm doing" button. You will see 2 panels. If there is any file listed in the "Remove" panel on the right-side, leave it as is and just click "Finish>>" then reboot your computer and you should now have access to the Internet. If nothing is listed under the "Remove Panel", do NOT do anything - just close the program. You will need to use another computer to come back here for further instructions on what to do.
-
Alright...I didn't even know Kazaa was on my computer. It hasn't been used in years. I didn't lose internet connection so I suppose that is good. Anyway with that done, here's my new Hijack This log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:22:52 PM, on 12/28/07
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON INTERNET SECURITY\ISSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\DIGSTREAM\DIGSTREAM.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 4\CREATECD\CREATECD.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\ADBLOCKING\NSMDTR.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F1 - win.ini: run=hpfsched
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBARBHO.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [devldr16.exe] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\ADAPTEC\EASYCD~1\CREATECD\CREATECD.EXE -r
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SndSrvc] C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSRVC.EXE
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [ALU Scheduler Service] C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe"
O4 - HKLM\..\RunServices: [ccProxy] C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\.DEFAULT\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User 'Default user')
O4 - .DEFAULT Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (User 'Default user')
O4 - .DEFAULT Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: LimeShop Preferences - file://c:\Program Files\topMoxie\TEMP\limeshop_script.htm�
�
O8 - Extra context menu item: &Viewpoint Search - res://C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL/CXTSEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PROGRA~1\PARTYP~1\IEEXTE~1.DLL
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PROGRA~1\PARTYP~1\IEEXTE~1.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O15 - Trusted Zone: *.corning-cc.edu
O16 - DPF: Yahoo! MLB StatTracker - http://aud8.sports.yahoo.com/java/y/mlbst8250_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/posb_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/game.../y/mjst3_x.cab
O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/game...ts/y/wt0_x.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {A221AC20-294F-11D5-890B-0090278F1040} (ygsm Class) - http://phone.yahoo.com/plugin/ygsmcom7.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/game...ts/y/ct0_x.cab
O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.roings.com/cabs/mmed.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/p...im/install.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
--
End of file - 9481 bytes
And the Uninstall programs list:
Adaptec DirectCD
Adaptec Easy CD Creator 4
Ad-Aware SE Personal
Adobe Acrobat 4.0
Adobe Photoshop 6.0
Adobe SVG Viewer
Adobe Type Manager 4.1
AOL Instant Messenger
Caesar 3
CoralEurobetPoker
Creative PlayCenter
Dell ResourceCD
Digital Camera Suite
Electronic Arts Game Updater
ESPNMotion
EverQuest
EverQuest: Planes of Power
EverQuest: Shadows of Luclin
EverQuest: SOV
Google Toolbar for Internet Explorer
HijackThis 2.0.2
HP DeskJet 830C Series (Remove only)
HyperLoad
IE Host
IntelliMP3 3.03 (remove only)
Internet Explorer Q903235
Internet Explorer Q916281
Japanese Language Support
Java 2 Runtime Environment Standard Edition v1.3.1_03
Kazaa Media Desktop 2.1.1
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Macromedia Flash 4
Macromedia Flash Player 8
MaxSpeed
Memorex 6136 U Scanner Driver
MGI PhotoSuite 8.1 (Remove Only)
MGI PhotoSuite III SE (Remove Only)
MGI VideoWave III (Remove Only)
Microsoft .NET Framework 1.1
Microsoft Data Access Components KB870669
Microsoft Golf CD-ROM Version 2.0
Microsoft Internet Explorer 6 SP1 and Internet Tools
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft Outlook Express 6
Microsoft VGX Q833989
Microsoft Windows Critical Update Notification
Morpheus Preview Edition
MSN Gaming Zone
Need For Speed II
Network Play System (Patching)
Norton Internet Security 2005 (Symantec Corporation)
NVIDIA Display Driver
NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
Outlook Express Q837009
PartyPoker
PharaohDemo
Poker Tracker Version 2.04.00
PokerPages Software
QuickTime
RealDownload
RealPlayer
RichFX Player
Shockwave
Sound Blaster Live! Value
SpyBlast
Spybot - Search & Destroy
Spybot - Search & Destroy 1.3
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
Windows 98 KB891711 Update
Windows 98 KB896358 Update
Windows 98 KB908519 Update
Windows 98 KB918547 Update
Windows 98 Q823559 Update
Windows 98 Q840315 Update
Windows 98 Q888113 Update
Windows 98 Q890175 Update
Windows Media Player 7.1
WinZip
Worms Armageddon
Yahoo! Messenger
Strange how it still says Kazaa on that list. Is that alright, or did I do something wrong? Thanks much.
-
Did kazzabegone indicate that it found and removed anything?
Go here for an online trojan scanner that works with win 98:
http://www.windowsecurity.com/trojanscan/
Let me know if the trojan scan found anything and if it was deleted please.
-
Yes, the Kazaabegone got rid of a bunch of things. I ran it again just to be sure it worked and the second time it came up with no files so it must have worked.
I tried running that scanner twice and each time my whole computer froze after scanning only 779 files. At that point it had found 36 objects detected though. I could still move my mouse but nothing I did would open anything on screen. Even control alt delete didn't work. The file it was scanning at the time it froze was called:
HKEY_LOCAL_MACHINE\software\...\uninstall\hotbarc
I don't know if that helps at all.
Thanks
-
I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:- Run Spybot-S&D
- Go to the Mode menu, and make sure "Advanced Mode" is selected
- On the left hand side, choose Tools -> Resident
- Uncheck "Resident TeaTimer" and OK any prompts
You can reenable TeaTimer once your system is clean.
Thats good on kazabegone, let's go a little different route, instead of an online scan see if you can download/install and run Super Anti-spyware program.
It is a tremendous bug killing tool:
Please download and install SUPERAntiSpyware Trial Pro Edition http://www.superantispyware.com/superantispyware.html
* Load SUPERAntiSpyware and click the Check for Updates button.
* Once the update has finished, exit SUPERAntiSpyware. Please do NOT run a scan yet!
IMPORTANT: Do NOT open any other windows or programs while SUPERAntiSpyware is scanning, it may interfere with the scanning process.
* Open SUPERAntiSpyware and click the Scan your Computer button.
* Check Perform Complete Scan and then click Next.
* SUPERAntiSpyware will now scan your computer and when it’s finished it will list all the infections it has found.
* Make sure that they all have a check next to them, and then click Next.
* Click Finish and you will be taken back to the main interface.
* It could be possible that it will ask you to reboot your computer in order to delete some files after reboot.
* I'll need a log afterwards of what has been found.
* To get the log, click Preferences and then click the Statistics/Logs tab. Click the dated log and press View Log and a text file will appear.
* Please post the results of the [color=blue]SUPERAntiSpyware[/b] log in your next reply.
-
Alright, that scan worked wonderfully. Here's the log for that:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 12/29/2007 at 04:42 PM
Application Version : 3.9.1008
Core Rules Database Version : 3370
Trace Rules Database Version: 1365
Scan type : Complete Scan
Total Scan Time : 00:58:31
Memory items scanned : 249
Memory threats detected : 0
Registry items scanned : 3554
Registry threats detected : 21
File items scanned : 18339
File threats detected : 297
Adware.Viewpoint Toolbar
HKLM\Software\Classes\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\InProcServer32
HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\InProcServer32#ThreadingModel
HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\ProgID
HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\Programmable
HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\VersionIndependentProgID
HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}\TypeLib
C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
HKCR\ViewBar.ViewBar.1
HKCR\ViewBar.ViewBar.1\CLSID
HKCR\ViewBar.ViewBar
HKCR\ViewBar.ViewBar\CLSID
HKCR\ViewBar.ViewBar\CurVer
HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}
HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}\1.0
HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}\1.0\FLAGS
HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}\1.0\HELPDIR
HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}\1.0\0
HKCR\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}\1.0\0\win32
Adware.Tracking Cookie
C:\WINDOWS\Cookies\jrubin@mediaonenetwork[1].txt
C:\WINDOWS\Cookies\jrubin@xiti[1].txt
C:\WINDOWS\Cookies\jrubin@ads.expedia[2].txt
C:\WINDOWS\Cookies\jrubin@bookfinder[3].txt
C:\WINDOWS\Cookies\jrubin@atdmt[2].txt
C:\WINDOWS\Cookies\anyuser@www.counter[2].txt
C:\WINDOWS\Cookies\anyuser@ads.expedia[1].txt
C:\WINDOWS\Cookies\jrubin@rotator.dex.adjuggler[1].txt
C:\WINDOWS\Cookies\anyuser@52580280[2].txt
C:\WINDOWS\Cookies\anyuser@burstnet[2].txt
C:\WINDOWS\Cookies\anyuser@1070475745[2].txt
C:\WINDOWS\Cookies\anyuser@toplist[1].txt
C:\WINDOWS\Cookies\jrubin@windowsmedia[4].txt
C:\WINDOWS\Cookies\jrubin@pph[1].txt
C:\WINDOWS\Cookies\jrubin@www.peoplefinders[1].txt
C:\WINDOWS\Cookies\jrubin@50715070[2].txt
C:\WINDOWS\Cookies\jrubin@burstnet[1].txt
C:\WINDOWS\Cookies\anyuser@calbears.findarticles[2].txt
C:\WINDOWS\Cookies\jrubin@www.findarticles[2].txt
C:\WINDOWS\Cookies\jrubin@adopt.specificclick[3].txt
C:\WINDOWS\Cookies\anyuser@dcsnklj1021e5hyjjvlbw91 mq_3x1w[1].txt
C:\WINDOWS\Cookies\jrubin@mb[3].txt
C:\WINDOWS\Cookies\jrubin@ez-tracks[3].txt
C:\WINDOWS\Cookies\jrubin@anad.tacoda[1].txt
C:\WINDOWS\Cookies\jrubin@admarketplace[2].txt
C:\WINDOWS\Cookies\jrubin@nextag[4].txt
C:\WINDOWS\Cookies\anyuser@dist.belnk[2].txt
C:\WINDOWS\Cookies\jrubin@data4.perf.overture[1].txt
C:\WINDOWS\Cookies\jrubin@adrevolver[3].txt
C:\WINDOWS\Cookies\anyuser@nextag[2].txt
C:\WINDOWS\Cookies\anyuser@www.0stats[2].txt
C:\WINDOWS\Cookies\jrubin@www.ticketsnow[3].txt
C:\WINDOWS\Cookies\jrubin@www.ez-tracks[4].txt
C:\WINDOWS\Cookies\jrubin@acvs.mediaonenetwork[1].txt
C:\WINDOWS\Cookies\jrubin@adinterax[2].txt
C:\WINDOWS\Cookies\jrubin@tacoda[2].txt
C:\WINDOWS\Cookies\jrubin@adrevolver[1].txt
C:\WINDOWS\Cookies\jrubin@ads.addesktop[1].txt
C:\WINDOWS\Cookies\jrubin@www.ticketsnow2[4].txt
C:\WINDOWS\Cookies\jrubin@superstats[3].txt
C:\WINDOWS\Cookies\jrubin@checkstat[2].txt
C:\WINDOWS\Cookies\anyuser@30322322[2].txt
C:\WINDOWS\Cookies\jrubin@server.lon.liveperson[2].txt
C:\WINDOWS\Cookies\jrubin@S131010[1].txt
C:\WINDOWS\Cookies\jrubin@83227003[2].txt
C:\WINDOWS\Cookies\jrubin@counter.inkfrog[1].txt
C:\WINDOWS\Cookies\jrubin@partner2profit[2].txt
C:\WINDOWS\Cookies\jrubin@azjmp[2].txt
C:\WINDOWS\Cookies\jrubin@cgi-bin[2].txt
C:\WINDOWS\Cookies\anyuser@belnk[1].txt
C:\WINDOWS\Cookies\jrubin@S119874[2].txt
C:\WINDOWS\Cookies\jrubin@zedo[1].txt
C:\WINDOWS\Cookies\jrubin@findarticles[2].txt
C:\WINDOWS\Cookies\jrubin@0.afs.googleadservices[1].txt
C:\WINDOWS\Cookies\jrubin@doubleclick[1].txt
C:\WINDOWS\Cookies\jrubin@network.realmedia[2].txt
C:\WINDOWS\Cookies\jrubin@mediaplex[2].txt
C:\WINDOWS\Cookies\anyuser@richmedia.yahoo[2].txt
C:\WINDOWS\Cookies\jrubin@findlaw[1].txt
C:\WINDOWS\Cookies\jrubin@tracking.search4careerco lleges[1].txt
C:\WINDOWS\Cookies\jrubin@image.masterstats[1].txt
C:\WINDOWS\Cookies\jrubin@dcsn42u4k11e5hyzziz7zntl 5_1j8l[1].txt
C:\WINDOWS\Cookies\jrubin@ads.as4x.tmcs[2].txt
C:\WINDOWS\Cookies\jrubin@ads.pointroll[2].txt
C:\WINDOWS\Cookies\jrubin@nbads[2].txt
C:\WINDOWS\Cookies\jrubin@parentingteens.about[1].txt
C:\WINDOWS\Cookies\anyuser@screensavers[2].txt
C:\WINDOWS\Cookies\jrubin@www.clicksmart[1].txt
C:\WINDOWS\Cookies\anyuser@azjmp[1].txt
C:\WINDOWS\Cookies\anyuser@cgi-bin[2].txt
C:\WINDOWS\Cookies\jrubin@vhost.oddcast[2].txt
C:\WINDOWS\Cookies\jrubin@spamblockerutility[1].txt
C:\WINDOWS\Cookies\anyuser@try.screensavers[1].txt
C:\WINDOWS\Cookies\jrubin@S005-01-3-21-233869-62030[2].txt
C:\WINDOWS\Cookies\jrubin@atwola[7].txt
C:\WINDOWS\Cookies\jrubin@sales.liveperson[1].txt
C:\WINDOWS\Cookies\jrubin@server3.web-stat[1].txt
C:\WINDOWS\Cookies\jrubin@www.keepmedia[2].txt
C:\WINDOWS\Cookies\anyuser@i.screensavers[1].txt
C:\WINDOWS\Cookies\jrubin@ecnext.advertserve[1].txt
C:\WINDOWS\Cookies\jrubin@kanoodle[3].txt
C:\WINDOWS\Cookies\jrubin@adv.webmd[3].txt
C:\WINDOWS\Cookies\anyuser@xiti[2].txt
C:\WINDOWS\Cookies\anyuser@www.burstbeacon[1].txt
C:\WINDOWS\Cookies\jrubin@icc.intellisrv[3].txt
C:\WINDOWS\Cookies\jrubin@v7.stats.load[2].txt
C:\WINDOWS\Cookies\anyuser@www.ez-tracks[1].txt
C:\WINDOWS\Cookies\anyuser@www.ticketsnow[1].txt
C:\WINDOWS\Cookies\anyuser@stats[1].txt
C:\WINDOWS\Cookies\jrubin@ads.bridgetrack[1].txt
C:\WINDOWS\Cookies\jrubin@gostats[1].txt
C:\WINDOWS\Cookies\jrubin@mb[2].txt
C:\WINDOWS\Cookies\jrubin@ad.cnetym.cnet[2].txt
C:\WINDOWS\Cookies\anyuser@anat.tacoda[2].txt
C:\WINDOWS\Cookies\jrubin@ads.ratemyprofessors[2].txt
C:\WINDOWS\Cookies\jrubin@cgi-bin[1].txt
C:\WINDOWS\Cookies\jrubin@advertising[1].txt
C:\WINDOWS\Cookies\jrubin@pitchforkmedia[2].txt
C:\WINDOWS\Cookies\anyuser@ecnext.advertserve[1].txt
C:\WINDOWS\Cookies\jrubin@adlegend[1].txt
C:\WINDOWS\Cookies\jrubin@1069132318[1].txt
C:\WINDOWS\Cookies\jrubin@ehg-pharmacia.hitbox[1].txt
C:\WINDOWS\Cookies\jrubin@ehg-bestbuy.hitbox[1].txt
C:\WINDOWS\Cookies\jrubin@xos.adbureau[2].txt
C:\WINDOWS\Cookies\jrubin@statcounter[1].txt
C:\WINDOWS\Cookies\anyuser@ez-tracks[2].txt
C:\WINDOWS\Cookies\jrubin@cgi-bin[3].txt
C:\WINDOWS\Cookies\anyuser@anad.tacoda[2].txt
C:\WINDOWS\Cookies\jrubin@login.tracking101[1].txt
C:\WINDOWS\Cookies\jrubin@ticketsnow[1].txt
C:\WINDOWS\Cookies\jrubin@specificclick[2].txt
C:\WINDOWS\Cookies\jrubin@webstats4u[1].txt
C:\WINDOWS\Cookies\jrubin@eyewonder[1].txt
C:\WINDOWS\Cookies\jrubin@hitbox[2].txt
C:\WINDOWS\Cookies\jrubin@caselaw.lp.findlaw[1].txt
C:\WINDOWS\Cookies\jrubin@12975_300x600_112907_Dis cover_HPFV_1206[1].txt
C:\WINDOWS\Cookies\jrubin@S005-00-5-30-109972-12434[3].txt
C:\WINDOWS\Cookies\jrubin@html[3].txt
C:\WINDOWS\Cookies\jrubin@collective-media[2].txt
C:\WINDOWS\Cookies\jrubin@ads.xtramsn.co[1].txt
C:\WINDOWS\Cookies\anyuser@adopt.specificclick[1].txt
C:\WINDOWS\Cookies\jrubin@bannerads[1].txt
C:\WINDOWS\Cookies\jrubin@ads.adbrite[2].txt
C:\WINDOWS\Cookies\jrubin@greatgamesexperiment[1].txt
C:\WINDOWS\Cookies\jrubin@1.adbrite[1].txt
C:\WINDOWS\Cookies\jrubin@fcoweb[1].txt
C:\WINDOWS\Cookies\anyuser@partner2profit[2].txt
C:\WINDOWS\Cookies\jrubin@richmedia.yahoo[2].txt
C:\WINDOWS\Cookies\jrubin@ukvisas[1].txt
C:\WINDOWS\Cookies\jrubin@bannerads.zwire[1].txt
C:\WINDOWS\Cookies\jrubin@stats.sphere[1].txt
C:\WINDOWS\Cookies\jrubin@www.burstbeacon[6].txt
C:\WINDOWS\Cookies\jrubin@anat.tacoda[2].txt
C:\WINDOWS\Cookies\jrubin@ad.yieldmanager[2].txt
C:\WINDOWS\Cookies\jrubin@media.adrevolver[2].txt
C:\WINDOWS\Cookies\jrubin@smileycentral[1].txt
C:\WINDOWS\Cookies\jrubin@tribalfusion[2].txt
C:\WINDOWS\Cookies\jrubin@ad[3].txt
C:\WINDOWS\Cookies\jrubin@statse.webtrendslive[1].txt
c:\WINDOWS\Cookies\jrubin@tracker[1].txt
c:\WINDOWS\Cookies\jrubin@stats.klsoft[1].txt
c:\WINDOWS\Cookies\jrubin@superstats[1].txt
c:\WINDOWS\Cookies\jrubin@atwola[2].txt
c:\WINDOWS\Cookies\jrubin@ads.adbrite[1].txt
c:\WINDOWS\Cookies\jrubin@atwola[3].txt
c:\WINDOWS\Cookies\jrubin@windowsmedia[3].txt
c:\WINDOWS\Cookies\jrubin@epilot[1].txt
c:\WINDOWS\Cookies\jrubin@ads2.ah-ha[1].txt
c:\WINDOWS\Cookies\jrubin@statsxxx[1].txt
c:\WINDOWS\Cookies\jrubin@media[7].txt
c:\WINDOWS\Cookies\jrubin@www.partypoker[2].txt
c:\WINDOWS\Cookies\jrubin@metareward[4].txt
c:\WINDOWS\Cookies\jrubin@media[2].txt
c:\WINDOWS\Cookies\jrubin@titan.offshoreclicks[1].txt
c:\WINDOWS\Cookies\jrubin@counter.mtree[1].txt
c:\WINDOWS\Cookies\jrubin@windowsmedia[1].txt
c:\WINDOWS\Cookies\jrubin@www.nextag[1].txt
c:\WINDOWS\Cookies\jrubin@clickaction[1].txt
c:\WINDOWS\Cookies\jrubin@members.tripod[2].txt
c:\WINDOWS\Cookies\jrubin@anewcreation0.tripod[2].txt
c:\WINDOWS\Cookies\jrubin@www.overture[1].txt
c:\WINDOWS\Cookies\jrubin@cmikehardy.tripod[1].txt
c:\WINDOWS\Cookies\jrubin@www.mediadevil[1].txt
c:\WINDOWS\Cookies\jrubin@redhotcp.tripod[1].txt
c:\WINDOWS\Cookies\jrubin@www.findit-quick[1].txt
c:\WINDOWS\Cookies\jrubin@www.clickheretofind[2].txt
c:\WINDOWS\Cookies\jrubin@www.clickxchange[1].txt
c:\WINDOWS\Cookies\jrubin@tracking.cashpartner[2].txt
c:\WINDOWS\Cookies\jrubin@adorigin[1].txt
c:\WINDOWS\Cookies\jrubin@ads.amusive[1].txt
c:\WINDOWS\Cookies\jrubin@ads.belointeractive[1].txt
c:\WINDOWS\Cookies\jrubin@livestats.mediaclay[1].txt
c:\WINDOWS\Cookies\jrubin@banner1.inet-traffic[1].txt
c:\WINDOWS\Cookies\jrubin@metareward[1].txt
c:\WINDOWS\Cookies\jrubin@www.ticketsnow2[2].txt
c:\WINDOWS\Cookies\jrubin@ads.cdnow[1].txt
c:\WINDOWS\Cookies\jrubin@ads.linksponsor[2].txt
c:\WINDOWS\Cookies\jrubin@ads.as4x.tmcs.ticketmast er[1].txt
c:\WINDOWS\Cookies\jrubin@mediamgr.ugo[2].txt
c:\WINDOWS\Cookies\jrubin@adorigin[3].txt
c:\WINDOWS\Cookies\jrubin@serve.thisbanner[2].txt
c:\WINDOWS\Cookies\jrubin@media[5].txt
c:\WINDOWS\Cookies\jrubin@ads.adorigin[2].txt
c:\WINDOWS\Cookies\jrubin@media[4].txt
c:\WINDOWS\Cookies\jrubin@cz4.clickzs[2].txt
c:\WINDOWS\Cookies\jrubin@www.ticketsnow2[1].txt
c:\WINDOWS\Cookies\jrubin@macromedia[1].txt
c:\WINDOWS\Cookies\jrubin@metareward[2].txt
c:\WINDOWS\Cookies\jrubin@windowsmedia[2].txt
c:\WINDOWS\Cookies\jrubin@cz9.clickzs[1].txt
c:\WINDOWS\Cookies\jrubin@banner1.inet-traffic[3].txt
c:\WINDOWS\Cookies\jrubin@ads.vortextraffic[1].txt
c:\WINDOWS\Cookies\jrubin@www.about2find[2].txt
c:\WINDOWS\Cookies\jrubin@ads.mm.ap[1].txt
c:\WINDOWS\Cookies\jrubin@mediamgr.ugo[3].txt
c:\WINDOWS\Cookies\jrubin@tracking.cashpartner[1].txt
c:\WINDOWS\Cookies\jrubin@livestats.mediaclay[3].txt
c:\WINDOWS\Cookies\jrubin@ads.as4x.tmcs.ticketmast er[2].txt
c:\WINDOWS\Cookies\jrubin@www.a2zwordfinder[1].txt
c:\WINDOWS\Cookies\jrubin@ads2.leaderofthedot[2].txt
c:\WINDOWS\Cookies\jrubin@specificpop[1].txt
c:\WINDOWS\Cookies\jrubin@offeroptimizer[1].txt
c:\WINDOWS\Cookies\jrubin@click.absoluteagency[2].txt
c:\WINDOWS\Cookies\jrubin@www.budsinc[2].txt
c:\WINDOWS\Cookies\jrubin@media[3].txt
c:\WINDOWS\Cookies\jrubin@link.vericlick[1].txt
c:\WINDOWS\Cookies\jrubin@media[1].txt
c:\WINDOWS\Cookies\jrubin@centralmedia[2].txt
c:\WINDOWS\Cookies\jrubin@www.burstbeacon[1].txt
c:\WINDOWS\Cookies\jrubin@directtrack[1].txt
c:\WINDOWS\Cookies\jrubin@offersquest.directtrack[2].txt
c:\WINDOWS\Cookies\jrubin@data4.perf.overture[2].txt
c:\WINDOWS\Cookies\jrubin@exitexchange[2].txt
c:\WINDOWS\Cookies\jrubin@centralmedia[1].txt
c:\WINDOWS\Cookies\jrubin@link.vericlick[2].txt
c:\WINDOWS\Cookies\jrubin@specificpop[2].txt
c:\WINDOWS\Cookies\jrubin@directtrack[2].txt
c:\WINDOWS\Cookies\jrubin@offersquest.directtrack[3].txt
c:\WINDOWS\Cookies\jrubin@metareward[3].txt
c:\WINDOWS\Cookies\jrubin@click.absoluteagency[3].txt
c:\WINDOWS\Cookies\jrubin@offeroptimizer[3].txt
c:\WINDOWS\Cookies\jrubin@click.theonion[2].txt
c:\WINDOWS\Cookies\jrubin@rightmedia[2].txt
c:\WINDOWS\Cookies\jrubin@adv.webmd[1].txt
c:\WINDOWS\Cookies\jrubin@banner[1].txt
c:\WINDOWS\Cookies\jrubin@www.burstbeacon[3].txt
c:\WINDOWS\Cookies\jrubin@www.ez-tracks[2].txt
c:\WINDOWS\Cookies\jrubin@ez-tracks[2].txt
c:\WINDOWS\Cookies\jrubin@hypertracker[1].txt
c:\WINDOWS\Cookies\jrubin@adknowledge[2].txt
c:\WINDOWS\Cookies\jrubin@CAY6FRU4.txt
c:\WINDOWS\Cookies\jrubin@eboz[1].txt
c:\WINDOWS\Cookies\jrubin@rightmedia[3].txt
c:\WINDOWS\Cookies\jrubin@atwola[4].txt
c:\WINDOWS\Cookies\jrubin@www.burstbeacon[4].txt
c:\WINDOWS\Cookies\jrubin@nextag[1].txt
c:\WINDOWS\Cookies\jrubin@eboz[3].txt
c:\WINDOWS\Cookies\jrubin@www.screensavers[2].txt
c:\WINDOWS\Cookies\jrubin@mediaplayer[2].txt
c:\WINDOWS\Cookies\jrubin@atwola[1].txt
c:\WINDOWS\Cookies\jrubin@ads.jackpot[2].txt
c:\WINDOWS\Cookies\jrubin@www.burstbeacon[2].txt
c:\WINDOWS\Cookies\jrubin@www.keepmedia[1].txt
c:\WINDOWS\Cookies\jrubin@www.ticketsnow[2].txt
c:\WINDOWS\Cookies\jrubin@dist.belnk[2].txt
c:\WINDOWS\Cookies\jrubin@adopt.specificclick[2].txt
c:\WINDOWS\Cookies\jrubin@rightmedia[1].txt
c:\WINDOWS\Cookies\jrubin@burstnet[2].txt
c:\WINDOWS\Cookies\jrubin@a.websponsors[2].txt
c:\WINDOWS\Cookies\jrubin@adknowledge[1].txt
c:\WINDOWS\Cookies\jrubin@superstats[2].txt
c:\WINDOWS\Cookies\jrubin@www.goclick[1].txt
c:\WINDOWS\Cookies\jrubin@hypertracker[2].txt
c:\WINDOWS\Cookies\jrubin@ez-tracks[1].txt
c:\WINDOWS\Cookies\jrubin@ww2.ez-tracks[1].txt
c:\WINDOWS\Cookies\jrubin@www.betacounter[1].txt
c:\WINDOWS\Cookies\jrubin@interclick[2].txt
c:\WINDOWS\Cookies\jrubin@bookfinder[1].txt
c:\WINDOWS\Cookies\jrubin@adprofile[1].txt
c:\WINDOWS\Cookies\jrubin@www.ticketsnow1[1].txt
c:\WINDOWS\Cookies\jrubin@ez-tracks[4].txt
c:\WINDOWS\Cookies\jrubin@www.ez-tracks[3].txt
c:\WINDOWS\Cookies\jrubin@travel.nextag[1].txt
c:\WINDOWS\Cookies\jrubin@azjmp[1].txt
c:\WINDOWS\Cookies\jrubin@nextag[3].txt
c:\WINDOWS\Cookies\jrubin@icc.intellisrv[2].txt
c:\WINDOWS\Cookies\jrubin@kanoodle[2].txt
c:\WINDOWS\Cookies\jrubin@atwola[5].txt
c:\WINDOWS\Cookies\jrubin@adopt.specificclick[1].txt
c:\WINDOWS\Cookies\jrubin@kanoodle[1].txt
c:\WINDOWS\Cookies\jrubin@nextag[2].txt
c:\WINDOWS\Cookies\jrubin@anat.tacoda[1].txt
c:\WINDOWS\Cookies\jrubin@anad.tacoda[2].txt
c:\WINDOWS\Cookies\jrubin@atwola[6].txt
c:\WINDOWS\Cookies\jrubin@richmedia.yahoo[1].txt
c:\WINDOWS\Cookies\jrubin@adopt.specificclick[4].txt
Adware.Spyware Labs
C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\Q1E341QZ\VBOUNCEROUTER1402030731[3].EXE
C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\Z6W3RDGT\VBOUNCEROUTER1402030731[1].EXE
C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\QHS7UTEH\VBOUNCEROUTER1402030731[1].EXE
Trojan.NewDotNet
C:\WINDOWS\NDNUNINSTALL4_80.EXE
C:\WINDOWS\NDNUNINSTALL4_88.EXE
And here is a new HijackThis Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:14:11 PM, on 12/29/07
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON INTERNET SECURITY\ISSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\DIGSTREAM\DIGSTREAM.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\ADBLOCKING\NSMDTR.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F1 - win.ini: run=hpfsched
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBARBHO.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [devldr16.exe] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\ADAPTEC\EASYCD~1\CREATECD\CREATECD.EXE -r
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SndSrvc] C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSRVC.EXE
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [ALU Scheduler Service] C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe"
O4 - HKLM\..\RunServices: [ccProxy] C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - HKUS\.DEFAULT\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE (User 'Default user')
O4 - .DEFAULT Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (User 'Default user')
O4 - .DEFAULT Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: LimeShop Preferences - file://c:\Program Files\topMoxie\TEMP\limeshop_script.htm�
�
O8 - Extra context menu item: &Viewpoint Search - res://C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL/CXTSEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PROGRA~1\PARTYP~1\IEEXTE~1.DLL
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PROGRA~1\PARTYP~1\IEEXTE~1.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O15 - Trusted Zone: *.corning-cc.edu
O16 - DPF: Yahoo! MLB StatTracker - http://aud8.sports.yahoo.com/java/y/mlbst8250_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/posb_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/game.../y/mjst3_x.cab
O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/game...ts/y/wt0_x.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {A221AC20-294F-11D5-890B-0090278F1040} (ygsm Class) - http://phone.yahoo.com/plugin/ygsmcom7.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/game...ts/y/ct0_x.cab
O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.roings.com/cabs/mmed.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/p...im/install.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O20 - Winlogon Notify: !SASWinLogon - C:\PROGRAM FILES\SUPERANTISPYWARE\SASWINLO.DLL
--
End of file - 9472 bytes
And an uninstall list:
Adaptec DirectCD
Adaptec Easy CD Creator 4
Ad-Aware SE Personal
Adobe Acrobat 4.0
Adobe Photoshop 6.0
Adobe SVG Viewer
Adobe Type Manager 4.1
AOL Instant Messenger
Caesar 3
CoralEurobetPoker
Creative PlayCenter
Dell ResourceCD
Digital Camera Suite
Electronic Arts Game Updater
ESPNMotion
EverQuest
EverQuest: Planes of Power
EverQuest: Shadows of Luclin
EverQuest: SOV
Google Toolbar for Internet Explorer
HijackThis 2.0.2
HP DeskJet 830C Series (Remove only)
HyperLoad
IE Host
IntelliMP3 3.03 (remove only)
Internet Explorer Q903235
Internet Explorer Q916281
Japanese Language Support
Java 2 Runtime Environment Standard Edition v1.3.1_03
Kazaa Media Desktop 2.1.1
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Macromedia Flash 4
Macromedia Flash Player 8
MaxSpeed
Memorex 6136 U Scanner Driver
MGI PhotoSuite 8.1 (Remove Only)
MGI PhotoSuite III SE (Remove Only)
MGI VideoWave III (Remove Only)
Microsoft .NET Framework 1.1
Microsoft Data Access Components KB870669
Microsoft Golf CD-ROM Version 2.0
Microsoft Internet Explorer 6 SP1 and Internet Tools
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft Outlook Express 6
Microsoft VGX Q833989
Microsoft Windows Critical Update Notification
Morpheus Preview Edition
MSN Gaming Zone
Need For Speed II
Network Play System (Patching)
Norton Internet Security 2005 (Symantec Corporation)
NVIDIA Display Driver
NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
Outlook Express Q837009
PartyPoker
PharaohDemo
Poker Tracker Version 2.04.00
PokerPages Software
QuickTime
RealDownload
RealPlayer
RichFX Player
Shockwave
Sound Blaster Live! Value
SpyBlast
Spybot - Search & Destroy
Spybot - Search & Destroy 1.3
SUPERAntiSpyware Free Edition
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
Windows 98 KB891711 Update
Windows 98 KB896358 Update
Windows 98 KB908519 Update
Windows 98 KB918547 Update
Windows 98 Q823559 Update
Windows 98 Q840315 Update
Windows 98 Q888113 Update
Windows 98 Q890175 Update
Windows Media Player 7.1
WinZip
Worms Armageddon
Yahoo! Messenger
Thanks so much as always.
-
from add/remove program remove:
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
Reboot
1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.
Click on:
Kazaa Media Desktop 2.1.1
Click on Delete this entry
Reboot your computer.
Run hijackthis and click on "scan system only" button and put checks next to these:
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBARBHO.DLL
O8 - Extra context menu item: &Viewpoint Search - res://C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL/CXTSEARCH.HTML
O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.roings.com/cabs/mmed.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
Everything closed out but hijackthis and click on "fix checked"
Delete this folder if still present:
Navigate to these files or folders using Windows Explorer (OR Start -> Search) and delete (if present):
DELETE FOLDERS
C:\PROGRAM FILES\VIEWPOINT
Reboot and come back and tell me how things are now please.
-
Alright, I did all that and then ran Norton again but the virus ATPartners.inf and something else called ATPartners.dll still came up and couldn't be fixed.
Here's a new hijack this log...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:55:38 PM, on 12/29/07
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON INTERNET SECURITY\ISSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\DIGSTREAM\DIGSTREAM.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 4\CREATECD\CREATECD.EXE
C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\ADBLOCKING\NSMDTR.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
F1 - win.ini: run=hpfsched
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [devldr16.exe] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\ADAPTEC\EASYCD~1\CREATECD\CREATECD.EXE -r
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SndSrvc] C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSRVC.EXE
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [ALU Scheduler Service] C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe"
O4 - HKLM\..\RunServices: [ccProxy] C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - HKUS\.DEFAULT\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE (User 'Default user')
O4 - .DEFAULT Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (User 'Default user')
O4 - .DEFAULT Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: LimeShop Preferences - file://c:\Program Files\topMoxie\TEMP\limeshop_script.htm�
�
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\SYSTEM\ms.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PROGRA~1\PARTYP~1\IEEXTE~1.DLL
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\PROGRA~1\PARTYP~1\IEEXTE~1.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O15 - Trusted Zone: *.corning-cc.edu
O16 - DPF: Yahoo! MLB StatTracker - http://aud8.sports.yahoo.com/java/y/mlbst8250_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/posb_x.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/game.../y/mjst3_x.cab
O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/game...ts/y/wt0_x.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {A221AC20-294F-11D5-890B-0090278F1040} (ygsm Class) - http://phone.yahoo.com/plugin/ygsmcom7.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/game...ts/y/ct0_x.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/p...im/install.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O20 - Winlogon Notify: !SASWinLogon - C:\PROGRAM FILES\SUPERANTISPYWARE\SASWINLO.DLL
--
End of file - 8960 bytes
And an uninstall programs list:
Adaptec DirectCD
Adaptec Easy CD Creator 4
Ad-Aware SE Personal
Adobe Acrobat 4.0
Adobe Photoshop 6.0
Adobe SVG Viewer
Adobe Type Manager 4.1
AOL Instant Messenger
Caesar 3
CoralEurobetPoker
Creative PlayCenter
Dell ResourceCD
Digital Camera Suite
Electronic Arts Game Updater
ESPNMotion
EverQuest
EverQuest: Planes of Power
EverQuest: Shadows of Luclin
EverQuest: SOV
Google Toolbar for Internet Explorer
HijackThis 2.0.2
HP DeskJet 830C Series (Remove only)
HyperLoad
IE Host
IntelliMP3 3.03 (remove only)
Internet Explorer Q903235
Internet Explorer Q916281
Japanese Language Support
Java 2 Runtime Environment Standard Edition v1.3.1_03
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Macromedia Flash 4
Macromedia Flash Player 8
MaxSpeed
Memorex 6136 U Scanner Driver
MGI PhotoSuite 8.1 (Remove Only)
MGI PhotoSuite III SE (Remove Only)
MGI VideoWave III (Remove Only)
Microsoft .NET Framework 1.1
Microsoft Data Access Components KB870669
Microsoft Golf CD-ROM Version 2.0
Microsoft Internet Explorer 6 SP1 and Internet Tools
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft Outlook Express 6
Microsoft VGX Q833989
Microsoft Windows Critical Update Notification
Morpheus Preview Edition
MSN Gaming Zone
Need For Speed II
Network Play System (Patching)
Norton Internet Security 2005 (Symantec Corporation)
NVIDIA Display Driver
NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
Outlook Express Q837009
PartyPoker
PharaohDemo
Poker Tracker Version 2.04.00
PokerPages Software
QuickTime
RealDownload
RealPlayer
RichFX Player
Shockwave
Sound Blaster Live! Value
SpyBlast
Spybot - Search & Destroy
Spybot - Search & Destroy 1.3
SUPERAntiSpyware Free Edition
Windows 98 KB891711 Update
Windows 98 KB896358 Update
Windows 98 KB908519 Update
Windows 98 KB918547 Update
Windows 98 Q823559 Update
Windows 98 Q840315 Update
Windows 98 Q888113 Update
Windows 98 Q890175 Update
Windows Media Player 7.1
WinZip
Worms Armageddon
Yahoo! Messenger
-
I need the full file path may be this:
C:\WINDOWS\downloaded program files\ATPartners.inf
C:\WINDOWS\downloaded program files\ATPartners.dll
Last edited by Neal; 30-12-2007 at 08:33 PM.
Junior Member
