cid pop-up problem(RESOLVED)

  1. 27-02-2008  #1
    Corsary
    Corsary is offline Newbie

    cid pop-up problem(RESOLVED)

    Hi! I've been browsing around to see if I could solve this but.. no!

    Here are my hijackthis log, the nolop log and the unistall list!

    Hope you can help!

    Logfile of HijackThis v1.99.1
    Scan saved at 17:17:13, on 27-02-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
    C:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programas\Symantec AntiVirus\DefWatch.exe
    C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
    C:\Programas\Maxtor\Sync\SyncServices.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programas\Symantec AntiVirus\Rtvscan.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Programas\Apoint2K\Apoint.exe
    C:\Programas\Java\jre1.6.0_03\bin\jusched.exe
    C:\Programas\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Programas\HP\HP Software Update\HPWuSchd2.exe
    C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Programas\Apoint2K\Apntex.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programas\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
    C:\Programas\HPQ\SHARED\HPQWMI.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Programas\Symantec AntiVirus\DoScan.exe
    C:\Documents and Settings\Verinha!\Ambiente de trabalho\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit .exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programas\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\2.0.301. 7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programas\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Programas\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Apoint] C:\Programas\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programas\Java\jre1.6.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programas\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Programas\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] C:\Programas\Lexmark X1100 Series\lxbkbmgr.exe
    O4 - HKLM\..\Run: [ScreenPrint32] C:\Programas\ScreenPrint32 v3\ScreenPrint32.exe -startup
    O4 - HKLM\..\Run: [ccApp] "C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Programas\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programas\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programas\Ficheiros comuns\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Programas\Symantec AntiVirus\DefWatch.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programas\HPQ\SHARED\HPQWMI.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Programas\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Programas\Maxtor\Sync\SyncServices.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Programas\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Programas\Symantec AntiVirus\Rtvscan.exe





    NoLop! Log by Skate_Punk_21

    Fix running from: C:\Documents and Settings\Verinha!\Ambiente de trabalho
    [27-02-2008]
    [16:59:59]

    ---Infection Files Found/Removed---
    C:\WINDOWS\tasks\AB473CE8906CB398.job

    Beginning Removal...
    Rebooting...
    Removing Lop's Leftover Files/Folders...
    Editing Registry...
    **Fix Complete!**

    ---Listing AppData sub directories---

    C:\Documents and Settings\Administrador\Application Data\Apple Computer
    C:\Documents and Settings\Administrador\Application Data\Identities
    C:\Documents and Settings\Administrador\Application Data\Microsoft
    C:\Documents and Settings\Administrador\Application Data\Symantec -- EMPTY Directory
    C:\Documents and Settings\All Users\Application Data\Adobe
    C:\Documents and Settings\All Users\Application Data\Adobe Systems
    C:\Documents and Settings\All Users\Application Data\Apple Computer
    C:\Documents and Settings\All Users\Application Data\Autodesk
    C:\Documents and Settings\All Users\Application Data\Enternhelp
    C:\Documents and Settings\All Users\Application Data\External Build System
    C:\Documents and Settings\All Users\Application Data\File Joy Proc Deaf
    C:\Documents and Settings\All Users\Application Data\Google
    C:\Documents and Settings\All Users\Application Data\Hp
    C:\Documents and Settings\All Users\Application Data\Hpqwmi
    C:\Documents and Settings\All Users\Application Data\Installshield
    C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    C:\Documents and Settings\All Users\Application Data\Lavasoft
    C:\Documents and Settings\All Users\Application Data\Maxtor
    C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    C:\Documents and Settings\All Users\Application Data\Microsoft
    C:\Documents and Settings\All Users\Application Data\Muvee Technologies
    C:\Documents and Settings\All Users\Application Data\Nikon
    C:\Documents and Settings\All Users\Application Data\Quicktime
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    C:\Documents and Settings\All Users\Application Data\Symantec
    C:\Documents and Settings\All Users\Application Data\Temp -- EMPTY Directory
    C:\Documents and Settings\All Users\Application Data\Ultima_t15
    C:\Documents and Settings\All Users\Application Data\Vertustech
    C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    C:\Documents and Settings\Default User\Application Data\Apple Computer
    C:\Documents and Settings\Default User\Application Data\Identities
    C:\Documents and Settings\Default User\Application Data\Microsoft
    C:\Documents and Settings\Default User\Application Data\Symantec -- EMPTY Directory
    C:\Documents and Settings\Flipz!\Application Data\Adobe
    C:\Documents and Settings\Flipz!\Application Data\Adobeum -- EMPTY Directory
    C:\Documents and Settings\Flipz!\Application Data\Apple Computer
    C:\Documents and Settings\Flipz!\Application Data\Creative
    C:\Documents and Settings\Flipz!\Application Data\Google
    C:\Documents and Settings\Flipz!\Application Data\Hp
    C:\Documents and Settings\Flipz!\Application Data\Identities
    C:\Documents and Settings\Flipz!\Application Data\Leadertech
    C:\Documents and Settings\Flipz!\Application Data\Macromedia
    C:\Documents and Settings\Flipz!\Application Data\Microsoft
    C:\Documents and Settings\Flipz!\Application Data\Sonic
    C:\Documents and Settings\Flipz!\Application Data\Sun
    C:\Documents and Settings\Flipz!\Application Data\Symantec
    C:\Documents and Settings\Localservice\Application Data\Microsoft
    C:\Documents and Settings\Networkservice\Application Data\Microsoft
    C:\Documents and Settings\Networkservice\Application Data\Symantec
    C:\Documents and Settings\Verinha!\Application Data\Adobe
    C:\Documents and Settings\Verinha!\Application Data\Adobeum -- EMPTY Directory
    C:\Documents and Settings\Verinha!\Application Data\Apple Computer
    C:\Documents and Settings\Verinha!\Application Data\Autodesk
    C:\Documents and Settings\Verinha!\Application Data\Bits Bat Link
    C:\Documents and Settings\Verinha!\Application Data\Coffeecup Software
    C:\Documents and Settings\Verinha!\Application Data\Google
    C:\Documents and Settings\Verinha!\Application Data\Help -- EMPTY Directory
    C:\Documents and Settings\Verinha!\Application Data\Hp
    C:\Documents and Settings\Verinha!\Application Data\Identities
    C:\Documents and Settings\Verinha!\Application Data\Intervideo
    C:\Documents and Settings\Verinha!\Application Data\Leadertech
    C:\Documents and Settings\Verinha!\Application Data\Macromedia
    C:\Documents and Settings\Verinha!\Application Data\Microsoft
    C:\Documents and Settings\Verinha!\Application Data\Mozilla
    C:\Documents and Settings\Verinha!\Application Data\Muvee Technologies
    C:\Documents and Settings\Verinha!\Application Data\Nikon
    C:\Documents and Settings\Verinha!\Application Data\Secondlife
    C:\Documents and Settings\Verinha!\Application Data\Skype
    C:\Documents and Settings\Verinha!\Application Data\Sonic
    C:\Documents and Settings\Verinha!\Application Data\Sun
    C:\Documents and Settings\Verinha!\Application Data\Symantec
    C:\Documents and Settings\Verinha!\Application Data\Systweak
    C:\Documents and Settings\Verinha!\Application Data\Template
    C:\Documents and Settings\Verinha!\Application Data\U3
    C:\Documents and Settings\Verinha!\Application Data\Utorrent
    C:\Documents and Settings\Verinha!\Application Data\Vso




    ABBYY FineReader 5.0 Sprint
    Actualização de Segurança para o Windows Media Player (KB911564)
    Actualização de Segurança para o Windows Media Player 10 (KB911565)
    Actualização de Segurança para o Windows Media Player 10 (KB917734)
    Actualização de Segurança para o Windows Media Player 10 (KB936782)
    Actualização de Segurança para o Windows Media Player 6.4 (KB925398)
    Actualização de segurança para Windows Internet Explorer 7 (KB928090)
    Actualização de segurança para Windows Internet Explorer 7 (KB931768)
    Actualização de segurança para Windows Internet Explorer 7 (KB933566)
    Actualização de segurança para Windows Internet Explorer 7 (KB937143)
    Actualização de segurança para Windows Internet Explorer 7 (KB938127)
    Actualização de segurança para Windows Internet Explorer 7 (KB939653)
    Actualização de segurança para Windows Internet Explorer 7 (KB942615)
    Actualização de segurança para Windows Internet Explorer 7 (KB944533)
    Actualização de segurança para Windows XP (KB890046)
    Actualização de segurança para Windows XP (KB893066)
    Actualização de segurança para Windows XP (KB893756)
    Actualização de segurança para Windows XP (KB896358)
    Actualização de segurança para Windows XP (KB896422)
    Actualização de segurança para Windows XP (KB896423)
    Actualização de segurança para Windows XP (KB896424)
    Actualização de segurança para Windows XP (KB896428)
    Actualização de segurança para Windows XP (KB899587)
    Actualização de segurança para Windows XP (KB899591)
    Actualização de segurança para Windows XP (KB900725)
    Actualização de segurança para Windows XP (KB901017)
    Actualização de segurança para Windows XP (KB901190)
    Actualização de segurança para Windows XP (KB901214)
    Actualização de segurança para Windows XP (KB902400)
    Actualização de segurança para Windows XP (KB904706)
    Actualização de segurança para Windows XP (KB905414)
    Actualização de segurança para Windows XP (KB905749)
    Actualização de segurança para Windows XP (KB905915)
    Actualização de segurança para Windows XP (KB908519)
    Actualização de segurança para Windows XP (KB908531)
    Actualização de segurança para Windows XP (KB911280)
    Actualização de segurança para Windows XP (KB911562)
    Actualização de segurança para Windows XP (KB911567)
    Actualização de segurança para Windows XP (KB911927)
    Actualização de segurança para Windows XP (KB912812)
    Actualização de segurança para Windows XP (KB912919)
    Actualização de segurança para Windows XP (KB913446)
    Actualização de segurança para Windows XP (KB913580)
    Actualização de segurança para Windows XP (KB914388)
    Actualização de segurança para Windows XP (KB914389)
    Actualização de segurança para Windows XP (KB916281)
    Actualização de segurança para Windows XP (KB917159)
    Actualização de segurança para Windows XP (KB917344)
    Actualização de segurança para Windows XP (KB917422)
    Actualização de segurança para Windows XP (KB917953)
    Actualização de segurança para Windows XP (KB918118)
    Actualização de segurança para Windows XP (KB918439)
    Actualização de segurança para Windows XP (KB918899)
    Actualização de segurança para Windows XP (KB919007)
    Actualização de segurança para Windows XP (KB920213)
    Actualização de segurança para Windows XP (KB920214)
    Actualização de segurança para Windows XP (KB920670)
    Actualização de segurança para Windows XP (KB920683)
    Actualização de segurança para Windows XP (KB920685)
    Actualização de segurança para Windows XP (KB921398)
    Actualização de segurança para Windows XP (KB921503)
    Actualização de segurança para Windows XP (KB921883)
    Actualização de segurança para Windows XP (KB922616)
    Actualização de segurança para Windows XP (KB922760)
    Actualização de segurança para Windows XP (KB922819)
    Actualização de segurança para Windows XP (KB923191)
    Actualização de segurança para Windows XP (KB923414)
    Actualização de Segurança para Windows XP (KB923689)
    Actualização de segurança para Windows XP (KB923694)
    Actualização de segurança para Windows XP (KB923980)
    Actualização de segurança para Windows XP (KB924191)
    Actualização de segurança para Windows XP (KB924270)
    Actualização de segurança para Windows XP (KB924496)
    Actualização de segurança para Windows XP (KB924667)
    Actualização de segurança para Windows XP (KB925454)
    Actualização de segurança para Windows XP (KB925486)
    Actualização de segurança para Windows XP (KB925902)
    Actualização de segurança para Windows XP (KB926255)
    Actualização de segurança para Windows XP (KB926436)
    Actualização de segurança para Windows XP (KB927779)
    Actualização de segurança para Windows XP (KB927802)
    Actualização de segurança para Windows XP (KB928255)
    Actualização de segurança para Windows XP (KB928843)
    Actualização de segurança para Windows XP (KB929123)
    Actualização de segurança para Windows XP (KB930178)
    Actualização de segurança para Windows XP (KB931261)
    Actualização de segurança para Windows XP (KB931784)
    Actualização de segurança para Windows XP (KB932168)
    Actualização de segurança para Windows XP (KB933729)
    Actualização de segurança para Windows XP (KB935839)
    Actualização de segurança para Windows XP (KB935840)
    Actualização de segurança para Windows XP (KB936021)
    Actualização de segurança para Windows XP (KB938829)
    Actualização de segurança para Windows XP (KB941202)
    Actualização de segurança para Windows XP (KB941568)
    Actualização de Segurança para Windows XP (KB941569)
    Actualização de segurança para Windows XP (KB941644)
    Actualização de segurança para Windows XP (KB943055)
    Actualização de segurança para Windows XP (KB943460)
    Actualização de segurança para Windows XP (KB943485)
    Actualização de segurança para Windows XP (KB944653)
    Actualização de segurança para Windows XP (KB946026)
    Actualização para Windows XP (KB894391)
    Actualização para Windows XP (KB898461)
    Actualização para Windows XP (KB900485)
    Actualização para Windows XP (KB904942)
    Actualização para Windows XP (KB910437)
    Actualização para Windows XP (KB916595)
    Actualização para Windows XP (KB920872)
    Actualização para Windows XP (KB922582)
    Actualização para Windows XP (KB927891)
    Actualização para Windows XP (KB929338)
    Actualização para Windows XP (KB930916)
    Actualização para Windows XP (KB931836)
    Actualização para Windows XP (KB933360)
    Actualização para Windows XP (KB936357)
    Actualização para Windows XP (KB938828)
    Actualização para Windows XP (KB942763)
    Ad-Aware 2007
    Adobe Acrobat - Reader 6.0.2 Update
    Adobe Acrobat and Reader 6.0.3 Update
    Adobe Acrobat and Reader 6.0.4 Update
    Adobe Acrobat and Reader 6.0.5 Update
    Adobe Acrobat and Reader 6.0.6 Update
    Adobe Bridge 1.0
    Adobe Common File Installer
    Adobe Flash Player ActiveX
    Adobe Help Center 1.0
    Adobe Photoshop CS2
    Adobe Reader 6.0.1 - Português
    Adobe Stock Photos 1.0
    Advanced System Optimizer
    Agere Systems AC'97 Modem
    ALPS Touch Pad Driver
    Apple Software Update
    ArcSoft Panorama Maker 3
    ATI - Utilitário de desinstalação de software
    ATI Control Panel
    ATI Display Driver
    AutoCAD 2007 - English
    Autodesk DWF Viewer
    Autodesk Revit Building 8
    CCleaner (remove only)
    Compatibility Pack for the 2007 Office system
    Creative Mass Storage Drivers
    Creative System Information
    eMule
    Google Earth
    Google SketchUp
    Google SketchUp 6
    Google SketchUp 6
    Google Toolbar for Internet Explorer
    HijackThis 1.99.1
    Hotfix for Windows XP (KB915865)
    Hotfix para Windows XP (KB914440)
    HP Customer Participation Program 7.0
    HP Designjet 110plus series
    HP Help and Support
    HP Imaging Device Functions 7.0
    HP Manutenção de sistema para a HP Designjet 110plus
    HP Photosmart and Deskjet 7.0 Software (ptb)
    HP Photosmart Essential
    HP Software Update
    HP Software Update
    HP Solution Center 7.0
    HP Wireless Assistant 1.01 B2
    HP_User_Guides_0005
    InterVideo WinDVD
    iTunes
    J2SE Runtime Environment 5.0 Update 4
    J2SE Runtime Environment 5.0 Update 6
    Java(TM) 6 Update 2
    Java(TM) 6 Update 3
    Kaspersky Online Scanner
    Lexmark X1100 Series
    LiveUpdate 3.1 (Symantec Corporation)
    Maxtor Manager
    Maxtor Manager
    Messenger Plus! 3
    Messenger Plus! Live & Sponsor (CiD)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft .NET Framework 1.1 Portuguese Language Pack
    Microsoft .NET Framework 2.0
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Professional with FrontPage
    Microsoft Works
    Motorola SM56 Speakerphone Modem
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 Parser and SDK
    MSXML 6.0 Parser (KB933579)
    Nikon FotoShare
    Nikon Message Center
    Panda ActiveScan
    PictureProject
    Quick Launch Buttons 5.10 B5
    QuickTime
    Recover My Files
    ScreenPrint32 v3.5
    SecondLife (remove only)
    Security Update para Microsoft .NET Framework 2.0 (KB928365)
    Skype 2.5
    Software para Impressoras EPSON
    Sonic Audio Module
    Sonic Copy Module
    Sonic Data Module
    Sonic Express Labeler
    Sonic MyDVD Plus
    Sonic Update Manager
    SoundMAX
    Spybot - Search & Destroy
    Symantec AntiVirus
    TerraExplorer
    The Sims 2
    TRUST 120 SPACEC@M
    Vertus Fluid Mask 3 3.0.4
    Vodafone Internet Connect Box
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Media Format Runtime
    Windows Media Player 10
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB884575
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885464
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885855
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888239
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890047
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB892559
    WinRAR archiver
    WinZip

    Thanks in advance!!

    Ricardo.

  3. 27-02-2008  #2
    Neal
    Neal is offline Dedicated Member
    Remove this from add/remove program, that is what got you infected in the first place:

    Messenger Plus! Live & Sponsor (CiD)


    follow any prompts and reboot afterwards



    Delete folder if present below in BOLD


    C:\Documents and Settings\All Users\Application Data\File Joy Proc Deaf

    Reboot


    How are things now?
  4. 28-02-2008  #3
    Corsary
    Corsary is offline Newbie
    Thanks! All done!!!
  5. 28-02-2008  #4
    Neal
    Neal is offline Dedicated Member
    Save 20% on AVG Internet Security 2012 Suite!
    If you are no longer having any more trouble here is some preventative measures for you.

    Be sure to re-hide hidden files/folders if you were asked to unhide them

    Here are some preventive measures you can take to keep your computer from getting infected again. also keep all these and Ad-awareSE and SpybotS&D updated.

    http://www.d-a-l.com/help/showthread.php?t=32403

    Flush your restore points in ME and XP, by turning System Restore off and then back on.
    This will create a fresh restore point.

    Explained Here:
    Windows XP: http://vil.nai.com/vil/SystemHelpDoc...ysRestore.aspx

    Explained Here
    Microsoft ME:
    http://service1.symantec.com/SUPPORT...rc=sec_doc_nam



    Please download ATF Cleaner by Atribune to desktop.
    http://www.atribune.org/public-beta/ATF-Cleaner.exe

    Double-click ATF-Cleaner.exe to run the program, to clean junk files off your PC.

    If you would like to keep your cookies don't check that item

    * Under Main "Select Files to Delete" choose: Select All.
    * Click the Empty Selected button.
    * If you use Firefox browser click Firefox at the top and choose: Select All
    * Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    * If you use Opera browser click Opera at the top and choose: Select All
    * Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    Click Exit on the Main menu to close the program.





    RegProtect

    This small registry protection tool will save you hours of heartache by notifying you when some program good or bad is trying to access your registry.

    You have the option of allowing(good) items or blocking(bad)items.

    http://www.diamondcs.com.au/index.php?page=regprot


    To reduce the re-infection potential for malware and protect yourself against spyware, here are a few helpful suggestions:

    1. Keep Windows and Internet Explorer current with the latest critical security updates from Microsoft. This will patch many of the security holes through which attackers can gain access to your computer. You CANNOT complete this update using an alternate browser.
    http://v5.windowsupdate.microsoft.co....aspx?ln=en-us

    http://www.microsoft.com/windows/ie/default.asp


    2. Run your antivirus software regularly, and to keep its definitions up-to-date. If you are thinking about switching, there are a some good free Antivirus programs that are decent, including AVG and Avast!.
    AVG: http://free.grisoft.com/doc/1

    Avast: http://www.avast.com/eng/avast_4_home.html


    3. In addtion to using Ad-aware consider using another free malware scanning/removal program:
    Windows Defender

    http://www.microsoft.com/athome/secu...e/default.mspx


    4. Consider using a free firewall if you are not already using one. Some good free ones are:
    Kerio

    Sunbelt

    Comodo Personal Firewall:

    Comodo





    5. Consider using an alternate free browser for general web surfing but you must use IE for windows update.
    Mozilla Firefox: www.mozilla.org/products/firefox/


    6. Consider increasing your browser security by using these programs:
    SpywareGuard will protect your homepage from being hijacked: http://www.javacoolsoftware.com/spywareguard.html
    SpywareBlaster will increase browser protection by blocking Thousands of known malware sites by adding them to IE's restricted sites zone. Download it here:

    http://www.javacoolsoftware.com/spywareblaster.html


    If you use SpywareBlaster, you can also use a customblocklist to add even more entries into IE restricted sites zone. Go to this site for the current list and how to use instructions: http://customblockinglist.cjb.net/


    IE-SPYAD is similar in that it adds thousands more known malware sites to IE's restricted zone. Download it here:
    https://netfiles.uiuc.edu/ehowes/www/resource.htm


    Block access to Untrustworthy Sites

    You can prevent your computer from visiting a myriad of untrustworthy sites and ad-servers by installing a customised hosts file. One of the best available is the: MVPS Hosts File. Simply follow the instructions to install the file in the correct location. This will not only make surfing safer but will improve website load times and block popups from many of the large ad-servers.



    *Remember just like your primary anti-virus software, it is important to keep all of these programs up-to-date and use them on a regular basis. It's Free


    And also see TonyKlein's good advice
    So how did I get infected in the first place? (My Favorite)
+ Reply to Thread
« DellGAM Virus? | HELPPPPP windows update »