Can someone please analysise my hijack(RESOLVED)
-
Can someone please analysise my hijack(RESOLVED)
The internet on my laptop keeps cutting off, but its not the internet connection cause I have 2 other computers working fine./ Seems like after about 6-10 minutes after a reboot it cuts off, and has to be restarted.
Here is the log, if anyone can help it would be so good. Thanks.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:28:46 PM, on 7/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Internet Lock\ILSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\DOCUME~1\MANOGUE\LOCALS~1\Temp\McDMTemp007\Dwnl dMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo!
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = AOL.com.au - Welcome to AOL Australia
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\RunOnce: [McWebDownlMgr] C:\DOCUME~1\MANOGUE\LOCALS~1\Temp\McDMTemp007\Dwnl dMgr.exe /runkey
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://desktop.optusnet.com.au/dsl/favorites/homepage
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Laura%20Jones%20and%20the%20Gates%20of%20Good%20an d%20Evil/Images/stg_drm.ocx
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by137fd.bay137.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Agatha%20Christie%20-%20Peril%20at%20End%20House/Images/armhelper.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Internet Lock Service (INETLOCKSVC) - TopLang Software - C:\Program Files\Internet Lock\ILSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 13364 bytes
-
Welcome,
You are strongly advised to uninstall P2PNetworking(It is adware) from add/remove program,reboot after.
* Please download Malwarebytes' Anti-Malware from HERE or HERE
Double Click mbam-setup.exe to install the application.
* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and zLaunch Malwarebytes Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Full Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire report in your next reply along with a fresh HijackThis log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
Open Hijackthis.
Click the "Open the Misc Tools" section Button.
Click the "Open Uninstall Manager" Button.
Click the "Save list..." Button.
Save it to your desktop. Copy and paste the contents into your reply.
And...
Update Java: Security Issue
* Go to Start > Control Panel double-click on the Software icon > add/remove programs.
* Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
It should have next icon next to it: 
Select it and click Remove.
* The current version can be downloaded from Sun here: Java SE Downloads Scroll down the page to 'Java Runtime Environment (JRE) 6u7 and press the 'Download' button. On the new web page, click the 'Accept License Agreement' button. Then select 'Windows Offline Installation, Multi-language' in the Windows Platform area just below the Accept button.
Please post MBAM log and new hijackthis log and uninstall list and thanks.
Last edited by Neal; 23-07-2008 at 09:42 PM.
-
Thanks so much for the help. Ran mbam and cleared 400 problems. Uninstalled old java, and tried to install new but still having problem. Here is the mbam log plus new hijack log. What is the uninstall log? Thanks again for assistance.
Malwarebytes' Anti-Malware 1.23
Database version: 985
Windows 5.1.2600 Service Pack 2
9:57:10 PM 7/24/2008
mbam-log-7-24-2008 (21-57-09).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 137807
Time elapsed: 1 hour(s), 21 minute(s), 51 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 23
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 12
Files Infected: 442
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\fis.amo (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fis.amo.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5015bf9d-173c-474b-9af3-77d4d23a4135} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fis.ohb (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fis.ohb.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5ed7d3de-6dbe-4516-8712-01b1b64b7057} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{85e0b171-04fa-11d1-b7da-00a0c90348a7} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{85e0b171-04fa-11d1-b7da-00a0c90348d7} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fis.momo (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fis.momo.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{92c3f342-45da-4511-853a-b3836aaff5f5} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1037b06c-84b7-4240-8d80-485810a0497d} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{54b287f9-fd90-4457-b65e-cb91560c021d} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e4c7afc-9915-4036-b7f9-8b3f1710788f} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{566dede9-9ed8-45da-9be6-9b2eeab17f49} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9a9c9b69-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\nn_bar_dummy.nn_bardummy (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\nn_bar_dummy.nn_bardummy.1 (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8a0dcbda-6e20-489c-9041-c1e8a0352e75} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\{8a0dcbda-6e20-489c-9041-c1e8a0352e75} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\upmedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\p2p networking (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\sfx (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\logs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\sfx (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\Adobe\Acrobat 6.0\Reader\PDF417Encoder.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Agatha Christie - Peril at End House\endhouse.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Laura Jones and the Gates of Good and Evil\Detective.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D6AFCA6-C76E-4DBB-8D3E-7F57086A04B5}\RP170\A0053515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UpMedia\uninstallSE.exe (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\MANOGUE\Local Settings\Temp\Nikon\MessageCenter\mca_setup_10.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\blackjack.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\browser.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cacerts.crt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cam.cas (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cardlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\countries.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\creditdebit.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\db.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\devlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\devlibcomm.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\filemap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\fivecard.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\games.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\gsid.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\id.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\INSTALL.LOG (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\languages.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\libeay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\licens.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\modstatus.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\mp3dec.asi (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\mss32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\msvcp71.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\msvcr71.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\navigator.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\omaha.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\options.cfg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\poker.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\poker.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\sc.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\shfolder.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\srvmap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\ssleay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\texas.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\UNWISE.EXE (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\update.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xml.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\zlib1.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\games.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\gsid.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\id.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\languages.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\licens.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\0.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\1.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\15.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\16.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\17.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\18.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\19.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\2.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\20.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\21.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\22.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\23.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\24.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\25.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\26.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\28.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\29.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\3.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\30.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\31.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\32.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\33.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\34.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\35.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\36.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\37.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\38.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\39.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\4.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\40.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\41.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\42.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\43.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\44.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\45.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\47.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\48.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\49.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\5.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\50.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\51.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\6.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\7.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\8.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\9.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\allin_popup.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\archive.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\archive_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\avatar.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\b.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\base.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\bj_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\browserdetect.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_close.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_extra.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_filters_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_filters_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_game.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_general.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_join.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_main.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_minmax.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_sublevels_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_sublevels_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\caret.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\chatbubble.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\chips.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\decktype_settings.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\edit.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\gamelimits1.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\gamelimits2.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\gamelimits3.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\game_summary.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\gre_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\hand.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\hand.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\hand_cursor.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\hand_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\harrow.cur (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\headers_bkg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\headers_text.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\27.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\46.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\bkg.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\but_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\history.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\main_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\poker_cardback.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\pol_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\history.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\history_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\input_additional.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\input_boxes.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\input_lists.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\language.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\language.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\languages.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\language_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\main.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\main_listhi.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\navigator_bg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\navigator_buttons.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\navigator_moneytext.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\navigator_timer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_bottom.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_game_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_game_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_game_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_left.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_moretables.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_texts.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\panel_top_messages.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\pointer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\poker_cards.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\poker_cards_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\poker_cards_large.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\poker_cards_large_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\poker_deckside.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\poker_font_11p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\poker_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\poker_makechoice.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\poker_pucks.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\popups.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\position_actions.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\position_active.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\position_inactive.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\position_note.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\position_numbers.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\progress_ani.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\promo-test1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\rus_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\sc_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\tabs_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\tabs_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\tabs_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\tab_ladder.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\text.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\timeslider.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\tur_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\tx_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\tx_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\user.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\user_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\white_line.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\win_graphics.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\xml.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\data\xml_decoder.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\sfx\c_button.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\sfx\c_chip.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\sfx\c_deal.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\sfx\p_alert.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\sfx\p_checkknock.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\blackjack_game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\blackjack_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\ext_clientspecific.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\ext_creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\ext_game.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\ext_general.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\ext_mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\ext_navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\fcs_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\fc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\fc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\filemap.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\filerefs.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\gameclient.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\game_common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\game_common_message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\gizmo.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\mtt_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\mtt_lobby.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\omaha_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\omaha_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\optdef.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\poker_limits.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\sc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\sc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\tel_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\texas_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\texas_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\cache\8000\xrs\tournament_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\0.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\1.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\15.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\16.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\17.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\18.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\19.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\2.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\20.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\21.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\22.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\23.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\24.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\25.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\26.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\28.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\29.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\3.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\30.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\31.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\32.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\33.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\34.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\35.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\36.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\37.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\38.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\39.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\4.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\40.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\41.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\42.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\43.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\44.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\45.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\47.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\48.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\49.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\5.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\50.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\51.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\6.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\7.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\8.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\9.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\allin_popup.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\archive.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\archive_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\avatar.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\b.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\base.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\bj_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\browserdetect.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_close.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_extra.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_filters_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_filters_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_game.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_general.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_join.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_main.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_minmax.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_sublevels_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_sublevels_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\caret.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\chatbubble.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\chips.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\decktype_settings.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\edit.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\gamelimits1.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\gamelimits2.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\gamelimits3.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\game_summary.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\gre_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\hand.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\hand.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\hand_cursor.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\hand_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\harrow.cur (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\headers_bkg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\headers_text.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\27.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\46.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\bkg.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\but_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\history.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\main_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\poker_cardback.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\pol_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\history.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\history_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\input_additional.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\input_boxes.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\input_lists.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\language.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\language.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\languages.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\language_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\main.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\main_listhi.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\navigator_bg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\navigator_buttons.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\navigator_moneytext.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\navigator_timer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_bottom.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_game_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_game_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_game_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_left.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_moretables.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_texts.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\panel_top_messages.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\pointer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\poker_cards.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\poker_cards_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\poker_cards_large.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\poker_cards_large_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\poker_deckside.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\poker_font_11p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\poker_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\poker_makechoice.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\poker_pucks.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\popups.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\position_actions.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\position_active.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\position_inactive.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\position_note.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\position_numbers.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\progress_ani.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\promo-test1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\rus_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\sc_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\tabs_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\tabs_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\tabs_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\tab_ladder.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\text.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\timeslider.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\tur_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\tx_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\tx_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\user.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\user_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\white_line.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\win_graphics.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\xml.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\data\xml_decoder.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\sfx\c_button.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\sfx\c_chip.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\sfx\c_deal.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\sfx\p_alert.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\sfx\p_checkknock.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\blackjack_game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\blackjack_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\ext_clientspecific.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\ext_creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\ext_game.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\ext_general.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\ext_mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\ext_navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\fcs_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\fc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\fc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\filemap.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\filerefs.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\gameclient.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\game_common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\game_common_message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\gizmo.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\mtt_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\mtt_lobby.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\omaha_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\omaha_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\optdef.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\poker_limits.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\sc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\sc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\tel_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\texas_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\texas_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Paradise Poker\xrs\tournament_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:19:09 PM, on 7/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Internet Lock\ILSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo!
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = AOL.com.au - Welcome to AOL Australia
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://desktop.optusnet.com.au/dsl/favorites/homepage
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Laura%20Jones%20and%20the%20Gates%20of%20Good%20an d%20Evil/Images/stg_drm.ocx
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by137fd.bay137.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Agatha%20Christie%20-%20Peril%20at%20End%20House/Images/armhelper.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Internet Lock Service (INETLOCKSVC) - TopLang Software - C:\Program Files\Internet Lock\ILSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 12657 bytes
-
Run hijackthis and click on "scan system only" button and put checks next to these:
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O15 - Trusted Zone: Mirar (HKLM)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Laura%20Jones%20and%20the%20Gates%20of%20Good%20an d%20Evil/Images/stg_drm.ocx
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Agatha%20Christie%20-%20Peril%20at%20End%20House/Images/armhelper.ocx
Please close ALL browser windows (including this one).
Everything closed out but hijackthis and click on "fix checked"
Reboot your PC
Open Hijackthis.
Click the "Open the Misc Tools" section Button.
Click the "Open Uninstall Manager" Button.
Click the "Save list..." Button.
Save it to your desktop. Copy and paste the contents into your reply, plus a new hijackthis log and feed back on what is going on now please.
It appears you are running two anti-virus programs and suggest you uninstall one of them.
-
Thanks, did everything, but internet still same problem. Here is uninstall list plus new hijack log. I was trying to put mcafee antivirus on but had to cancel half way through download causer it cuts off. This might be the 2nd antvirus besides avast.
3D World Atlas
A Series of Unfortunate Events
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Reader 6.0.1
Agatha Christie - Peril at End House
Alien Shooter
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 3
avast! Antivirus
Ballistik
Bejeweled 2
Bejeweled 2 Deluxe
BeTrapped!
Big City Adventure - Sydney, Australia
Bonjour
Bookworm Deluxe
Bricks of Egypt
Chainz
Children's Encyclopedia
Chuzzle
Commando
Conexant HD Audio
Creative WebCam Center
Creative WebCam Live! Driver (1.00.06.0414)
Creative WebCam Live! User's Guide (English)
Cubis Gold 2
Customer Experience Enhancement
Disc2Phone
Eyewitness Encyclopedia of Nature 2.1
Eyewitness History of the World 2.1
Feeding Frenzy
Google Earth
Google Toolbar for Internet Explorer
HDAUDIO Soft Data Fax Modem with SmartCP
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB909095)
Hotfix for Windows XP (KB910728)
Hotfix for Windows XP (KB912436)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915326)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB929120)
HP Help and Support
HP Imaging Device Functions 6.0
HP Integrated Module with Bluetooth wireless technology
HP Pavilion Webcam Demo
HP Pavilion Webcam Tray Icon
HP Photosmart Premier Software 6.0
HP Quick Launch Buttons 6.00 G2
HP QuickPlay 2.1
HP Software Update
HP User Guides 0027
HP Wireless Assistant 2.00 E1
Insaniquarium Deluxe
Inspector-Parker
Intel(R) PRO Network Connections Drivers
Internet Lock 5.1
iTunes
Jewel Quest
Jigsaw 365
Laura Jones and the Gates of Good and Evil
LimeWire 4.16.6
Links® Course Challenge – Chateau Whistler
Luxor
Macromedia Flash Player 8
Magic Ball 2
Magic Inlay
Mah Jong Medley
Mah Jong Quest
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium
Microsoft Office 2000 Professional
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
muvee autoProducer 4.5
Nikon Message Center
Nokia Connectivity Cable Driver
Nokia PC Connectivity Solution
Nokia PC Suite
NVIDIA Drivers
Paradise Poker
PartyPoker
Picasa 2
PictureProject
Poker Superstars
QuickTime
Ricochet Lost Worlds
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Shape Solitaire
Siemens Subscriber Networks SpeedStream DSL
Slingo
SmartAudio
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
Sony Ericsson PC Suite
Spin & Win
Symantec KB-DocID:2003093015493306
Synaptics Pointing Device Driver
The New Way Things Work
Tradewinds 2
Tumblebugs
Ultimate Human Body 2
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Windows Driver Package - Nokia Modem (07/24/2006 6.81.0.23)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB884575
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885464
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB888402
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892559
Wonderland - Secret Worlds
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
ZoneAlarm
ZoneAlarm Spy Blocker
Zuma Deluxe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:09:45 AM, on 7/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Internet Lock\ILSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo!
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = AOL.com.au - Welcome to AOL Australia
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ?
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://desktop.optusnet.com.au/dsl/favorites/homepage
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by137fd.bay137.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Internet Lock Service (INETLOCKSVC) - TopLang Software - C:\Program Files\Internet Lock\ILSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 11833 bytes
-
I should add also that msn messenger still works, even though internet explorer, plus any downloads that are downloading stop a short time after rebooting.
-
I would run the symantec uninstaller, still some components left on your PC:
Download and run the Norton Removal Tool
I would also turn off zone alarm firewall and spyblocker, turn on windows firewall for the time being and see if that makes a difference.
Have you installed any microsoft updates close to the time of the problem.
Let me know, thanks.
-
Thanks Neal. Seems like it is working now. I did the norton uninstall, and removed the zonealarm firewall, and it has been working since then. Installing mcafee antivirus now and putting java on and havn't had an internet cutout. Seems like zonealarm had something to do with it, but who knows. Thanks for assistance.
-
Great news, I've seen zone alarm cause that problem before.
If you are no longer having any more trouble here is some preventative measures for you.
Be sure to re-hide hidden files/folders if you were asked to unhide them
Here are some preventive measures you can take to keep your computer from getting infected again. Also keep SpybotS&D updated.
Read This First - IMPORTANT Instructions
Flush your restore points in ME and XP, by turning System Restore off and then back on.
This will create a fresh restore point.
Explained Here:
Windows XP: McAfee Threat Center
Explained Here
Microsoft ME:
Disabling or enabling Windows Me System Restore
Please download ATF Cleaner by Atribune to desktop.
http://www.atribune.org/public-beta/ATF-Cleaner.exe
Double-click ATF-Cleaner.exe to run the program, to clean junk files off your PC.
If you would like to keep your cookies don't check that item
* Under Main "Select Files to Delete" choose: Select All.
* Click the Empty Selected button.
* If you use Firefox browser click Firefox at the top and choose: Select All
* Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
* If you use Opera browser click Opera at the top and choose: Select All
* Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
To reduce the re-infection potential for malware and protect yourself against spyware, here are a few helpful suggestions:
1. Keep Windows and Internet Explorer current with the latest critical security updates from Microsoft. This will patch many of the security holes through which attackers can gain access to your computer. You CANNOT complete this update using an alternate browser.
http://v5.windowsupdate.microsoft.co....aspx?ln=en-us
http://www.microsoft.com/windows/ie/default.asp
2. Run your antivirus software regularly, and to keep its definitions up-to-date. If you are thinking about switching, there are a some good free Antivirus programs that are decent, including Avira and Avast and PCTools.
AVIRA: http://www.free-av.com/]Avira
AVAST: FREE avast! antivirus 4.x Home Edition, anti-spyware & anti-rootkit for Windows
PCTOOLS: PC Tools AntiVirus - Free Anti-Virus Download
3. In addtion to using SpyBot S&D consider using another free malware scanning/removal program:
Windows Defender: Windows Defender: Home Page
4. Consider using a free firewall if you are not already using one. Some good free ones are:
Kerio: Free Firewall Download ? Personal Firewall Protection from Sunbelt Kerio
Comodo:Comodo Free Firewall Software Download
5. Consider using an alternate free browser for general web surfing but you must use IE for windows update.
Mozilla Firefox: www.mozilla.org/products/firefox/
6. Consider increasing your browser security by using Spyware Blaster:
SpywareBlaster will increase browser protection by blocking Thousands of known malware sites by adding them to IE's restricted sites zone. Download it here:
SpywareBlaster
If you use SpywareBlaster, you can also use a customblocklist to add even more entries into IE restricted sites zone. Go to this site for the current list and how to use instructions: CJB.NET
IE-SPYAD is similar in that it adds thousands more known malware sites to IE's restricted zone. Download it here:
https://netfiles.uiuc.edu/ehowes/www/resource.htm
Block access to Untrustworthy Sites
You can prevent your computer from visiting a myriad of untrustworthy sites and ad-servers by installing a customised hosts file. One of the best available is the: MVPS Hosts File. Simply follow the instructions to install the file in the correct location. This will not only make surfing safer but will improve website load times and block popups from many of the large ad-servers.
*Remember just like your primary anti-virus software, it is important to keep all of these programs up-to-date and use them on a regular basis. It's Free
Newbie
