Slower internet - possible spyware? what my it be?

Posted 7/31/2007 8:58 PM
#51274
User avatar

deiv Member

Date Joined Nov 2016
Total Posts: 3
Logfile of HijackThis v1.99.1 <br/>Scan saved at 23:49:15, on 31/07/2007 <br/>Platform: Windows XP SP2 (WinNT 5.01.2600) <br/>MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) <br/>Running processes: <br/>C:\WINDOWS\System32\smss.exe <br/>C:\WINDOWS\system32\winlogon.exe <br/>C:\WINDOWS\system32\services.exe <br/>C:\WINDOWS\system32\lsass.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe <br/>C:\WINDOWS\system32\spoolsv.exe <br/>C:\Program Files\Symantec AntiVirus\DefWatch.exe <br/>C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE <br/>C:\WINDOWS\system32\nvsvc32.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\Program Files\Symantec AntiVirus\Rtvscan.exe <br/>C:\WINDOWS\system32\winlogon.exe <br/>C:\Program Files\Common Files\Symantec Shared\ccApp.exe <br/>C:\PROGRA~1\SYMANT~1\VPTray.exe <br/>C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe <br/>C:\Program Files\Common Files\Real\Update_OB\realsched.exe <br/>C:\Program Files\Logitech\MouseWare\system\em_exec.exe <br/>C:\Program Files\DAEMON Tools\daemon.exe <br/>C:\WINDOWS\system32\RUNDLL32.EXE <br/>C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe <br/>C:\Program Files\Babylon\Babylon.exe <br/>C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe <br/>C:\WINDOWS\system32\ctfmon.exe <br/>C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe <br/>C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe <br/>C:\Program Files\totalcmd\TOTALCMD.EXE <br/>C:\Program Files\Messenger\msmsgs.exe <br/>C:\WINDOWS\explorer.exe <br/>C:\Program Files\totalcmd\TOTALCMD.EXE <br/>c:\hijakthis\alternativ.exe <br/> <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.one.co.il/ <br/>O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll <br/>O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll <br/>O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll <br/>O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll <br/>O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll <br/>O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll <br/>O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll <br/>O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll <br/>O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" <br/>O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe <br/>O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe <br/>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot <br/>O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 <br/>O4 - HKLM\..\Run: [nwiz] nwiz.exe /install <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" <br/>O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon.exe -AutoStart <br/>O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe <br/>O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY <br/>O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe <br/>O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background <br/>O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe <br/>O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe <br/>O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe <br/>O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm <br/>O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm <br/>O8 - Extra context menu item: &יצא ל- Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 <br/>O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm <br/>O8 - Extra context menu item: הורד באמצעות פלאש-גט - C:\Program Files\FlashGet\jc_link.htm <br/>O8 - Extra context menu item: הורד הכל באמצעות פלאש-גט - C:\Program Files\FlashGet\jc_all.htm <br/>O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll <br/>O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll <br/>O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) <br/>O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) <br/>O9 - Extra button: מחקר - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL <br/>O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe <br/>O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe <br/>O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe <br/>O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe <br/>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 <br/>O16 - DPF: {53AF6E02-F18F-4228-AC13-3E79773FBE50} (CMCBooter Object) - http://download.mysee.com/plugin/booter.cab <br/>O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab <br/>O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab <br/>O17 - HKLM\System\CCS\Services\Tcpip\..\{70041060-A033-4462-8FFE-EE5735664DA0}: NameServer = 192.116.202.222 213.8.172.83 <br/>O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL <br/>O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll <br/>O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll <br/>O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll <br/>O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe <br/>O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe <br/>O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe <br/>O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe <br/>O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe <br/>O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe <br/>O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <br/>O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe <br/>O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe <br/>O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe <br/>O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe <br/>O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe <br/>O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe <br/> <br/> <br/> <br/> <br/> <br/>--------------------------------------------------------- <br/>AVG Anti-Spyware - Scan Report <br/>--------------------------------------------------------- <br/> <br/> + Created at: 01:29:10 31/07/2007 <br/> <br/> + Scan result: <br/> <br/> <br/> <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Temporary Internet Files\Content.IE5\0HCVWVGZ\zpopup[2].cgi -> Not-A-Virus.Exploit.HTML.UrlSpoof.a : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@clubmed.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@msnisrael.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@stpetersburgtimes.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. <br/>C:\Documents and Settings\יונה\Cookies\יונה@msnisrael.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@ad.adnet[1].txt -> TrackingCookie.Adnet : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@adtech[2].txt -> TrackingCookie.Adtech : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@advertising[2].txt -> TrackingCookie.Advertising : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@advertising[2].txt -> TrackingCookie.Advertising : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned. <br/>C:\Documents and Settings\יונה\Cookies\יונה@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@bfast[1].txt -> TrackingCookie.Bfast : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@castup[1].txt -> TrackingCookie.Castup : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@switch5.castup[1].txt -> TrackingCookie.Castup : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@castup[1].txt -> TrackingCookie.Castup : Cleaned. <br/>C:\Documents and Settings\יונה\Cookies\יונה@castup[1].txt -> TrackingCookie.Castup : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@cz6.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@cz9.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@com[2].txt -> TrackingCookie.Com : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@news.com[2].txt -> TrackingCookie.Com : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@connextra[2].txt -> TrackingCookie.Connextra : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@twci.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@twci.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. <br/>C:\Documents and Settings\Tal\Cookies\tal@estat[1].txt -> TrackingCookie.Estat : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@ehg-clubmedasia.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@ehg-hollywood.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@hg1.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@idot[1].txt -> TrackingCookie.Idot : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@im.impact[1].txt -> TrackingCookie.Impact : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@searchportal.information[1].txt -> TrackingCookie.Information : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@linksynergy[2].txt -> TrackingCookie.Linksynergy : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned. <br/>:mozilla.36:C:\Documents and Settings\Tal\Application Data\Mozilla\Firefox\Profiles\vkw637mk.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@ie.search.msn[1].txt -> TrackingCookie.Msn : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@overture[1].txt -> TrackingCookie.Overture : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@data1.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@overture[1].txt -> TrackingCookie.Overture : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@pro-market[2].txt -> TrackingCookie.Pro-market : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@pro-market[2].txt -> TrackingCookie.Pro-market : Cleaned. <br/>C:\Documents and Settings\יונה\Cookies\יונה@pro-market[2].txt -> TrackingCookie.Pro-market : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@www.res99[2].txt -> TrackingCookie.Res99 : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@revsci[1].txt -> TrackingCookie.Revsci : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@sexlist[1].txt -> TrackingCookie.Sexlist : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@counter1.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@counter12.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@counter13.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@counter14.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@counter3.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@counter4.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@counter5.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@counter6.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@counter9.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@spylog[2].txt -> TrackingCookie.Spylog : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@a.total-media[1].txt -> TrackingCookie.Total-media : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@a.total-media[1].txt -> TrackingCookie.Total-media : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@webstat[2].txt -> TrackingCookie.Web-stat : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@programs.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@xxxcounter[2].txt -> TrackingCookie.Xxxcounter : Cleaned. <br/>:mozilla.11:C:\Documents and Settings\Tal\Application Data\Mozilla\Firefox\Profiles\vkw637mk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. <br/>:mozilla.12:C:\Documents and Settings\Tal\Application Data\Mozilla\Firefox\Profiles\vkw637mk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. <br/>:mozilla.13:C:\Documents and Settings\Tal\Application Data\Mozilla\Firefox\Profiles\vkw637mk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. <br/>:mozilla.16:C:\Documents and Settings\Tal\Application Data\Mozilla\Firefox\Profiles\vkw637mk.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned. <br/>:mozilla.22:C:\Documents and Settings\Tal\Application Data\Mozilla\Firefox\Profiles\vkw637mk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. <br/>:mozilla.23:C:\Documents and Settings\Tal\Application Data\Mozilla\Firefox\Profiles\vkw637mk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. <br/>:mozilla.24:C:\Documents and Settings\Tal\Application Data\Mozilla\Firefox\Profiles\vkw637mk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. <br/>:mozilla.25:C:\Documents and Settings\Tal\Application Data\Mozilla\Firefox\Profiles\vkw637mk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. <br/>:mozilla.26:C:\Documents and Settings\Tal\Application Data\Mozilla\Firefox\Profiles\vkw637mk.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. <br/>C:\Documents and Settings\Moshe\Cookies\moshe@zedo[2].txt -> TrackingCookie.Zedo : Cleaned. <br/>C:\Documents and Settings\Moshe\Local Settings\Temp\Cookies\moshe@zedo[1].txt -> TrackingCookie.Zedo : Cleaned. <br/> <br/> <br/>::Report end <br/> <br/> <br/> <br/> <br/> <br/>ComboFix 07-07-30.2 - "Tal" 07/31/2007 23:32:28.1 [GMT 3:00] - NTFS <br/>Microsoft Windows XP Professional 5.1.2600.2.1255.1.1033.18.True <br/> * Created a new restore point <br/> <br/> ADS removed - svchost.exe: deleted 68 bytes in 1 streams. <br/> <br/>((((((((((((((((((((((((( Files Created from 2007-06-28 to 2007-07-31 ))))))))))))))))))))))))))))))) <br/> <br/> <br/>No new files created in this timespan <br/> <br/> <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/> <br/>07/31/2007 07:36 PM --------- d-------- C:\Program Files\FlashGet <br/>07/28/2007 03:51 PM --------- d-------- C:\Program Files\eMule <br/>07/27/2007 05:40 PM --------- d-------- C:\Program Files\Symantec AntiVirus <br/>07/21/2007 09:55 AM --------- d-------- C:\Program Files\Combined Community Codec Pack <br/>07/21/2007 01:21 AM --------- d-------- C:\Program Files\mIRC <br/>07/13/2007 03:50 PM --------- d-------- C:\DOCUME~1\Tal\APPLIC~1\dvdcss <br/>07/11/2007 08:51 PM --------- d-------- C:\Program Files\DAP <br/>06/17/2007 12:11 AM 51200 --a------ C:\WINDOWS\nircmd.exe <br/>05/28/2007 05:52 PM --------- d-------- C:\DOCUME~1\Tal\APPLIC~1\Skype <br/>05/16/2007 06:12 PM 683520 --a------ C:\WINDOWS\system32\inetcomm.dll <br/> <br/> <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/> <br/> <br/>*Note* empty entries & legit default entries are not shown <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [04/08/2005 04:52 PM] <br/>"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [04/17/2005 01:30 PM] <br/>"Logitech Utility"="Logi_MwX.Exe" [12/17/2003 10:50 AM C:\WINDOWS\LOGI_MWX.EXE] <br/>"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [02/24/2006 02:19 PM] <br/>"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [12/10/2005 05:57 PM] <br/>"nwiz"="nwiz.exe" [03/09/2006 04:29 PM C:\WINDOWS\system32\nwiz.exe] <br/>"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [03/14/2007 03:43 AM] <br/>"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [07/06/2007 10:10 PM] <br/>"Babylon Client"="C:\Program Files\Babylon\Babylon.exe" [07/29/2004 04:04 PM] <br/>"SigmatelSysTrayApp"="sttray.exe" [] <br/>"IntelAudioStudio"="C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" [08/22/2005 03:19 AM] <br/> <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:56 AM] <br/>"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 07:24 PM] <br/>"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [] <br/>"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [] <br/>"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07/07/2007 08:34 AM] <br/> <br/>C:\Documents and Settings\Tal\Start Menu\Programs\Startup\ <br/>Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50] <br/> <br/>R2 atksgt;atksgt;C:\WINDOWS\system32\DRIVERS\atksgt.sys <br/>R2 lirsgt;lirsgt;C:\WINDOWS\system32\DRIVERS\lirsgt.sys <br/>R3 dtscsi;dtscsi;C:\WINDOWS\system32\Drivers\dtscsi.sys <br/>R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver;C:\WINDOWS\system32\DRIVERS\e1e5132.sys <br/>R3 sfng32;Sonic Focus Plugin for Sigmatel HDA;C:\WINDOWS\system32\drivers\sfng32.sys <br/>R3 STHDA;SigmaTel High Definition Audio CODEC;C:\WINDOWS\system32\drivers\sthda.sys <br/>S2 Mysee2_Runtime;Mysee2_Runtime;C:\WINDOWS\System32\svchost.exe -k mysee2 <br/>S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\sscdbus.sys <br/>S3 sscdmdfl;SAMSUNG CDMA Modem Filter;C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys <br/>S3 sscdmdm;SAMSUNG CDMA Modem Drivers;C:\WINDOWS\system32\DRIVERS\sscdmdm.sys <br/>S3 TSP;TSP;\??\C:\WINDOWS\system32\drivers\klif.sys <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] <br/>mysee2 Mysee2_Runtime <br/> <br/> <br/>************************************************************************** <br/> <br/>catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net <br/>Rootkit scan 2007-07-31 23:35:29 <br/>Windows 5.1.2600 Service Pack 2 NTFS <br/> <br/>scanning hidden processes ... <br/> <br/>scanning hidden registry entries ... <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DocFolderPaths] <br/>"\xf88d\5\x5f1\5\x5d0\5\x5f0\5"="C:\Documents and Settings\\x5d9\x5d5\x5e0\x5d4\My Documents" <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher] <br/>"TracesProcessed"=dword:0000023f <br/>"TracesSuccessful"=dword:00000220 <br/> <br/>scanning hidden files ... <br/> <br/>scan completed successfully <br/>hidden files: 0 <br/> <br/>************************************************************************** <br/> <br/>Completion time: 07/31/2007 23:36:45 <br/> <br/> --- E O F --- <br/> <br/> <br/> <br/> <br/>********************************* ROOTCHK-(21-07-07)-LOG, by ejvindh <br/>Tue 07/31/2007 18:48:57.75 <br/> <br/>The rootkits that are detected by this tool were not found. <br/> <br/>********************************* ROOTCHK-LOG-end <br/> <br/> <br/>catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net <br/>Rootkit scan 2007-07-31 18:48:58 <br/>Windows 5.1.2600 Service Pack 2 <br/>scanning hidden processes ... <br/> <br/>scanning hidden services & system hive ... <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] <br/>"s0"=dword:b6789e12 <br/>"s1"=dword:b2f13881 <br/>"s2"=dword:c2341906 <br/>"h0"=dword:00000001 <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] <br/>"p0"="C:\Program Files\DAEMON Tools\" <br/>"h0"=dword:00000000 <br/>"khjeh"=hex:64,c1,56,07,2f,30,9e,bf,0f,e6,65,ca,95,f1,89,80,89,0c,44,de,af,.. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] <br/>"a0"=hex:20,01,00,00,a1,14,d8,e6,1e,03,f5,d7,11,f3,52,82,bf,05,74,8c,27,.. <br/>"khjeh"=hex:af,a3,e0,23,3b,16,aa,54,eb,48,95,ce,32,69,bf,e2,3a,cd,fa,ac,c9,.. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] <br/>"khjeh"=hex:70,6f,ef,ab,0a,10,09,6f,65,f4,91,36,b4,6e,a9,73,59,d1,fe,f5,23,.. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] <br/>"khjeh"=hex:88,d2,44,a0,cd,ee,c9,a3,8c,cf,09,fa,d8,3a,c9,9f,bd,33,af,29,a7,.. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42] <br/>"khjeh"=hex:b6,a2,b8,7c,ea,49,56,e5,4b,3f,a1,ae,af,ea,88,1f,7e,35,d0,e8,8d,.. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] <br/>"p0"="C:\Program Files\DAEMON Tools\" <br/>"h0"=dword:00000000 <br/>"khjeh"=hex:64,c1,56,07,2f,30,9e,bf,0f,e6,65,ca,95,f1,89,80,89,0c,44,de,af,.. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] <br/>"a0"=hex:20,01,00,00,a1,14,d8,e6,1e,03,f5,d7,11,f3,52,82,bf,05,74,8c,27,.. <br/>"khjeh"=hex:af,a3,e0,23,3b,16,aa,54,eb,48,95,ce,32,69,bf,e2,3a,cd,fa,ac,c9,.. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] <br/>"khjeh"=hex:70,6f,ef,ab,0a,10,09,6f,65,f4,91,36,b4,6e,a9,73,59,d1,fe,f5,23,.. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] <br/>"khjeh"=hex:88,d2,44,a0,cd,ee,c9,a3,8c,cf,09,fa,d8,3a,c9,9f,bd,33,af,29,a7,.. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42] <br/>"khjeh"=hex:b6,a2,b8,7c,ea,49,56,e5,4b,3f,a1,ae,af,ea,88,1f,7e,35,d0,e8,8d,.. <br/> <br/>scanning hidden registry entries ... <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DocFolderPaths] <br/>"\xf88d\5\x5f1\5\x5d0\5\x5f0\5"="C:\Documents and Settings\\x5d9\x5d5\x5e0\x5d4\My Documents" <br/> <br/>scanning hidden files ... <br/> <br/>hidden processes: 0 <br/>hidden files: 0
Posted 8/1/2007 4:42 AM
#51279
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello deiv :smile: <br/> <br/> <br/> <br/> <br/>It looks clean to Me. <br/> <br/> <br/> <br/> <br/> <br/>How are things running now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 8/1/2007 8:51 AM
#51297
User avatar

deiv Member

Date Joined Nov 2016
Total Posts: 3
Well I dont know honestly... Somethimes it runs fine but sometimes the internet and download speed is very slow, and it might even stuck while downloading.. <br/>I've contacted my ISP and they told me to do start > run > then some program which shows the active conenctions, (all of my browser windows were closed), and there was more than 1 active connection. <br/>They said that its probably spyware or something like that, and thats the probably reason why my download speed is less than normal somethimes (I usually download at 200kb/s). <br/>If you say it all looks clean than i'll just give it another try and see if it goes smooth.. Perhaps all of the cleaning actions did help and everything is ok now... <br/> <br/>Is there anything I can do, or some way to test that everything is ok?
Posted 8/2/2007 6:36 AM
#51356
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Run the below scan tools - just to be sure. <br/> <br/> <br/> <br/> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Please download free<SPAN style="mso-spacerun: yes"> Trial of Superantispyware<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">[color=#22229c>http://www.superantispyware.com/superantispywarefreevspro.html</FONT>[/b]<o:p></o:p> <br/> <br/> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Install it using the Standard Install option. (You will be asked for your e-mail address, it is safe to give it. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">close the program<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Download and install DrWebCureit:<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">[color=#22229c>http://spywareinfo.dk/download/drweb-cureit.exe[/url]<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p></B> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">to your desktop.<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB><FONT color=#008000>Please print out or copy this page to Notepad as you will be in Safe Mode and unable to refer to this page.<o:p></o:p>[/color][/b] <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: blue; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><SPAN style="COLOR: blue">Reboot to Safe mode<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: blue; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Doubleclick the "drweb-cureit.exe" and click "ok" in the prompt window that will open , asking "start the express scan now".<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">It will first make a quick scan of your system, let it clean what it find, and when it says "done" <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Click on the green screwdriver-<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Actions Tab- Adware-Dialers-Riskware-Hacktools, use dropdown menu and select -Delete<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Click on the drive(s) you want to scan . A <SPAN style="COLOR: red">red dot will mark the selected drive(s) . Then hit the <SPAN style="COLOR: green">green<SPAN style="mso-spacerun: yes"> arrow in lower right corner It will now scan your<SPAN style="mso-spacerun: yes"> drive(s), say yes to all<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">After the scan, in the Dr.Web CureIt menu on top, click file and choose save report list<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Save the report to your desktop. The report will be called DrWeb.csv<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Close Dr.Web Cureit.<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Reboot your computer!!<SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> Because it could be possible that files in use will be moved/deleted during reboot.<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Start Superantispyware/rightclick on the black/yellow bug in tray.<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Hit - Scan Your Computer - button<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Click on the drive(s) you want to scan. Put a check in - Perform Complete Scan, then next,<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">it will scan now. When scan have finished, put a checkmark with<SPAN style="mso-spacerun: yes"> all items it found. Next, after cleaning, allow it to Reboot<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Start Superantispyware again –<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Click Preferences and then click the statistics/logs tab. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Click the dated log and press view log and a text file will appear.<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Post this log along with fresh hijackthis log, Dr.Web log and tell how things are running<SPAN style="mso-spacerun: yes"> <SPAN lang=EN-GB style="FONT-SIZE: 10pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">?<SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><SPAN style="mso-spacerun: yes"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Look here how to block for tracking cookies: <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">http://www.washingtonpost.com/wp-dyn/content/article/2005/07/16/AR2005071600111.html <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <o:p></o:p>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 8/5/2007 8:45 PM
#51491
User avatar

deiv Member

Date Joined Nov 2016
Total Posts: 3
Well I think its really messed up... and im quite frustrated... my internet isn't as slow, but I cant download properly. <br/>I would say about 50% of my downloads will either stuck, or complete but the file will be corrupted... I cant even download the superantispyware... <br/> <br/>I would have to ask my cousing to e-mail it to me... Just like he sent me the Combofix... What could it be? perhaps its something with my settings? <br/> <br/>I will soon post the logs.
Posted 8/7/2007 7:51 AM
#51577
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
I suggest You repair XP without loss of data - <br/> <br/> <br/>http://www.michaelstevenstech.com/XPrepairinstall.htm

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Friday, December 9, 2016, 12:43 PM (GMT +1)
There are a total of 61,163 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 3 reply posts.

Who's online

This forum has 37,968 registered members. Please welcome our newest member, Crawlerz.
There are currently no users on-line.