something about files.. - computer help forum

Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Home / Software / Computer viruses and spyware / something about files..

0 Members and 2 Guests are viewing this topic.

« previous next »

Pages: 1 2 3 [All] - (Bottom)

Print

Author

Topic: something about files.. (Read 4338 times)

singthesame
Topic Starter

Rookie

Posts: 33

something about files..

« on: January 01, 2008, 04:31:05 PM »

My computer is the computer from *censored*. I swear, it's always messing up. Anyway, my latest problem is that I keep getting this pop-up that says something about some files being overwritten by unrecognized version and it tells me to inster my Professional XP CD2. I do not have that. I have all the stuff that came with the computer and that disk isn't in there. Well, everytime that pop-ups, my computer goes screwey. The start button and everything with it disappears and all the icons on my computer desktop disappear. It's really annoying. Has anyone else ever had this problem & what am I supposed to do?


	IP logged

SuperDave
Malware Removal Specialist
Moderator

Prodigy

Thanked: 617
Posts: 7,003

Certifications: List
Experience: Experienced
OS: Windows XP

Re: something about files..

« Reply #1 on: January 01, 2008, 04:35:50 PM »

More info please. What OS and what protection do you have?


	IP logged

AMD Athlon XP 1900+ 1.47 GHz 3 GB Ram Windows XP Home with SP3, MicroSoft Security Essentials, Spybot S&D. SuperAntiSpyware and Threatfire with Comodo Firewall & Windows Defender

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #2 on: January 01, 2008, 04:36:29 PM »

Sorry, I'm not very computer smart so I have no idea what an OS is.

Okay, this is what I know about my computer. I have Windows XP & the CPU hardrive thing is an eMachines. I have McAfee. That's about all I know. This is what the pop-up thing says word for word:

Files that are required for Windows to run properly have been replaced by unrecognized versions. To maintain system stability, Windows must restore the original versions of these files.

Insert your Windows XP Professional CD2 now.


« Last Edit: January 01, 2008, 04:59:40 PM by singthesame »	IP logged

bones000sw
Guest

Re: something about files..

« Reply #3 on: January 01, 2008, 05:20:43 PM »

Have you tried running Windows Update?


	IP logged

jim

Beginner

Posts: 71

Re: something about files..

« Reply #4 on: January 01, 2008, 05:23:59 PM »

Or do what I told someone earlier...use the sfc command ...this scans all OS files & replaces ones that are corrupt..with your CD inserted of course to copy the files from....
Go to start/run type in sfc /scannow...& follow the promts.


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #5 on: January 01, 2008, 05:34:06 PM »

Do you have Windowx XP Service Pack 2 installed?


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #6 on: January 01, 2008, 09:18:46 PM »

jim, I ran that thing and it just popped up with that thing again. I don't have the CD so I can't do anything about it.

And Broni, I don't think so?


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #7 on: January 01, 2008, 09:29:02 PM »

You better get it. It's a very crucial update.
Get other Windows updates, as well.


	IP logged

My Home Page

patio
Moderator

Genius

Thanked: 1069
Posts: 11,354

Experience: Beginner
OS: Windows 7

Maud' Dib

Re: something about files..

« Reply #8 on: January 02, 2008, 07:05:20 AM »

To see if it's installed open My Computer...clik on Help/About Windows.


	IP logged

"
All generalizations are false, including this one. "

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #9 on: January 02, 2008, 10:09:12 AM »

It says:

Microsoft Windows Version 5.1 (Build 2600.xpsp_sp2_gdr.070227-2254 : Service Pack 2)

Does that mean it is installed?


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #10 on: January 02, 2008, 10:14:12 AM »

Yes. How about current Windows Updates?


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #11 on: January 02, 2008, 04:26:47 PM »

I don't know?


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #12 on: January 02, 2008, 04:48:31 PM »

Well, go Start>Windows Updates, and check.


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #13 on: January 09, 2008, 01:39:02 PM »

I'm positive I have every update.
It still happens though.


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #14 on: January 09, 2008, 09:52:13 PM »

Let's see, if that computer is clean...

1. Run free ESET Online Scanner at: http://www.eset.com/onlinescan/
Note: This Scanner is for Internet Explorer Only
1. You will notice that the "Start" button is grayed out. Place a check mark at "Yes, I accept the Terms of use". The "Start" button will become visible. Click on it.
2. If it wants to install an ActiveX component allow it
3. You will be asked to install an ActiveX, click the "Install" button (Note: If you have a Firewall install you may have to approve the installation)
4. Once ActiveX control is installed click on the "Start" button to initialize the scanner
5. After initialization is complete uncheck\untick "Remove found threats"
6. Check\tick "Scan unwanted applications"
7. Click the "Scan" button
8. Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt
Post ESET's log.

2. Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/

Print these instructions out.

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
* Close SUPERAntiSpyware.

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

* Open SUPERAntiSpyware.
* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):
o Close browsers before scanning.
o Scan for tracking cookies.
o Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".
* To retrieve the removal information after reboot, launch SUPERAntispyware again.
o Click Preferences, then click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
o Please copy and paste the Scan Log results in your next reply with a new HijackThis log.
* Click Close to exit the program.
Post SUPERAntiSpyware log.

3. Download HijackThis:
http://www.snapfiles.com/get/hijackthis.html
Post HijackThis log.


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #15 on: January 10, 2008, 06:41:39 PM »

SUPERAntiSpyware

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/10/2008 at 08:30 PM

Application Version : 3.9.1008

Core Rules Database Version : 3377
Trace Rules Database Version: 1371

Scan type : Complete Scan
Total Scan Time : 04:32:11

Memory items scanned : 208
Memory threats detected : 2
Registry items scanned : 5993
Registry threats detected : 53
File items scanned : 129330
File threats detected : 547

Adware.Vundo Variant
   C:\WINDOWS\SYSTEM32\TUVVURO.DLL
   C:\WINDOWS\SYSTEM32\TUVVURO.DLL
   HKLM\Software\Classes\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
   HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
   HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}\InprocServer32
   HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}\InprocServer32#ThreadingModel
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
   Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\tuvvuro
   HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}

Adware.Vundo Variant/Resident
   C:\WINDOWS\SYSTEM32\HGGHI.DLL
   C:\WINDOWS\SYSTEM32\HGGHI.DLL

Trojan.Vundo/Variant-Installer
   [load] C:\WINDOWS\SYSTEM32\HGGHI.EXE
   C:\WINDOWS\SYSTEM32\HGGHI.EXE
   [load] C:\WINDOWS\SYSTEM32\HGGHI.EXE
   [load] C:\WINDOWS\SYSTEM32\HGGHI.EXE

Adware.AdSponsor/ISM
   HKLM\Software\Classes\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}
   HKCR\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}
   HKCR\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}
   HKCR\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}#AppID
   HKCR\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}\Implemented Categories
   HKCR\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
   HKCR\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}\InprocServer32
   HKCR\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}\InprocServer32#ThreadingModel
   HKCR\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}\ProgID
   HKCR\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}\TypeLib
   HKCR\CLSID\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}\VersionIndependentProgID
   C:\PROGRAM FILES\QDRDRIVE\QDRDRIVE9.DLL
   HKLM\Software\Classes\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}
   HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}
   HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}
   HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}#AppID
   HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}\InprocServer32
   HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}\InprocServer32#ThreadingModel
   HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}\ProgID
   HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}\TypeLib
   HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}\VersionIndependentProgID
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F9E2BE3-766D-4831-BB0E-766D5B819995}
   HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}
   HKU\S-1-5-21-365504065-2506061497-3192662561-1006\Software\Microsoft\Internet Explorer\Explorer Bars\{1FE2EBE5-42FF-4586-A144-CA420C84FF6A}
   HKU\S-1-5-21-365504065-2506061497-3192662561-1006\Software\Microsoft\Windows\CurrentVersion\Run#QdrPack11 [ "C:\Program Files\QdrPack\QdrPack11.exe" ]
   C:\Documents and Settings\Owner.Stephanie\Start Menu\Programs\Internet Speed Monitor\Check Now.lnk
   C:\Documents and Settings\Owner.Stephanie\Start Menu\Programs\Internet Speed Monitor\Uninstall.lnk
   C:\Documents and Settings\Owner.Stephanie\Start Menu\Programs\Internet Speed Monitor
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX127.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX134.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX142.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX143.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX18F.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX191.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX196.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX197.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX1D7.TMP

[ Continued on next post ]


	IP logged

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #16 on: January 10, 2008, 06:43:27 PM »

   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX1D9.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX200.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX219.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX262.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX2AA.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX2B0.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX2B1.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX2EE.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX2F9.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX30B.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX33B.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX35B.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX37B.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX3A1.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX3BE.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX3E7.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX400.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX43F.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX443.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX483.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX487.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX4C8.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX4CD.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX50E.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX552.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX595.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX5D8.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX5F.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX60.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX61B.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX64.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX65F.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX69.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX74.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCX8A.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCXB3.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCXBA.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCXC4.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCXDA.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCXF6.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCXFA.TMP
   C:\DOCUMENTS AND SETTINGS\OWNER.STEPHANIE\LOCAL SETTINGS\TEMP\RCXFF.TMP

Adware.Vundo-Variant/Small-A
   HKLM\Software\Classes\CLSID\{bfe3f74f-a6cb-4afb-b998-a966852a5034}
   HKCR\CLSID\{BFE3F74F-A6CB-4AFB-B998-A966852A5034}
   HKCR\CLSID\{BFE3F74F-A6CB-4AFB-B998-A966852A5034}\InprocServer32
   HKCR\CLSID\{BFE3F74F-A6CB-4AFB-B998-A966852A5034}\InprocServer32#ThreadingModel
   C:\WINDOWS\SYSTEM32\KYOWJUOB.DLL
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bfe3f74f-a6cb-4afb-b998-a966852a5034}

Adware.Vundo-Variant
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D74C69C-CF45-40A7-8FD9-15E4D775D9BA}
   HKCR\CLSID\{9D74C69C-CF45-40A7-8FD9-15E4D775D9BA}
   HKCR\CLSID\{9D74C69C-CF45-40A7-8FD9-15E4D775D9BA}\InprocServer32
   HKCR\CLSID\{9D74C69C-CF45-40A7-8FD9-15E4D775D9BA}\InprocServer32#ThreadingModel

Adware.Tracking Cookie
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@bizadverts[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@pro-market[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@a.websponsors[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@hornymatches[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ehg-eset.hitbox[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@edge.ru4[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@advertising[3].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@cgi-bin[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ads.evtv1[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@bannerfarm.ace.advertising[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ehg-nestlewaters.hitbox[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ad.zanox[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@yieldmanager[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@anounce.ron.clickshield[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@adecn[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@enhance[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@media.adrevolver[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@bs.serving-sys[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ads.adbrite[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@server.iad.liveperson[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@51911977[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@21245[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@viavh1com.112.2o7[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@questionmarket[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@web4.realtracker[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ig[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@tremor.adbureau[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@systemerrorfixer[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@secure.advancedcleaner[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@media6degrees[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@toseeka[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@login.tracking101[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@tacoda[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@adserver.easyad[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@realmedia[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@track.coolchaser[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@qksrv[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@adserver[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@tribalfusion[3].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@mediatraffic[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@bluestreak[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@cgi-bin[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@advancedcleaner[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ads.monster[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@statcounter[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@2o7[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@specificclick[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@zedo[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ads.gametap[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@apmebf[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@commission-junction[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@fastclick[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@optimize.indieclick[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@classifiedventures1.112.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@adlegend[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@mediamgr.ugo[1].txt


	IP logged

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #17 on: January 10, 2008, 06:44:11 PM »

C:\Documents and Settings\Owner.Stephanie\Cookies\owner@eyewonder[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@richmedia.yahoo[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@interclick[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@revsci[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@atdmt[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@tgn.122.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@anat.tacoda[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@rotator.adjuggler[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@1069788656[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ads.realtechnetwork[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@gateway.122.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@html[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@adbrite[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@statse.webtrendslive[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@adinterax[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@fliptrack[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@a[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@weborama[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@adopt.specificclick[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@hitbox[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@3.adbrite[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@adopt.euroclick[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@adrevolver[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@adrevolver[3].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@trafficmp[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ad[3].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ads.pointroll[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@casalemedia[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@mediaplex[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@www.burstnet[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@consumergain[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@atwola[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@sixapart.adbureau[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@youporn[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@overture[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@homestore.122.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@doubleclick[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@maxis.112.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@ad.yieldmanager[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@anad.tacoda[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@stats.sellmosoft[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@serving-sys[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@superstats[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@21244[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@www.admedia365[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@viamtvnvideo.112.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@secure.systemerrorfixer[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@indiads[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@eas.apm.emediate[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@affiliatebot[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@media.mtvnservices[1].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@advertising[2].txt
   C:\Documents and Settings\Owner.Stephanie\Cookies\owner@tribalfusion[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@4.adbrite[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@ad.yieldmanager[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@adbrite[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@adlegend[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@adopt.euroclick[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@adopt.specificclick[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@adrevolver[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@adrevolver[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@ads.adbrite[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@ads.addynamix[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@ads.adfox[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@ads.pointroll[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@ads.sup[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@adserver[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@advertising[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@anad.tacoda[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@anat.tacoda[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@apmebf[1].txt


	IP logged

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #18 on: January 10, 2008, 06:44:41 PM »

   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@atdmt[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@atwola[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@bannerfarm.ace.advertising[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@bluestreak[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@bs.serving-sys[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@burstnet[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@casalemedia[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@collective-media[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@cz4.clickzs[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@doubleclick[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@eas.apm.emediate[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@edge.ru4[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@ehg-hollywood.hitbox[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@electronicarts.112.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@eyewonder[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@fastclick[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@gateway.122.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@gostats[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@homestore.122.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@interclick[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@letomedia.greatestjournal[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@m1.webstats.motigo[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@maxis.112.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@media.adrevolver[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@media6degrees[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@mediaplex[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@optimize.indieclick[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@prospect.adbureau[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@questionmarket[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@realmedia[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@revsci[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@richmedia.yahoo[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@rotator.adjuggler[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@serving-sys[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@shopping.112.2o7[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@sixapart.adbureau[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@specificclick[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@stat.dealtime[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@statcounter[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@tacoda[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@teenidols4you[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@trafficmp[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@tremor.adbureau[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@tribalfusion[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@tripod[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@www.burstbeacon[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@www.burstnet[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@www.clickxchange[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@www.teenidols4you[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@www.tns-counter[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@xiti[1].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@yieldmanager[2].txt
   C:\Documents and Settings\Owner.Stephanie\Local Settings\Temp\Cookies\owner@zedo[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@19searchfeed[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@2adultflashgames[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@3.adbrite[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@4.adbrite[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ad-indicator[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ad.roiworld[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ad.zanox[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@adbrite[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@adinterax[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@adopt.euroclick[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.adbrite[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.bridgetrack[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.cnn[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.domainsuite[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.fashionriot[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.k8l[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.monster[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.realtechnetwork[1].txt


	IP logged

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #19 on: January 10, 2008, 06:45:13 PM »

C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.tripod.lycos.co[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.univision[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads.us.e-planning[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ads2.k8l[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@adsby.zwoops[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@adserver.easyad[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@affiliate.budsinc[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@anad.tacoda[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@anat.tacoda[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@banners.broadwayworld[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@bne.finditquick.primosearch[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@casalemedia[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@clicksfeed[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@clicksor[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@collective-media[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@eas.apm.emediate[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ehg-dig.hitbox[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ehg-foxsports.hitbox[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ehg-gatehousemedia.hitbox[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ehg-hollywoodmedia.hitbox[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ehg-myspaceinc.hitbox[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ehg-verizon.hitbox[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@ehg-youtube.hitbox[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@eyewonder[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@find-a-pb.greatestjournal[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@find-icons.greatestjournal[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@hairfinder[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@hg1.hitbox[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@hitbox[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@indextools[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@interclick[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@kanoodle[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@linkto.mediafire[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@login.tracking101[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@m1.webstats.motigo[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@media.mtvnservices[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@media6degrees[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@mediafire[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@mediaplex[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@mediatraffic[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@modelmedia.greatestjournal[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@mystupidfuck.greatestjournal[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@network.rpowermedia[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@optimize.indieclick[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@partner2profit[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@path.pureadstracking[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@*censored*[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@primeclickz[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@publishers.clickbooth[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@revenuesense[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@revsci[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@richmedia.yahoo[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@smartadserver[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@tacoda[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@tagiq.clickforensics[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@teenidols4you[1].txt


	IP logged

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #20 on: January 10, 2008, 06:45:44 PM »

C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@theliteracysite[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@tour.*censored*[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@tracker.wheretheheckareyou[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@www.admedia365[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@www.adtrak[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@www.fpcclicks[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@www.levelclick[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@www.mediafire[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@www.teenidols4you[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@www.theliteracysite[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@www.ticketsnow[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Cookies\owner@youporn[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@008.free-counter.co[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@2.adbrite[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@247realmedia[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@2o7[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@4.adbrite[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ad.xplusone[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ad.yieldmanager[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adbrite[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adinterax[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adlegend[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adopt.euroclick[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adopt.specificclick[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adrevolver[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adrevolver[3].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ads.adbrite[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ads.addynamix[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ads.admodus[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ads.bridgetrack[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ads.e-planning[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ads.monster[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ads.pointroll[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ads3.blastro[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adserver.easyad[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adserver4.teracent[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adserver[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@adtech[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@advertising[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@anad.tacoda[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@anat.tacoda[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@as-eu.falkag[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@as-us.falkag[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@atdmt[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@atwola[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@azoogleads[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@bannerads.zwire[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@bannerads[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@bluestreak[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@brightcove.112.2o7[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@bs.serving-sys[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@burstnet[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@casalemedia[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@cbs.112.2o7[1].txt


	IP logged

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #21 on: January 10, 2008, 06:46:17 PM »

C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@collective-media[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@counter.hitslink[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@dash.revsci[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@doubleclick[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@eas.apm.emediate[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@edge.ru4[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ehg-comcast.hitbox[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ehg-foxsports.hitbox[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ehg-samsungusa.hitbox[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ehg-upcchellomedia.hitbox[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ez-tracks[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@fastclick[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@hitbox[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@i.screensavers[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@interclick[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@journalregistercompany.122.2o7[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@keywordmax[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@login.tracking101[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@lynxtrack[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@m1.webstats.motigo[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@maxis.112.2o7[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@maxserving[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@media.adrevolver[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@media6degrees[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@mediaplex[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@mediaservices.myspace[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@monstercom.112.2o7[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@mycounter.tinycounter[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@mywebsearch[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@nextag[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@oasc02.247realmedia[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@oddcast[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@onetoone.112.2o7[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@overture[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@partner2profit[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@perf.overture[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@questionmarket[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@realmedia[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@reduxads.valuead[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@revenue[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@revsci[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@richmedia.yahoo[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@roiservice[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@rotator.adjuggler[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@samsung.112.2o7[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@screensavers[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@serving-sys[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@sixapart.adbureau[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@specificclick[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@stat.onestat[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@statcounter[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@stats.channel4[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@superstats[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@tacoda[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@theliteracysite[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@tradedoubler[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@trafficmp[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@tremor.adbureau[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@tribalfusion[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@try.screensavers[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@vhost.oddcast[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@weborama[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@winantispyware[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@www.burstbeacon[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@www.burstnet[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@www.clickxchange[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@www.ez-tracks[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@www.theliteracysite[2].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@www.tns-counter[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@youporn[1].txt
   C:\My Backup -- 07-11-21 0652PM\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@zedo[2].txt


	IP logged

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #22 on: January 10, 2008, 06:46:52 PM »

Adware.ClickSpring/Outer Info Network
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#Publisher
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayName
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#UninstallString
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#HelpLink
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#InstallLocation
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoModify
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoRepair
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayVersion

Adware.WsnPoem
   C:\WINDOWS\system32\wsnpoem\audio.dll
   C:\WINDOWS\system32\wsnpoem\audio.dll.cla
   C:\WINDOWS\system32\wsnpoem\video.dll
   C:\WINDOWS\system32\wsnpoem

Trojan.Unclassified/PackedInstaller
   C:\MY BACKUP -- 07-11-21 0652PM\APP.EXE

Trojan.ZenoSearch
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AOL\C_AMERICA ONLINE 9.0A\OPTCLEAN.EXE

Trojan.Unknown Origin
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\NORTON ANTIVIRUS\QUARANTINE\PORTAL\506043E0.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO108.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO109.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO10A.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO10B.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO10D.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO142.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO143.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO144.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO145.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO146.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO162.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO163.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO164.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO165.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO166.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO1A5.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO1A6.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO1A8.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO1A9.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO1AB.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO1BA.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO1BB.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO1BC.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO1BD.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO1BE.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO222.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO223.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO224.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO225.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO226.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO23.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO24.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO25.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO26.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO29.TMP


	IP logged

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #23 on: January 10, 2008, 06:47:09 PM »

C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO2A.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO2B.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO2C.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO2E.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO2F.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO30.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO32.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO33.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO34.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO35.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO38.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO39.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO3B.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO3C.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO3D.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO3E.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO3F.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO40.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO41.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO42.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO43.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO44.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO46.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO47.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO48.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO6.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO6A.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO7.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO8.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICO9.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOA.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOC6.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOC7.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOC8.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOC9.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOCA.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOCB.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOCC.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOCE.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOCF.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\ICOD0.TMP
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\G5Y3W5M7\TTC-4444[1].EXE

Malware.LocusSoftware Inc/BestSellerAntivirus
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\MOFUGCLQ.EXE
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMP\QRJATYDI.EXE

Trojan.ZQuest-Installer
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\C1Q70PAR\TK58[1].EXE

Adware.RAC
   C:\MY BACKUP -- 07-11-21 0652PM\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\G5Y3W5M7\83122[1].EXE

Trojan.ZQuest
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\MESSENGER\LAWUGEP.DLL
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\MESSENGER\LAWUGEP304.DLL
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\MESSENGER\LAWUGEP418.DLL
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\MESSENGER\LAWUGEP585.DLL
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\MESSENGER\LAWUGEP660.DLL
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\MESSENGER\LAWUGEP766.DLL
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\MESSENGER\LAWUGEP91.DLL

Adware.k8l
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\MESSENGER\PROGYRTAJ.HTML

Adware.MyWebSearch
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\MYWEBSEARCH\BAR\3.BIN\MWSOEMON.EXE

Trojan.NewDotNet
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\NEWDOTNET\NEWDOTNET6_38.DLL
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\NEWDOTNET\NEWDOTNET7_48.DLL
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\NEWDOTNET\UNINSTALL6_38.EXE
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\NEWDOTNET\UNINSTALL7_48.EXE

Worm.Rbot Variant
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\UY.EXE

Adware.WebBuying Assistant-Installer
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\WEB BUYING\V1.8.6\WBUNINST.EXE
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\WEB BUYING\V1.8.6\WEBBUYING.EXE

Unclassified.Unknown Origin
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\WINDOWS PLUS\HOLEM4444.DLL
   C:\MY BACKUP -- 07-11-21 0652PM\PROGRAM FILES\WINDOWS PLUS\HOLEM83122.DLL


	IP logged

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #24 on: January 10, 2008, 06:47:39 PM »

Hijack this

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:52:45 PM, on 1/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\WINDOWS\ehome\ehtray .exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iTunes\iTunesHelper .exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\BigFix\BigFix.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent .exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MSC\mcuimgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F3 - REG:win.ini: load=C:\WINDOWS\system32\hgghi.exe
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1195723428\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAGE~1.EXE
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [887ce0e2] rundll32.exe "C:\WINDOWS\system32\jdacdspu.dll",b
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [QdrModule11] "C:\Program Files\QdrModule\QdrModule11.exe"
O4 - HKCU\..\Run: [QdrPack11] "C:\Program Files\QdrPack\QdrPack11.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Ubisoft register.lnk = C:\Program Files\Ubisoft\Register\schedule.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim .exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O18 - Filter hijack: text/html - {07851C6A-1C43-41d9-8319-BC89154A8C00} - C:\Program Files\RcvSystem\httpdchk.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\ttkjifgv.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 9349 bytes


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #25 on: January 10, 2008, 08:08:40 PM »

ESET scan log is missing. I need that, too.


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #26 on: January 14, 2008, 01:26:02 PM »

I ran that ESET thing, but it seems to hate me. This is the third time I've tried and the only thing in the files was debuglog and that only had:

# vers_standard_module=2788 (20080113)
# vers_arch_module=1.061 (20080110)
# vers_adv_heur_module=1.064 (20070717)

I don't think that's what you were looking for. It was running last night and then it just closed, so I don't think it worked. But I thought I'd ask or whatever before I did it again for the fourth time.


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #27 on: January 14, 2008, 07:56:21 PM »

1. Print this post out, since you won't have an access to it, at some point.

2. Close all windows, except for HijackThis.

2a. Go to Control Panel>Add\Remove.
Uninstall any of the following programs associated with Viewpoint:
* Viewpoint Manager
* Viewpoint Media Player
* Viewpoint Toolbar

3. Put a checkmark next to the following HijackThis entries:

- F3 - REG:win.ini: load=C:\WINDOWS\system32\hgghi.exe

- O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

- O4 - HKLM\..\Run: [887ce0e2] rundll32.exe "C:\WINDOWS\system32\jdacdspu.dll",b

- O4 - HKCU\..\Run: [QdrModule11] "C:\Program Files\QdrModule\QdrModule11.exe"

- O4 - HKCU\..\Run: [QdrPack11] "C:\Program Files\QdrPack\QdrPack11.exe"

- O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

- O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

- O18 - Filter hijack: text/html - {07851C6A-1C43-41d9-8319-BC89154A8C00} - C:\Program Files\RcvSystem\httpdchk.dll

- O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\ttkjifgv.exe (file missing)

- O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

4. Click on "Fix checked" button.

5. Restart your computer in Safe Mode (keep tapping F8 key, when your computer starts)

6. Open Windows Explorer. Go Tools>Folder Options>View tab, put a checkmark next to "Show hidden files, and folders".

7. Delete following files/folders (if present):

- jdacdspu.dll, hgghi.exe files from C:\WINDOWS\system32

- QdrPack, QdrModule, RcvSystem folders from C:\Program Files

8. Turn off System Restore:

- Windows XP:
   1. Click Start.
   2. Right-click the My Computer icon, and then click Properties.
   3. Click the System Restore tab.
   4. Check "Turn off System Restore".
   5. Click Apply.
   6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
   7. Click OK.
- Windows Vista:
   1. Click Start.
   2. Right-click the Computer icon, and then click Properties.
   3. Click on System Protection under the Tasks column on the left side
   4. Click on Continue on the "User Account Control" window that pops up
   5. Under the System Protection tab, find Available Disks
   6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
   7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
   8. Click OK

9. Restart in Normal Mode.

10. Turn System Restore on.

11. Run HijackThis again, and post back its log back here.


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #28 on: January 16, 2008, 07:45:24 PM »

Before I do all that, I have a question.
I did a system restore before and I had backup files made. I think that might be part of the problem since I had to do the restore due to viruses. If I delete those backup files, would it affect my computer in anyway or would it even help?


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #29 on: January 16, 2008, 07:49:05 PM »

By turning System Restore off, you make sure, that IF you had any infection, and you need to use System Restore in the future, new Restore Points won't return your computer to infected state.


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #30 on: January 23, 2008, 06:58:42 PM »

Well what am I supposed to click so i can check that when Hijackthis comes up?


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #31 on: January 23, 2008, 07:21:20 PM »

Say again, please. I'm not sure, I understand your question.


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #32 on: January 23, 2008, 07:26:20 PM »

You want me to check those things in Hijack this to get fixed. Well, when I open up Hijack this, what do I click so I can do that? These are the things I get:

Do a system scan and save a log file
Do a system scan only
View the list of backups
Open the Misc Tools section
Open online HijackThis QuickStart
None of the above, just start the program


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #33 on: January 23, 2008, 07:29:04 PM »

You go:
Do a system scan only


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #34 on: January 23, 2008, 07:51:15 PM »

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:50:40 PM, on 1/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\ehome\ehtray.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\WINDOWS\ehome\ehtray .exe
C:\WINDOWS\system32\RUNDLL32.EXE
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper .exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware .exe
C:\PROGRA~1\McAfee.com\Agent\mcagent .exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1195723428\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAGE~1.EXE
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim .exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O18 - Filter hijack: text/html - {07851C6A-1C43-41d9-8319-BC89154A8C00} - C:\Program Files\RcvSystem\httpdchk.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

--
End of file - 8443 bytes


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #35 on: January 23, 2008, 08:17:09 PM »

It looks much better....

Download Combofix.exe(http://download.bleepingcomputer.com/sUBs/ComboFix.exe) to your desktop.
Physically disconnect from the internet.
Now STOP all your monitoring programs (Firewall, Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe, and follow the prompts.
A window will open with a warning. Type "1" (and Enter) to start the fix.
When the scan completes it will open a text window.
Please attach that log back here together with a fresh HJT log.
Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

Combofix will automatically save the log file to C:\combofix.txt
Attach its log.


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #36 on: January 27, 2008, 04:26:37 PM »

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:25:33 PM, on 1/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\McAfee\MSC\mcuimgr.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com/
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1195723428\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAGE~1.EXE
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim .exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

--
End of file - 9103 bytes

[file cleanup - saving space - attachment deleted by admin]


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #37 on: January 27, 2008, 08:52:04 PM »

It looks nice, and clean.

Last step...
1. Download, and install CCleaner: http://www.ccleaner.com/download/builds. Get "Slim" version.
2. Read CCleaner instruction here: http://www.jahewi.nl/ccleaner/ccleaner.html, and run CCleaner

Report back about your computer overall behavior.


	IP logged

My Home Page

singthesame
Topic Starter

Rookie

Posts: 33

Re: something about files..

« Reply #38 on: January 28, 2008, 07:11:10 PM »

For the last like day and a half it seems to be running fine now. The bottom taskbar isn't disappearing and I don't have to restart every five minutes, so hopefully it's fixed.


	IP logged

Broni

Mastermind

Thanked: 610
Posts: 28,751

Computer: Specs
Experience: Experienced
OS: Windows Vista

Kraków my love :)

Re: something about files..

« Reply #39 on: January 28, 2008, 07:18:25 PM »

Great! Happy computing, then...


	IP logged

My Home Page

Pages: 1 2 3 [All] - (Top)

Print

Home / Software / Computer viruses and spyware / something about files..	« previous next »

Old Forum Search | Forum Rules
Copyright © 2010 Computer Hope ® All rights reserved.
Powered by SMF 2.0 RC3 | SMF © 2006–2010, Simple Machines LLC

Page created in 0.56 seconds with 20 queries.