Marie1121

Members
  • Content Count

    12
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Marie1121

  • Rank
    Member
  1. Thanks Charles I think so to, I know where to come when I need some good advice with easy instructions to follow. If you ever feel the need to be adopted you know Im here....lol Take care Marie
  2. I manged to delete it in safe mode, then rebooted the I to figured out that its part of my ntlNetguard package OMG....... so I went into the recyle bin, restored file and all seems to be fine...how blonde am I... Thanks for all the help Charles I really appreciate it. Could I adopt you... hehehehehee
  3. Thanks Charles - Ive been using the pc most of the day and I havent had any problems It wont let me delete PestPatrol folder - Its asking me to check disk or if its currently in use The folder is in C:\Program Files\common files\PestPatrol can I use the hijackthis thingy? Ive just done a google search on this and other people seem to have the same problem ----------------------------------------------------------- I have spybot Search & destroy I thought that would have found most of them but when I ran Panda there was more on there. Take care
  4. Thanks Charles, I have done what you said - I dont know why PestPatol is still on my system I removed that ages ago. Everything seems to be fine so far. I would like to say a big THANK YOU for taking the time to help me - your instructions are really easy to follow, even for someone like me. Regards Marie
  5. Spyware:Cookie/Adtech Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQB0.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQB1.tmp Spyware:Cookie/Com.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQB3.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQB4.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQB5.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQB6.tmp Spyware:Cookie/Adtech Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQB7.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQB8.tmp Spyware:Cookie/Adviva Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQB9.tmp Spyware:Cookie/SexList Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQBA.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQBC.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQBD.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQBE.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQBF.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQC0.tmp Spyware:Cookie/Clicktracks Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQC1.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQC2.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQC3.tmp Spyware:Cookie/WUpd Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQC5.tmp Spyware:Cookie/RealMedia Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQC6.tmp Spyware:Cookie/WebtrendsLive Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQC7.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQC9.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQCA.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQCB.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQCC.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQCD.tmp Spyware:Cookie/XXXCounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQCE.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQCF.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQD0.tmp Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQD1.tmp Spyware:Cookie/Adtech Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQD2.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQD3.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQD4.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQD5.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQD6.tmp Spyware:Cookie/PointRoll Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQD8.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQD9.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQDA.tmp Spyware:Cookie/PointRoll Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQDB.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQDC.tmp Spyware:Cookie/PointRoll Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQDD.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQDE.tmp Spyware:Cookie/Adtech Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE.tmp Spyware:Cookie/FastClick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE0.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE1.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE2.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE3.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE4.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE5.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE6.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE7.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE8.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQE9.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQEA.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQEB.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQEC.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQED.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQEF.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQF.tmp Spyware:Cookie/FastClick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQF0.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQF1.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQF2.tmp Spyware:Cookie/Maxserving Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQF3.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQF4.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQF5.tmp Spyware:Cookie/Falkag Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQF6.tmp Spyware:Cookie/Humanclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQF8.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQF9.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQFA.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQFB.tmp Spyware:Cookie/PayCounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQFC.tmp Spyware:Cookie/Falkag Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQFD.tmp Spyware:Cookie/WebtrendsLive Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQFE.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQFF.tmp Adware:Adware/888Bar Not disinfected C:\Program Files\Common Files\{38544E4A-0688-2057-1028-04110503002c}\Bar888.dll Adware:Adware/888Bar Not disinfected C:\Program Files\Common Files\{38544E4A-0688-2057-1028-04110503002c}\UnInstall.exe Adware:Adware/ActiveSearch Not disinfected C:\RECYCLER\S-1-5-18\Dc1\system.dll Adware:Adware/888Bar Not disinfected C:\RECYCLER\S-1-5-18\Dc1\Update.exe Adware:Adware/ActiveSearch Not disinfected C:\RECYCLER\S-1-5-18\Dc2\system.dll Adware:Adware/ActiveSearch Not disinfected C:\RECYCLER\S-1-5-18\Dc3\system.dll Adware:Adware/888Bar Not disinfected C:\tdd.exe
  6. Cont.... Spyware:Cookie/WUpd Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ40.tmp Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ41.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ411.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ42.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ43.tmp Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ439.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ44.tmp Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ45.tmp Spyware:Cookie/bravenetA Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ46.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ47.tmp Spyware:Cookie/RealMedia Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ48.tmp Spyware:Cookie/onestat.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ49.tmp Spyware:Cookie/Maxserving Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ4A.tmp Spyware:Cookie/Weborama Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ4B.tmp Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ4C.tmp Spyware:Cookie/bravenetA Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ4D.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ4E.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ4F.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ50.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ51.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ52.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ53.tmp Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ54.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ55.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ56.tmp Spyware:Cookie/Adtech Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ567.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ57.tmp Spyware:Cookie/MetriWeb Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ57A.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ57F.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ58.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ581.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ582.tmp Spyware:Cookie/FortuneCity Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ583.tmp Spyware:Cookie/bravenetA Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ586.tmp Spyware:Cookie/FortuneCity Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ587.tmp Spyware:Cookie/PointRoll Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ59.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ5A.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ5B.tmp Spyware:Cookie/Com.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ5C.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ5D.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ61.tmp Spyware:Cookie/Falkag Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ62.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ63.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ65.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ66.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ67.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ68.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ69.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ6A.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ6B.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ6C.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ6D.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ6E.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ6F.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ70.tmp Spyware:Cookie/Casalemedia Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ71.tmp Spyware:Cookie/WUpd Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ72.tmp Spyware:Cookie/PointRoll Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ73.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ74.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ75.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ76.tmp Spyware:Cookie/WebtrendsLive Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ77.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ78.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ79.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ7A.tmp Spyware:Cookie/RealMedia Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ7B.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ7C.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ7D.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ7E.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ7F.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ80.tmp Spyware:Cookie/PointRoll Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ81.tmp Spyware:Cookie/Zedo Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ82.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ83.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ84.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ85.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ86.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ87.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ88.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ89.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ8A.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ8B.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ8C.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ8D.tmp Spyware:Cookie/Falkag Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ8E.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ8F.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ90.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ92.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ93.tmp Spyware:Cookie/Adtech Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ94.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ95.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ96.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ97.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ98.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ99.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ9A.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ9B.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ9C.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ9D.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ9E.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ9F.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQA0.tmp Spyware:Cookie/PayCounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQA1.tmp Spyware:Cookie/PointRoll Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQA2.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQA3.tmp Spyware:Cookie/WUpd Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQA4.tmp Spyware:Cookie/Adtech Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQA6.tmp Spyware:Cookie/Adviva Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQA7.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQA8.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQAB.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQAC.tmp Spyware:Cookie/Adtech Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQAD.tmp Spyware:Cookie/Adviva Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQAE.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQAF.tmp
  7. The Panda Scan Report Log I have to do this is a couple of message as its too big... is this what you want? Incident Status Location Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Penfold\Cookies\[email protected][1].txt Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Suede\Cookies\[email protected][1].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Suede\Cookies\[email protected][2].txt Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Suede\Cookies\[email protected][2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Suede\Cookies\[email protected][2].txt Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Suede\Cookies\[email protected][1].txt Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Suede\Cookies\[email protected][1].txt Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Suede\Cookies\[email protected][2].txt Virus:W32/SimpleP2P.A.worm Disinfected C:\Documents and Settings\Suede\My Documents\New Folder\run.exe Virus:W32/SimpleP2P.A.worm Disinfected C:\Documents and Settings\Suede\My Documents\New Folder\td.exe Virus:W32/SimpleP2P.A.worm Disinfected C:\Documents and Settings\Suede\My Documents\New Folder\Warhammer 40000-Dawn Of War-Dark Crusade (Crack + Serial).exe Virus:W32/SimpleP2P.A.worm Disinfected C:\Documents and Settings\Suede\My Documents\New Folder\Warhammer 40000-Dawn Of War-Dark Crusade (Crack + Serial).zip[Warhammer 40000-Dawn Of War-Dark Crusade (Crack + Serial).exe] Adware:Adware/Seekmo Not disinfected C:\Documents and Settings\Suede\My Documents\New Folder\zgo.exe Spyware:Cookie/Com.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ10.tmp Spyware:Cookie/FastClick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ100.tmp Spyware:Cookie/Hitbox Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ101.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ103.tmp Spyware:Cookie/Tribalfusion Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ104.tmp Spyware:Cookie/Traffic Marketplace Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ105.tmp Spyware:Cookie/PointRoll Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ10A.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ10F.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ11.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ110.tmp Spyware:Cookie/HotLog Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ111.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ112.tmp Spyware:Cookie/SexList Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ113.tmp Spyware:Cookie/SexList Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ115.tmp Spyware:Cookie/Com.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ11A.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ11D.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ12.tmp Spyware:Cookie/CentrPort Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ125.tmp Spyware:Cookie/WUpd Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ126.tmp Spyware:Cookie/Mammamediasolutions Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ127.tmp Spyware:Cookie/PayCounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ128.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ12A.tmp Spyware:Cookie/RealMedia Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ12B.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ12F.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ13.tmp Spyware:Cookie/HotLog Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ130.tmp Spyware:Cookie/SpyLog Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ131.tmp Spyware:Cookie/Falkag Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ134.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ136.tmp Spyware:Cookie/Tribalfusion Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ13F.tmp Spyware:Cookie/PointRoll Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ14.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ142.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ143.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ145.tmp Spyware:Cookie/WebtrendsLive Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ146.tmp Spyware:Cookie/BurstNet Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ14E.tmp Spyware:Cookie/Com.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ15.tmp Hacktool:Exploit/ByteVerify Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ15D.tmp[Gummy.class] Hacktool:Exploit/ByteVerify Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ15D.tmp[Counter.class] Hacktool:Exploit/ByteVerify Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ15D.tmp[VerifierBug.class] Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ16.tmp Spyware:Cookie/BurstNet Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ167.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ17.tmp Spyware:Cookie/bravenetA Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ179.tmp Spyware:Cookie/FortuneCity Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ17A.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ18.tmp Spyware:Cookie/HotLog Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ181.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ187.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ19.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ1A.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ1B.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ1C.tmp Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ1D.tmp Spyware:Cookie/RealMedia Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ1E.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ1ED.tmp Spyware:Cookie/FortuneCity Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ1F.tmp Spyware:Cookie/bravenetA Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ20.tmp Spyware:Cookie/FortuneCity Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ21.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ211.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ22.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ23.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ24.tmp Spyware:Cookie/Falkag Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ245.tmp Spyware:Cookie/Com.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ25.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ251.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ268.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ27.tmp Spyware:Cookie/Weborama Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ272.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ28.tmp Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ29.tmp Spyware:Cookie/Com.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ29C.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ2A.tmp Spyware:Cookie/Com.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ2B.tmp Spyware:Cookie/RealMedia Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ2C.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ2CC.tmp Spyware:Cookie/Adtech Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ2D.tmp Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ2E.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ2F8.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ2F9.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ2FA.tmp Spyware:Cookie/FortuneCity Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ30.tmp Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ31.tmp Spyware:Cookie/RealMedia Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ32.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ33.tmp Spyware:Cookie/Tribalfusion Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ33D.tmp Spyware:Cookie/Tribalfusion Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ33E.tmp Spyware:Cookie/Com.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ34.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ35.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ35F.tmp Spyware:Cookie/Inet-Traffic Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ36.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ360.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ361.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ362.tmp Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ363.tmp Spyware:Cookie/Sextracker Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ364.tmp Spyware:Cookie/Tribalfusion Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ365.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ367.tmp Spyware:Cookie/Advertising Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ369.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ36A.tmp Spyware:Cookie/FastClick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ36B.tmp Spyware:Cookie/Com.com Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ37.tmp Spyware:Cookie/HotLog Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ38.tmp Spyware:Cookie/RealMedia Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ39.tmp Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ392.tmp Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ393.tmp Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ394.tmp Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ3A.tmp Spyware:Cookie/2o7 Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ3B.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ3B5.tmp Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ3C.tmp Spyware:Cookie/Statcounter Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ3D.tmp Spyware:Cookie/YieldManager Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ3E.tmp Spyware:Cookie/Humanclick Not disinfected C:\Program Files\Common Files\PestPatrol\Quarantine\ZQ3F.tmp
  8. The New HIJACKTHIS log file Thanks Charles Logfile of HijackThis v1.99.1 Scan saved at 22:38:08, on 24/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\ntl\ntl Netguard\fws.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Common Files\Command Software\dvpapi.exe C:\WINDOWS\system32\RioMSC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ntl\ntl Netguard\RPS.exe C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe C:\Program Files\Multimedia Combo Set\MouseDrv.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9XE.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Marie\My Documents\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig?hl=en R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\ntl\ntl Netguard\pkR.dll O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\ntl\ntl Netguard\FBHR.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [ntl Netguard] "C:\Program Files\ntl\ntl Netguard\RPS.exe" O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Multimedia Combo Set\MouseDrv.exe O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9XE.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2E12FB00-546B-4EE3-9CC2-057BF02E1C17} (Webshots Multiple Media Uploader - Container) - http://community.webshots.com/html/atx/wsaxcontrol.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by113fd.bay113.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1155215277015 O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/...rg/ESTPTest.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37900.cab O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe
  9. Thanks Charles, no worries I thought you were busy thats all, wasnt sure. Im going to do this now and get back to you. THanks for helping
  10. Here they are Charlie, sorry it took so long AD-AWARE Ad-Aware SE Build 1.06r1 Logfile Created on:23 January 2007 17:14:31 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R145 17.01.2007 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Softomate Toolbar(TAC index:9):1 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 23-01-2007 17:14:31 - Scan started. (Full System Scan) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 756 ThreadCreationTime : 23-01-2007 17:13:53 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 808 ThreadCreationTime : 23-01-2007 17:13:54 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 832 ThreadCreationTime : 23-01-2007 17:13:55 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 884 ThreadCreationTime : 23-01-2007 17:13:55 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 896 ThreadCreationTime : 23-01-2007 17:13:55 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1052 ThreadCreationTime : 23-01-2007 17:13:56 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1108 ThreadCreationTime : 23-01-2007 17:13:56 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1200 ThreadCreationTime : 23-01-2007 17:13:56 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [incdsrv.exe] FilePath : C:\Program Files\Ahead\InCD\ ProcessID : 1224 ThreadCreationTime : 23-01-2007 17:13:56 BasePriority : Normal FileVersion : 4, 3, 20, 1 ProductVersion : 4, 3, 20, 1 ProductName : Nero AG incdsrv CompanyName : Nero AG FileDescription : incdsrv InternalName : incdsrv LegalCopyright : Copyright 1995-2005 Nero AG and its licensors. All Rights Reserved. LegalTrademarks : InCD is a trademark of Nero AG OriginalFilename : incdsrv.exe #:10 [fws.exe] FilePath : C:\Program Files\ntl\ntl Netguard\ ProcessID : 1348 ThreadCreationTime : 23-01-2007 17:13:58 BasePriority : Normal FileVersion : 5.2.0.45264 ProductVersion : 5.2.0.45264 ProductName : Radialpoint Security Services 5.2.0 CompanyName : Radialpoint Inc. FileDescription : Radialpoint 5.2.0 InternalName : Radialpoint Client LegalCopyright : Copyright © 2002-2005 LegalTrademarks : Radialpoint Inc. OriginalFilename : Freedom.exe #:11 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1416 ThreadCreationTime : 23-01-2007 17:13:58 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:12 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1524 ThreadCreationTime : 23-01-2007 17:13:58 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:13 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1820 ThreadCreationTime : 23-01-2007 17:14:01 BasePriority : Normal FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) ProductVersion : 5.1.2600.2696 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:14 [cdantsrv.exe] FilePath : C:\WINDOWS\system32\DRIVERS\ ProcessID : 2012 ThreadCreationTime : 23-01-2007 17:14:02 BasePriority : Normal FileVersion : 3.24.010 ProductVersion : 3.24.010 Windows NT 2001/10/10 ProductName : CD-Secure/CD-Compress Windows NT CompanyName : C-Dilla Ltd FileDescription : C-Dilla RTS Service InternalName : CDANTSRV LegalCopyright : Copyright © Macrovision 1993-2001 OriginalFilename : CDANTSRV.EXE Comments : StringFileInfo: U.S. English #:15 [svchosts.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2028 ThreadCreationTime : 23-01-2007 17:14:02 BasePriority : Normal #:16 [ctsvccda.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 228 ThreadCreationTime : 23-01-2007 17:14:02 BasePriority : Normal FileVersion : 1.0.1.0 ProductVersion : 1.0.0.0 ProductName : Creative Service for CDROM Access CompanyName : Creative Technology Ltd FileDescription : Creative Service for CDROM Access InternalName : CTsvcCDAEXE LegalCopyright : Copyright © Creative Technology Ltd., 1999. All rights reserved. OriginalFilename : CTsvcCDA.EXE #:17 [dvpapi.exe] FilePath : C:\Program Files\Common Files\Command Software\ ProcessID : 256 ThreadCreationTime : 23-01-2007 17:14:02 BasePriority : Normal #:18 [riomsc.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 332 ThreadCreationTime : 23-01-2007 17:14:02 BasePriority : Normal FileVersion : 2.92 build 2 ProductVersion : 2.92 build 2 ProductName : Rio Mass Storage Class Device Manager CompanyName : Digital Networks North America, Inc. FileDescription : Rio Mass Storage Class Device Manager InternalName : RioMSC LegalCopyright : © 2003-2004 Digital Networks North America, Inc. OriginalFilename : RioMSC.EXE Comments : http://www.rioaudio.com/ #:19 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 388 ThreadCreationTime : 23-01-2007 17:14:02 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:20 [wdfmgr.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 468 ThreadCreationTime : 23-01-2007 17:14:02 BasePriority : Normal FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User Mode Driver Manager InternalName : WdfMgr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WdfMgr.exe #:21 [uphclean.exe] FilePath : C:\Program Files\UPHClean\ ProcessID : 584 ThreadCreationTime : 23-01-2007 17:14:02 BasePriority : Normal FileVersion : 1.6.30.0 ProductVersion : 1.6.30.0 ProductName : User Profile Hive Cleanup Service CompanyName : Microsoft Corporation FileDescription : User Profile Hive Cleanup Service InternalName : uphclean.exe LegalCopyright : Copyright © Microsoft Corp. 2003 - 2005 OriginalFilename : uphclean.exe #:22 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1008 ThreadCreationTime : 23-01-2007 17:14:04 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:23 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1388 ThreadCreationTime : 23-01-2007 17:14:06 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE #:24 [wmiprvse.exe] FilePath : C:\WINDOWS\System32\wbem\ ProcessID : 1560 ThreadCreationTime : 23-01-2007 17:14:07 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI InternalName : Wmiprvse.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : Wmiprvse.exe #:25 [rps.exe] FilePath : C:\Program Files\ntl\ntl Netguard\ ProcessID : 1916 ThreadCreationTime : 23-01-2007 17:14:07 BasePriority : Normal FileVersion : 5.2.0.45264 ProductVersion : 5.2.0.45264 ProductName : ntl Netguard CompanyName : ntl FileDescription : ntl Netguard InternalName : Radialpoint Client LegalCopyright : Copyright © 2002-2005 LegalTrademarks : Radialpoint Inc. OriginalFilename : Freedom.exe #:26 [ps2usbkbddrv.exe] FilePath : C:\Program Files\Multimedia Combo Set\ ProcessID : 1924 ThreadCreationTime : 23-01-2007 17:14:07 BasePriority : Normal FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 #:27 [mousedrv.exe] FilePath : C:\Program Files\Multimedia Combo Set\ ProcessID : 1956 ThreadCreationTime : 23-01-2007 17:14:07 BasePriority : Normal FileVersion : 2.3 ProductVersion : 2.3 ProductName : 5 Key Mouse Driver FileDescription : 5 Key Mouse Driver InternalName : MouseDrv LegalCopyright : Copyright © 2003-2004 OriginalFilename : MouseDrv.EXE #:28 [e_fati9xe.exe] FilePath : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\ ProcessID : 1900 ThreadCreationTime : 23-01-2007 17:14:07 BasePriority : Normal FileVersion : 3.00 ProductVersion : 3.00 ProductName : EPSON Status Monitor 3 CompanyName : SEIKO EPSON CORPORATION FileDescription : EPSON Status Monitor 3 InternalName : E_S5I0X1 LegalCopyright : Copyright © SEIKO EPSON CORP. 2004 OriginalFilename : E_S5I0X1.EXE #:29 [update.exe] FilePath : C:\Program Files\Common Files\{98544E4A-0688-2057-1028-04110503002c}\ ProcessID : 204 ThreadCreationTime : 23-01-2007 17:14:08 BasePriority : Normal Softomate Toolbar Object Recognized! Type : Process Data : Update.exe TAC Rating : 9 Category : Data Miner Comment : Adware_Dloader-9.exe.dmp Object : C:\Program Files\Common Files\{98544E4A-0688-2057-1028-04110503002c}\ Warning! Softomate Toolbar Object found in memory(C:\Program Files\Common Files\{98544E4A-0688-2057-1028-04110503002c}\Update.exe) "C:\Program Files\Common Files\{98544E4A-0688-2057-1028-04110503002c}\Update.exe"Process terminated successfully "C:\Program Files\Common Files\{98544E4A-0688-2057-1028-04110503002c}\Update.exe"Process terminated successfully #:30 [googletoolbarnotifier.exe] FilePath : C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\ ProcessID : 240 ThreadCreationTime : 23-01-2007 17:14:08 BasePriority : Normal FileVersion : 1, 2, 908, 5008 ProductVersion : 1, 2, 908, 5008 ProductName : GoogleToolbarNotifier CompanyName : Google Inc. FileDescription : GoogleToolbarNotifier LegalCopyright : Copyright © 2005-2006 OriginalFilename : GoogleToolbarNotifier.exe #:31 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 1516 ThreadCreationTime : 23-01-2007 17:14:10 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 1 Objects found so far: 1 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 1 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 1 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 1 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 1 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 1 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 1 17:28:19 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:13:47.828 Objects scanned:170484 Objects identified:1 Objects ignored:0 New critical objects:1 HIJACKTHIS Logfile of HijackThis v1.99.1 Scan saved at 17:29:23, on 23/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\ntl\ntl Netguard\fws.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\svchosts.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Common Files\Command Software\dvpapi.exe C:\WINDOWS\system32\RioMSC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ntl\ntl Netguard\RPS.exe C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe C:\Program Files\Multimedia Combo Set\MouseDrv.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9XE.EXE C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe C:\WINDOWS\system32\sol.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Marie\My Documents\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\ntl\ntl Netguard\pkR.dll O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\ntl\ntl Netguard\FBHR.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [ntl Netguard] "C:\Program Files\ntl\ntl Netguard\RPS.exe" O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Multimedia Combo Set\MouseDrv.exe O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9XE.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320" O4 - HKLM\..\Run: [{98544E4A-0688-2057-1028-04110503002c}] "C:\Program Files\Common Files\{98544E4A-0688-2057-1028-04110503002c}\Update.exe" te-110-12-0000245 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2E12FB00-546B-4EE3-9CC2-057BF02E1C17} (Webshots Multiple Media Uploader - Container) - http://community.webshots.com/html/atx/wsaxcontrol.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by113fd.bay113.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1155215277015 O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/...rg/ESTPTest.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37900.cab O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000245 (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe
  11. Hi this is my first post and Im unsure - please be gentle I have winXP sp2 I use ntlNetguard as my for my virus software, firewall etc And Im using the latest version of Ad-Aware SE Personal Also use Spybot - Search & Destroy I dont know how long I have had this virus/trojan Im unsure what it is, but from reading about it, it is a problem, please can you help me. I have dont what you said, I have created my folder, done the hijackthis and saved the log and this is it: Before we start - I would like to thank you for taking the time to help, Im really nervous about this so here goes...lol -------------------------------------------------------------------------------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 14:20:31, on 23/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\ntl\ntl Netguard\fws.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\svchosts.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Common Files\Command Software\dvpapi.exe C:\WINDOWS\system32\RioMSC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ntl\ntl Netguard\RPS.exe C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe C:\Program Files\Multimedia Combo Set\MouseDrv.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9XE.EXE C:\Program Files\Common Files\{98544E4A-0688-2057-1028-04110503002c}\Update.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Marie\My Documents\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\ntl\ntl Netguard\pkR.dll O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\ntl\ntl Netguard\FBHR.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [ntl Netguard] "C:\Program Files\ntl\ntl Netguard\RPS.exe" O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Multimedia Combo Set\MouseDrv.exe O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9XE.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320" O4 - HKLM\..\Run: [{98544E4A-0688-2057-1028-04110503002c}] "C:\Program Files\Common Files\{98544E4A-0688-2057-1028-04110503002c}\Update.exe" te-110-12-0000245 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2E12FB00-546B-4EE3-9CC2-057BF02E1C17} (Webshots Multiple Media Uploader - Container) - http://community.webshots.com/html/atx/wsaxcontrol.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by113fd.bay113.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1155215277015 O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/...rg/ESTPTest.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37900.cab O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000245 (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\ntl\ntl Netguard\fws.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe EDIT: Moved to the HijackThis Logs forum -- rookie147