Jump to content

clannie

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks again,no need to worry then.
  2. Hello I came here before and got help, hoping you can help me again.I have been doing scans regularly and do not have any problems,however Spysweeper log states that a file path is missing.Hope you can take a look for me. ******** 19:00: | Start of Session, 05 January 2006 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 596 19:00: Starting Memory Sweep 19:05: Memory Sweep Complete, Elapsed Time: 00:05:26 19:05: Starting Registry Sweep 19:06: Registry Sweep Complete, Elapsed Time:00:00:40 19:06: Starting Cookie Sweep 19:06: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:06: Starting File Sweep 19:08: Warning: Failed to open file "c:\recycler\\dc39\phands.gid". The system cannot find the path specified 19:14: Warning: Failed to open file "c:\recycler\\dc38\ploader.gid". The system cannot find the path specified 19:15: Warning: Failed to open file "c:\recycler\\dc9\menu1.htm". The system cannot find the path specified 19:15: Warning: Failed to open file "c:\recycler\\dc9\menu2.htm". The system cannot find the path specified 19:18: Warning: Failed to open file "c:\recycler\\dc9\aplay.htm". The system cannot find the path specified 19:18: Warning: Failed to open file "c:\recycler\\dc38\html\calendar.htm". The system cannot find the path specified 19:18: Warning: Failed to open file "c:\recycler\\dc38\html\start.htm". The system cannot find the path specified 19:19: Warning: Failed to open file "c:\recycler\\dc17\index.htm". The system cannot find the path specified 19:19: Warning: Failed to open file "c:\recycler\\dc7.htm". The system cannot find the file specified 19:19: Warning: Failed to open file "c:\recycler\\dc9\disp.htm". The system cannot find the path specified 19:19: Warning: Failed to open file "c:\recycler\\dc8.htm". The system cannot find the file specified 19:28: Warning: Failed to open file "c:\recycler\\dc18\index1.js". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc17\preview\thumbs.db". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc12\index1.js". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc11.db". The system cannot find the file specified 19:28: Warning: Failed to open file "c:\recycler\\dc9\data.htm". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc9\index.htm". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc9\index1.js". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc9\next.htm". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc10\thumbs.db". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc14\thumbs.db". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc38\ploader.qv3". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc38\ploader.qv5". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc38\ploader.qv1". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc38\ploader.qv2". The system cannot find the path specified 19:28: Warning: Failed to open file "c:\recycler\\dc38\ploader.qv4". The system cannot find the path specified 19:29: Warning: Invalid Stream 19:29: Warning: File not found 19:30: Warning: File not found 19:30: Warning: Invalid file - not a PKZip file 19:30: File Sweep Complete, Elapsed Time: 00:23:48 19:30: Full Sweep has completed. Elapsed time 00:30:08 19:30: Traces Found: 0 ******** 19:00: | Start of Session, 04 January 2006 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 594 19:00: Starting Memory Sweep 19:06: Memory Sweep Complete, Elapsed Time: 00:06:15 19:06: Starting Registry Sweep 19:06: Registry Sweep Complete, Elapsed Time:00:00:36 19:06: Starting Cookie Sweep 19:06: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:06: Starting File Sweep 19:34: Warning: Invalid Stream 19:34: Warning: Invalid Stream 19:35: File Sweep Complete, Elapsed Time: 00:28:01 19:35: Full Sweep has completed. Elapsed time 00:34:58 19:35: Traces Found: 0 23:04: Processing Startup Alerts 23:04: Allowed Startup entry: SiS Tray 23:42: Your spyware definitions have been updated. 00:28: Processing Startup Alerts 00:28: Allowed Startup entry: hpoddt01.exe.lnk 00:35: Processing Startup Alerts 00:35: Allowed Startup entry: hp psc 1000 series.lnk 00:48: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:48: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:53: IE Security Shield: found: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE -- IE Security modification denied 00:54: IE Security Shield: found: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE -- IE Security modification denied 15:00: Processing Startup Alerts 15:00: Allowed Startup entry: Photo Loader supervisory.lnk 15:18: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET12.TMP". Stream read error 15:18: Warning: Failed to check file "C:\Documents and Settings\Mr Wright\Local Settings\Temp\Set12.tmp". Stream read error 15:18: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET13.TMP". Stream read error 15:19: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET14.TMP". Stream read error 15:21: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET19.TMP". Stream read error 17:44: Processing Startup Alerts 17:44: Allowed Startup entry: Kodak EasyShare software.lnk 17:46: Processing Startup Alerts 17:46: Allowed Startup entry: zccsreg 17:47: Processing Startup Alerts 17:47: Allowed Startup entry: KODAK Software Updater.lnk 19:00: A scheduled sweep will now start. 19:00: | End of Session, 05 January 2006 | ******** 17:18: | Start of Session, 04 January 2006 | 17:18: Spy Sweeper started 17:18: Sweep initiated using definitions version 594 17:18: Starting Memory Sweep 17:18: Sweep Canceled 17:18: Memory Sweep Complete, Elapsed Time: 00:00:11 17:18: Traces Found: 0 18:12: BHO Shield: found: AcroIEHelper.dll-- BHO installation denied at user request 18:13: Processing Startup Alerts 18:13: Allowed Startup entry: Adobe Reader Speed Launch.lnk 19:00: A scheduled sweep will now start. 19:00: | End of Session, 04 January 2006 | ******** 17:18: | Start of Session, 04 January 2006 | 17:18: Spy Sweeper started 17:18: Sweep initiated using definitions version 594 17:18: Starting File Sweep 17:18: File Sweep Complete, Elapsed Time: 00:00:07 17:18: Explorer Sweep has completed. Elapsed time 00:00:07 17:18: Traces Found: 0 17:18: | End of Session, 04 January 2006 | ******** 17:16: | Start of Session, 04 January 2006 | 17:16: Spy Sweeper started 17:16: Sweep initiated using definitions version 594 17:16: Starting File Sweep 17:16: File Sweep Complete, Elapsed Time: 00:00:11 17:16: Explorer Sweep has completed. Elapsed time 00:00:14 17:16: Traces Found: 0 17:18: | End of Session, 04 January 2006 | ******** 19:00: | Start of Session, 03 January 2006 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 594 19:00: Starting Memory Sweep 19:03: Memory Sweep Complete, Elapsed Time: 00:03:50 19:03: Starting Registry Sweep 19:04: Registry Sweep Complete, Elapsed Time:00:00:27 19:04: Starting Cookie Sweep 19:04: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:04: Starting File Sweep 19:28: File Sweep Complete, Elapsed Time: 00:24:00 19:28: Full Sweep has completed. Elapsed time 00:28:21 19:28: Traces Found: 0 20:23: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 20:23: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 20:23: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 20:24: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 20:24: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 20:25: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 20:26: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 20:41: IE Security Shield: found: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE -- IE Security modification denied 20:43: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 20:55: Updating spyware definitions 20:55: Your spyware definitions have been updated. 23:37: Ignoring scheduled sweep: wrSpySweeper20051209200239 01:17: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 12:10: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 16:55: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 16:56: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 17:16: | End of Session, 04 January 2006 | ******** 19:00: | Start of Session, 02 January 2006 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 594 19:00: Starting Memory Sweep 19:03: Memory Sweep Complete, Elapsed Time: 00:03:03 19:03: Starting Registry Sweep 19:03: Registry Sweep Complete, Elapsed Time:00:00:15 19:03: Starting Cookie Sweep 19:03: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:03: Starting File Sweep 19:26: Warning: Invalid Stream 19:26: Warning: Invalid Stream 19:27: File Sweep Complete, Elapsed Time: 00:23:38 19:27: Full Sweep has completed. Elapsed time 00:27:03 19:27: Traces Found: 0 22:31: Ignoring scheduled sweep: wrSpySweeper20051209200239 00:05: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:06: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:11: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:13: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:14: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:16: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:16: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:17: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:18: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:22: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:24: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:25: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:26: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:27: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:28: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:29: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:30: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:32: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:33: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:34: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:36: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:37: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:40: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:41: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:43: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 10:44: IE Tracking Cookies Shield: Removed a cookie 19:00: A scheduled sweep will now start. 19:00: | End of Session, 03 January 2006 | ******** 19:00: | Start of Session, 30 December 2005 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 593 19:00: Starting Memory Sweep 19:07: Memory Sweep Complete, Elapsed Time: 00:07:22 19:07: Starting Registry Sweep 19:08: Registry Sweep Complete, Elapsed Time:00:00:43 19:08: Starting Cookie Sweep 19:08: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:08: Starting File Sweep 19:41: File Sweep Complete, Elapsed Time: 00:33:21 19:41: Full Sweep has completed. Elapsed time 00:41:32 19:41: Traces Found: 0 23:31: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 00:08: Your spyware definitions have been updated. 19:00: A scheduled sweep will now start. 19:00: | End of Session, 02 January 2006 | ******** 19:00: | Start of Session, 29 December 2005 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 592 19:00: Starting Memory Sweep 19:08: Memory Sweep Complete, Elapsed Time: 00:07:56 19:08: Starting Registry Sweep 19:09: Registry Sweep Complete, Elapsed Time:00:01:05 19:09: Starting Cookie Sweep 19:09: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:09: Starting File Sweep 19:32: File Sweep Complete, Elapsed Time: 00:23:16 19:32: Full Sweep has completed. Elapsed time 00:32:36 19:32: Traces Found: 0 00:07: Your spyware definitions have been updated. 00:16: Processing Startup Alerts 00:16: Allowed Startup entry: QuickTime Task 00:53: Warning: Failed to load image: C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET29.TMP 00:54: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET2C.TMP". Stream read error 00:54: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET2C.TMP". Stream read error 00:54: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET2C.TMP". Stream read error 00:54: Warning: Failed to load image: C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET2C.TMP 00:59: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET2F.TMP". Stream read error 01:01: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET30.TMP". Stream read error 01:10: Processing Startup Alerts 01:10: Removed Startup entry: TkBellExe 12:10: Processing Startup Alerts 12:10: Allowed Startup entry: QuickTime Task 12:11: Processing Startup Alerts 12:11: Allowed Startup entry: NkvMon.exe.lnk 12:48: Processing Startup Alerts 12:48: Allowed Startup entry: iTunesHelper 12:56: Processing Startup Alerts 12:56: Allowed Startup entry: iTunesHelper 12:58: Processing Startup Alerts 12:58: Allowed Startup entry: QuickTime Task 16:55: Processing Startup Alerts 16:55: Allowed Startup entry: Picasa Media Detector 18:43: Processing Startup Alerts 18:43: Removed Startup entry: TkBellExe 19:00: A scheduled sweep will now start. 19:00: | End of Session, 30 December 2005 | ******** 19:00: | Start of Session, 28 December 2005 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 591 19:00: Starting Memory Sweep 19:04: Memory Sweep Complete, Elapsed Time: 00:04:54 19:04: Starting Registry Sweep 19:05: Registry Sweep Complete, Elapsed Time:00:00:44 19:05: Starting Cookie Sweep 19:05: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:05: Starting File Sweep 19:26: File Sweep Complete, Elapsed Time: 00:21:05 19:26: Full Sweep has completed. Elapsed time 00:26:48 19:26: Traces Found: 0 20:58: IE Tracking Cookies Shield: Removed pricegrabber cookie 21:30: Processing Startup Alerts 21:30: Removed Startup entry: QuickTime Task 23:22: Processing Startup Alerts 23:22: Allowed Startup entry: InstallShieldSetup 00:02: Processing Startup Alerts 00:02: Allowed Startup entry: FotoStation Easy AutoLaunch.lnk 00:06: Your spyware definitions have been updated. 00:09: Warning: Failed to load image: C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET4F.TMP 00:15: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET9D.TMP". Stream read error 00:16: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET9D.TMP". Stream read error 00:16: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET9D.TMP". Stream read error 00:16: Warning: Failed to load image: C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET9D.TMP 00:29: Processing Startup Alerts 00:29: Allowed Startup entry: QuickTime Task 00:30: Processing Startup Alerts 00:30: Allowed Startup entry: NkvMon.exe.lnk 01:39: Processing Startup Alerts 01:39: Allowed Startup entry: FotoStation Easy AutoLaunch.lnk 01:44: Processing Startup Alerts 01:44: Allowed Startup entry: IE 3.0 RegSvr schannel.dll 01:59: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 02:00: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 02:01: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 02:10: Processing Startup Alerts 02:10: Removed Startup entry: TkBellExe 13:10: Processing Startup Alerts 13:10: Allowed Startup entry: a-squared 15:25: Spy Installation Shield is not activated 16:30: Processing Startup Alerts 16:30: Allowed Startup entry: FotoStation Easy AutoLaunch.lnk 16:31: Processing Startup Alerts 16:31: Allowed Startup entry: NkVwMon.exe.lnk 19:00: A scheduled sweep will now start. 19:00: | End of Session, 29 December 2005 | ******** 19:00: | Start of Session, 27 December 2005 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 589 19:00: Starting Memory Sweep 19:06: Memory Sweep Complete, Elapsed Time: 00:06:28 19:06: Starting Registry Sweep 19:06: Registry Sweep Complete, Elapsed Time:00:00:20 19:06: Starting Cookie Sweep 19:06: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:06: Starting File Sweep 19:29: Warning: File not found 19:29: File Sweep Complete, Elapsed Time: 00:22:27 19:29: Full Sweep has completed. Elapsed time 00:29:21 19:29: Traces Found: 0 23:10: IE Tracking Cookies Shield: Removed bizrate cookie 23:11: IE Tracking Cookies Shield: Removed bizrate cookie 23:11: IE Tracking Cookies Shield: Removed bizrate cookie 23:12: IE Tracking Cookies Shield: Removed bizrate cookie 23:12: IE Tracking Cookies Shield: Removed bizrate cookie 23:12: IE Tracking Cookies Shield: Removed bizrate cookie 23:13: IE Tracking Cookies Shield: Removed bizrate cookie 23:13: IE Tracking Cookies Shield: Removed bizrate cookie 00:02: Your spyware definitions have been updated. 14:04: IE Tracking Cookies Shield: Removed tripod cookie 14:04: IE Tracking Cookies Shield: Removed tripod cookie 14:47: IE Tracking Cookies Shield: Removed pricegrabber cookie 15:08: IE Tracking Cookies Shield: Removed bizrate cookie 15:11: IE Tracking Cookies Shield: Removed bizrate cookie 15:11: IE Tracking Cookies Shield: Removed bizrate cookie 19:00: A scheduled sweep will now start. 19:00: | End of Session, 28 December 2005 | ******** 19:00: | Start of Session, 26 December 2005 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 589 19:00: Starting Memory Sweep 19:05: Memory Sweep Complete, Elapsed Time: 00:05:52 19:05: Starting Registry Sweep 19:06: Registry Sweep Complete, Elapsed Time:00:00:56 19:06: Starting Cookie Sweep 19:06: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:06: Starting File Sweep 19:30: File Sweep Complete, Elapsed Time: 00:23:07 19:30: Full Sweep has completed. Elapsed time 00:30:04 19:30: Traces Found: 0 23:31: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 23:34: IE Security Shield: found: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE -- IE Security modification denied 23:34: Updating spyware definitions 23:34: Your definitions are up to date. 23:34: Updating spyware definitions 23:34: Your definitions are up to date. 23:35: IE Security Shield: found: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE -- IE Security modification denied 23:35: IE Security Shield: found: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE -- IE Security modification denied 23:36: IE Security Shield: found: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE -- IE Security modification denied 23:36: IE Security Shield: found: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE -- IE Security modification denied 23:36: IE Security Shield: found: C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE -- IE Security modification denied 23:40: Warning: Failed to load image: C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET23.TMP 23:43: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET26.TMP". Stream read error 23:43: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET26.TMP". Stream read error 23:43: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET26.TMP". Stream read error 23:43: Warning: Failed to load image: C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET26.TMP 23:44: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET29.TMP". Stream read error 23:44: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET29.TMP". Stream read error 23:44: Warning: Failed to check file "C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET29.TMP". Stream read error 23:44: Warning: Failed to load image: C:\DOCUME~1\MRWRIG~1\LOCALS~1\TEMP\SET29.TMP 00:01: Updating spyware definitions 00:01: Your definitions are up to date. 00:01: Updating spyware definitions 00:01: Your definitions are up to date. 00:06: Processing Startup Alerts 00:06: Allowed Startup entry: a-squared 12:29: IE Tracking Cookies Shield: Removed dealtime cookie 12:29: IE Tracking Cookies Shield: Removed dealtime cookie 19:00: A scheduled sweep will now start. 19:00: | End of Session, 27 December 2005 | ******** 19:00: | Start of Session, 25 December 2005 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 589 19:00: Starting Memory Sweep 19:04: Memory Sweep Complete, Elapsed Time: 00:04:36 19:04: Starting Registry Sweep 19:05: Registry Sweep Complete, Elapsed Time:00:00:47 19:05: Starting Cookie Sweep 19:05: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:05: Starting File Sweep 19:27: File Sweep Complete, Elapsed Time: 00:22:12 19:27: Full Sweep has completed. Elapsed time 00:27:42 19:27: Traces Found: 0 10:55: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 10:57: IE Tracking Cookies Shield: Removed bizrate cookie 10:57: IE Tracking Cookies Shield: Removed bizrate cookie 11:10: IE Tracking Cookies Shield: Removed a cookie 11:24: IE Tracking Cookies Shield: Removed bizrate cookie 11:25: IE Tracking Cookies Shield: Removed bizrate cookie 11:25: IE Tracking Cookies Shield: Removed bizrate cookie 11:25: IE Tracking Cookies Shield: Removed bizrate cookie 11:37: IE Tracking Cookies Shield: Removed bizrate cookie 11:37: IE Tracking Cookies Shield: Removed bizrate cookie 11:44: IE Tracking Cookies Shield: Removed bizrate cookie 11:44: IE Tracking Cookies Shield: Removed bizrate cookie 11:45: IE Tracking Cookies Shield: Removed bizrate cookie 11:45: IE Tracking Cookies Shield: Removed bizrate cookie 11:46: IE Tracking Cookies Shield: Removed bizrate cookie 14:56: IE Tracking Cookies Shield: Removed co cookie 14:58: IE Tracking Cookies Shield: Removed co cookie 16:26: IE Tracking Cookies Shield: Removed ic-live cookie 16:46: IE Tracking Cookies Shield: Removed nextag cookie 16:46: IE Tracking Cookies Shield: Removed nextag cookie 16:46: IE Tracking Cookies Shield: Removed nextag cookie 16:47: IE Tracking Cookies Shield: Removed nextag cookie 16:47: IE Tracking Cookies Shield: Removed nextag cookie 19:00: A scheduled sweep will now start. 19:00: | End of Session, 26 December 2005 | ******** 19:12: | Start of Session, 24 December 2005 | 19:12: Spy Sweeper started 19:12: Sweep initiated using definitions version 589 19:12: Starting Memory Sweep 19:22: Memory Sweep Complete, Elapsed Time: 00:10:21 19:22: Starting Registry Sweep 19:24: Registry Sweep Complete, Elapsed Time:00:01:38 19:24: Starting Cookie Sweep 19:24: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:24: Starting File Sweep 19:49: File Sweep Complete, Elapsed Time: 00:24:45 19:49: Full Sweep has completed. Elapsed time 00:36:51 19:49: Traces Found: 0 20:45: IE Tracking Cookies Shield: Removed a cookie 21:10: IE Tracking Cookies Shield: Removed versiontracker cookie 21:42: Processing Startup Alerts 21:42: Allowed Startup entry: wextract_cleanup0 21:54: BHO Shield: found: -- BHO installation allowed at user request 21:58: Processing Startup Alerts 21:58: Allowed Startup entry: wextract_cleanup0 22:20: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 09:32: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 15:20: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 19:00: A scheduled sweep will now start. 19:00: | End of Session, 25 December 2005 | ******** 19:00: | Start of Session, 24 December 2005 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 589 19:00: Starting Memory Sweep 19:04: Memory Sweep Complete, Elapsed Time: 00:04:34 19:04: Starting Registry Sweep 19:05: Registry Sweep Complete, Elapsed Time:00:00:42 19:05: Starting Cookie Sweep 19:05: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:05: Starting File Sweep 19:11: Sweep Canceled 19:11: File Sweep Complete, Elapsed Time: 00:06:29 19:11: Traces Found: 0 19:12: | End of Session, 24 December 2005 | ******** 19:00: | Start of Session, 23 December 2005 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 589 19:00: Starting Memory Sweep 19:04: Memory Sweep Complete, Elapsed Time: 00:04:35 19:04: Starting Registry Sweep 19:05: Registry Sweep Complete, Elapsed Time:00:00:32 19:05: Starting Cookie Sweep 19:05: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:05: Starting File Sweep 19:27: File Sweep Complete, Elapsed Time: 00:22:03 19:27: Full Sweep has completed. Elapsed time 00:27:16 19:27: Traces Found: 0 01:30: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 01:35: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 13:56: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 15:54: Processing Startup Alerts 15:54: Removed Startup entry: TkBellExe 15:54: Processing Startup Alerts 15:54: Allowed Startup entry: OpenOffice.org 2.0.lnk 15:54: Processing Internet Explorer Favorites Alerts 15:54: Allowed IE Favorite: MSN Messenger Feedback 16:58: IE Tracking Cookies Shield: Removed a cookie 19:00: A scheduled sweep will now start. 19:00: | End of Session, 24 December 2005 | ******** 19:00: | Start of Session, 22 December 2005 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 589 19:00: Starting Memory Sweep 19:05: Memory Sweep Complete, Elapsed Time: 00:05:33 19:05: Starting Registry Sweep 19:06: Registry Sweep Complete, Elapsed Time:00:00:32 19:06: Starting Cookie Sweep 19:06: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:06: Starting File Sweep 19:27: File Sweep Complete, Elapsed Time: 00:21:05 19:27: Full Sweep has completed. Elapsed time 00:27:18 19:27: Traces Found: 0 19:27: Full Sweep has completed. Elapsed time 00:27:18 19:27: Traces Found: 0 19:33: IE Tracking Cookies Shield: Removed pricegrabber cookie 19:45: IE Tracking Cookies Shield: Removed pricegrabber cookie 19:51: IE Tracking Cookies Shield: Removed a cookie 20:04: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 20:05: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 20:25: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 01:02: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 01:35: IE Tracking Cookies Shield: Removed servlet cookie 15:36: Warning: Access is denied 15:43: IE Tracking Cookies Shield: Removed myaffiliateprogram.com cookie 15:49: IE Tracking Cookies Shield: Removed dealtime cookie 15:51: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 15:54: IE Tracking Cookies Shield: Removed bizrate cookie 17:35: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 18:48: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 19:00: A scheduled sweep will now start. 19:00: | End of Session, 23 December 2005 | ******** 19:00: | Start of Session, 21 December 2005 | 19:00: Spy Sweeper started 19:00: Sweep initiated using definitions version 588 19:00: Starting Memory Sweep 19:04: Memory Sweep Complete, Elapsed Time: 00:04:45 19:04: Starting Registry Sweep 19:05: Registry Sweep Complete, Elapsed Time:00:00:36 19:05: Starting Cookie Sweep 19:05: Cookie Sweep Complete, Elapsed Time: 00:00:00 19:05: Starting File Sweep 19:27: File Sweep Complete, Elapsed Time: 00:21:51 19:27: Full Sweep has completed. Elapsed time 00:27:18 19:27: Traces Found: 0 21:33: BHO Shield: found: googletoolbar2.dll-- BHO installation denied at user request 21:44: BHO Shield: found: googletoolbar3.dll-- BHO installation denied at user request 22:41: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 22:44: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 22:45: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 22:47: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 22:48: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 22:48: IE Security Shield: found: C:\PROGRAM FILES\SPYWAREBLASTER\SPYWAREBLASTER.EXE -- IE Security modification denied 08:04: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 08:41: BHO Shield: found: googletoolbar1.dll-- BHO installation denied at user request 08:47: Processing Startup Alerts 08:47: Allowed Startup entry: Index Washer 08:51: BHO Shield: found: googletoolbar2.dll-- BHO installation denied at user request 10:46: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 12:05: Processing Startup Alerts 12:05: Allowed Startup entry: TkBellExe 13:32: Your spyware definitions have been updated. 15:40: IE Security Shield: found: C:\PROGRAM FILES\MSN\MSNINSTALLER\MSNINST.EXE -- IE Security modification allowed at user request 15:40: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 15:41: IE Security Shield: found: C:\PROGRAM FILES\MSN\MSNINSTALLER\MSNINST.EXE -- IE Security modification allowed at user request 15:43: IE Security Shield: found: C:\PROGRAM FILES\MSN\MSNINSTALLER\MSNINST.EXE -- IE Security modification denied 15:44: IE Security Shield: found: C:\PROGRAM FILES\MSN\MSNINSTALLER\MSNINST.EXE -- IE Security modification denied 15:44: IE Security Shield: found: C:\PROGRAM FILES\MSN\MSNINSTALLER\MSNINST.EXE -- IE Security modification denied 16:14: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 16:23: Updating spyware definitions 16:23: Your definitions are up to date. 16:29: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 16:45: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 16:46: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 17:08: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 17:16: Spy Installation Shield is not activated 17:17: Spy Installation Shield is activated 19:00: A scheduled sweep will now start. 19:00: | End of Session, 22 December 2005 | ******** 17:35: | Start of Session, 21 December 2005 | 17:35: Spy Sweeper started 17:35: Sweep initiated using definitions version 588 17:35: Starting Memory Sweep 17:40: Memory Sweep Complete, Elapsed Time: 00:04:30 17:40: Starting Registry Sweep 17:40: Registry Sweep Complete, Elapsed Time:00:00:33 17:40: Starting Cookie Sweep 17:40: Cookie Sweep Complete, Elapsed Time: 00:00:00 17:40: Starting File Sweep 17:49: IE Security Shield: found: C:\PROGRAM FILES\COMMON FILES\AOL\1132916045\EE\AOLSERVICEHOST.EXE -- IE Security modification denied 18:00: File Sweep Complete, Elapsed Time: 00:19:35 18:00: Full Sweep has completed. Elapsed time 00:24:44 18:00: Traces Found: 0 18:14: IE Tracking Cookies Shield: Removed a cookie 18:39: Processing Startup Alerts 18:39: Allowed Startup entry: WebrootDesktopFirewall 18:39: Allowed Startup entry: Index Washer 19:00: A scheduled sweep will now start. 19:00: | End of Session, 21 December 2005 | ******** 17:27: | Start of Session, 21 December 2005 | 17:27: Spy Sweeper started 17:27: Sweep initiated using definitions version 588 17:27: Starting Memory Sweep 17:27: Sweep Canceled 17:27: Memory Sweep Complete, Elapsed Time: 00:00:05 17:27: Traces Found: 0 17:35: A scheduled sweep will now start. 17:35: | End of Session, 21 December 2005 | Thank you so much.
  3. Thanks jwbirdsong have done it all now and you're a star!
  4. Have not done anything about new host file from Funky toad until I hear what you think about the host file that I have just sent you.Also deleted the tempf.txt log. yes everything great now no probs at all thanks for great help.Is there anything else that I need to do?or is that it for now? Also just scanned with Bazooka it now says "nothing detected"hurrah hosts_file_from_tg_s.txt
  5. Have now tried to attach hosts file to you hope it has workedhosts_file_from_tg_s.txt
  6. new Hjt log Logfile of HijackThis v1.99.1 Scan saved at 17:54:58, on 18/12/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\WINDOWS\system32\netdde.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\Voyager100Test\fts.exe C:\Program Files\Common Files\AOL\1132916045\ee\AOLHostManager.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Common Files\AOL\1132916045\ee\AOLServiceHost.exe c:\program files\common files\aol\1132916045\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe C:\Program Files\Common Files\AOL\1132916045\ee\AOLServiceHost.exe C:\Program Files\Webroot\Desktop Firewall\webrootdesktopfirewall.exe C:\Program Files\AOL 9.0a\aoltray.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\AOL\Broadband CheckUp\bin\mpbtn.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\System32\wbem\wmiprvse.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\System32\dllhost.exe C:\Program Files\Webroot\Desktop Firewall\WDFDataService.exe C:\Program Files\Webroot\Desktop Firewall\FirewallNTService.exe C:\WINDOWS\System32\msdtc.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\Program Files\AOL 9.0a\waol.exe C:\Program Files\AOL 9.0a\shellmon.exe C:\Program Files\Common Files\AOL\aoltpspd.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://news.google.com/news?ned=uk&topic=n R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = www.google.co.uk O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Voyager100Test\fts.exe" O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1132916045\ee\AOLHostManager.exe O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.0\THGuard.exe" O4 - HKLM\..\Run: [WebrootDesktopFirewall] C:\Program Files\Webroot\Desktop Firewall\webrootdesktopfirewall.exe -t O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0a\aoltray.exe O4 - Global Startup: AOL Broadband Check-Up.lnk = C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O15 - Trusted Zone: http://www.airmiles.co.uk O15 - Trusted Zone: http://www.dance-again.com O15 - Trusted Zone: http://www.highlandradio.com O15 - Trusted Zone: www.jacquielawson.com O15 - Trusted Zone: www.kephyr.com O15 - Trusted Zone: http://www.lloydstsb.com O15 - Trusted Zone: http://www.majorgeeks.com O15 - Trusted Zone: http://www.mcgahanlees.com O15 - Trusted Zone: http://forums.techguy.org O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kav...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...84/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123330021234 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37460.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/gs/instal...edsolutions.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...581/mcfscan.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E3C54A89-1743-4916-84FA-1FC52185BD12}: NameServer = 205.188.146.145 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\aol\AOLSPY~1\\aolserv.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: Webroot Desktop Firewall Data Service (WebrootDesktopFirewallDataService) - Webroot Software, Inc. - C:\Program Files\Webroot\Desktop Firewall\WDFDataService.exe O23 - Service: Webroot Desktop Firewall (WebrootFirewall) - Unknown owner - C:\Program Files\Webroot\Desktop Firewall\FirewallNTService.exe Have managed to get the hosts file on to notepad but now it has too many characters so is there any other way to send it? Thanks
  7. **************************************** Bazooka Scanner v1.13.03 http://www.kephyr.com/spywarescanner/ http://www.kephyr.com/spywarescanner/library/ support@kephyr.com Log created 20:46:43. OS: Windows NT 5.1 Database version: 3.120000 Database format version: 1.020000 Database date: 20051209 Current date: 2005-12-15 20:46 **************************************** Result when scanning: Exploit Beehappyy.biz 544.734.001 %WinDir%\tempf.txt C:\WINDOWS\tempf.txt http://www.kephyr.com/spywarescanner/libra...biz/index.phtml **************************************** Auto start entries: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe -boot C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini C:\Program Files\Common Files\Filseclab\FilMsg.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe -boot C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini C:\Program Files\Common Files\Filseclab\FilMsg.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Documents and Settings\Mr Wright\Start Menu\Programs\Startup\desktop.ini C:\Program Files\SpywareGuard\sgmain.exe C:\Documents and Settings\Mr Wright\Start Menu\Programs\Startup\desktop.ini C:\Program Files\SpywareGuard\sgmain.exe Go here to analyse the startup entries and the associated files: http://www.kephyr.com/filedb/index.php **************************************** Run entries: AOLDialer C:\Program Files\Common Files\AOL\ACS\AOLDial.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\AOLDialer XFILTER "C:\Program Files\Filseclab\xfilter\xfilter.exe" -a HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\XFILTER HPDJ Taskbar Utility C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\HPDJ Taskbar Utility gcasServ "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\gcasServ %FP%Friendly fts.exe "C:\Program Files\Voyager100Test\fts.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\%FP%Friendly fts.exe HostManager C:\Program Files\Common Files\AOL\1132916045\ee\AOLHostManager.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\HostManager SpySweeper "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SpySweeper THGuard "C:\Program Files\TrojanHunter 4.0\THGuard.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\THGuard Go here to analyse the run entries and the associated files: http://www.kephyr.com/filedb/index.php **************************************** Browser helper objects: {4A368E80-174F-4872-96B5-0B27DDD11DB2} SpywareGuard Download Protection C:\Program Files\SpywareGuard\dlprotect.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2} {53707962-6F74-2D53-2644-206D7942484F} not set C:\PROGRA~1\SPYBOT~1\SDHelper.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F} **************************************** Toolbars: {01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\System32\browseui.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} {2318C2B1-4965-11D4-9B18-009027A5CD4F} c:\program files\google\googletoolbar1.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} {0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\system32\SHELL32.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383} {01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\System32\browseui.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383} {0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\system32\SHELL32.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383} {2318C2B1-4965-11D4-9B18-009027A5CD4F} c:\program files\google\googletoolbar1.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} {4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINDOWS\System32\shdocvw.dll HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376} {30D02401-6A81-11D0-8274-00C04FD5AE38} C:\WINDOWS\System32\browseui.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{30D02401-6A81-11D0-8274-00C04FD5AE38} {32683183-48a0-441b-a342-7c2a440a9478} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{32683183-48a0-441b-a342-7c2a440a9478}\InprocServer32 System error message: The system cannot find the file specified. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} {4D5C8C25-D075-11D0-B416-00C04FB90376} C:\WINDOWS\System32\shdocvw.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11D0-B416-00C04FB90376} {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} C:\WINDOWS\system32\SHELL32.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} {EFA24E61-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E} {EFA24E62-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E62-B078-11D0-89E4-00C04FC9E26E} {EFA24E64-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E} **************************************** All processes: [system Process] System smss.exe csrss.exe winlogon.exe services.exe lsass.exe svchost.exe svchost.exe svchost.exe svchost.exe spoolsv.exe scardsvr.exe netdde.exe AOLacsd.exe cisvc.exe svchost.exe HPZipm12.exe svchost.exe WRSSSDK.exe explorer.exe AOLDial.exe xfilter.exe hpztsb07.exe gcasServ.exe fts.exe SpySweeper.exe THGuard.exe aoltray.exe FilMsg.exe AOLHostManager.exe gcasDtServ.exe hpohmr08.exe AOLServiceHost.exe dllhost.exe mpbtn.exe wdfmgr.exe hpotdd01.exe vssvc.exe sgmain.exe wmiapsrv.exe AOLSP Scheduler.exe AOLServiceHost.exe dllhost.exe hpoevm08.exe sgbhp.exe wmiprvse.exe msdtc.exe hposts08.exe cidaemon.exe spywarescanner.exe waol.exe shellmon.exe aoltpspd.exe Go here to analyse the running processes: http://www.kephyr.com/filedb/index.php **************************************** Internet Explorer Settings: http://www.google.com/keyword/%s HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\ Default_Page_URL http://www.microsoft.com HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL Default_Search_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page Start Page http://www.microsoft.com/isapi/redir.dll?p...er=6&ar=msnhome HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http:// HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix\ www http:// HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\www http://www.google.com/keyword/%s HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\ provider HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\provider Start Page http://www.google.co.uk HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page Use Search Asst no HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Search Asst User Stylesheet HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Styles\User Stylesheet **************************************** This is the Bazooka log the file for hosts does not open as it seems to be reg entries can't get anywhere clicking on it
  8. Can I post you the Bazooka log and see if you can work out where it is saying the virus is please.I would also like you to have a look at the host file for me, but unsure of how to attach it.
  9. sorry about double posting log from panda scan Incident Status Location Adware:adware/secure32 Not desinfected C:\WINDOWS\system32\drivers\etc\hosts
  10. Sorry was away all day yesrerday but I managed to download Trojan Hunter and it found infection in some AOl files and in BT modem drivers I will try and send it to you. {\rtf1\ansi\ansicpg1252\deff0\deflang2057\deflangfe1053{\fonttbl{\f0\fnil\fcharset0 Arial;}{\f1\fswiss\fprq2\fcharset0 Trebuchet MS;}} {\colortbl ;\red255\green0\blue0;} \viewkind4\uc1\pard\b\fs20 Registry scan \par \pard\li200\b0 No suspicious entries found \par \pard\b Inifile scan \par \pard\li200\b0 No suspicious entries found \par \pard\b Port scan \par \pard\li200\b0 No suspicious open ports found \par \pard\b Memory scan \par \pard\li200\b0 No trojans found in memory \par \pard\b File scan \par \pard\li200\cf1\b0 Found trojan file: C:\\Documents and Settings\\All Users\\Application Data\\AOL\\C_AOL 9.0\\ukpppoecswitch11\\Voyager\\Wan_Driver\\USB\\WAN Driver\\DSLDRV\\UserDiag.exe (Dialer) \par Found trojan file: C:\\Documents and Settings\\All Users\\Application Data\\AOL\\C_AOL 9.0\\ukpppoecswitch11\\Voyager100\\drivers\\WAN Driver\\dsldrv\\UserDiag.exe (Dialer) \par Found trojan file: C:\\Documents and Settings\\All Users\\Application Data\\AOL\\C_AOL 9.0\\ukpppoecswitch11\\Voyager100\\drivers98\\WAN Driver\\dsldrv\\UserDiag.exe (Dialer) \par Found trojan file: C:\\Documents and Settings\\Mr Wright\\Desktop\\Unused Desktop Shortcuts\\BT Voyager 100 AND KERRY'S CAMERA.zip/UserDiag.exe (Dialer) \par Found trojan file: C:\\Documents and Settings\\Mr Wright\\Desktop\\Unused Desktop Shortcuts\\BT Voyager 100 AND KERRY'S CAMERA.zip/8RW9O.UserDiag.exe (Dialer) \par \cf0 Error: Directory not found: C:\\Documents and Settings\\Mr Wright\\My Documents\\2005-08-13, killarney map\\0\\all ireland \par \cf1 Found trojan file: C:\\Documents and Settings\\Mr Wright\\My Documents\\BT Voyager 100\\BT Voyager 100\\drivers\\WAN Driver\\dsldrv\\UserDiag.exe (Dialer) \par Found trojan file: C:\\Documents and Settings\\Mr Wright\\My Documents\\BT Voyager 100\\BT Voyager 100\\drivers98\\WAN Driver\\dsldrv\\UserDiag.exe (Dialer) \par Found trojan file: C:\\Program Files\\AOL\\Broadband CheckUp\\vendors\\aoluk\\content\\template\\driven_dev\\BroadBandAsst\\Voyager100\\drivers\\WAN Driver\\dsldrv\\UserDiag.exe (Dialer) \par Found trojan file: C:\\Program Files\\AOL\\Broadband CheckUp\\vendors\\aoluk\\content\\template\\driven_dev\\BroadBandAsst\\Voyager100\\drivers98\\WAN Driver\\dsldrv\\UserDiag.exe (Dialer) \par Found trojan file: C:\\Program Files\\Mil Incorporated\\Mil Shield\\ShieldAgent.exe (TrojanClicker.Adfd.100) \par 10 trojan files found \par \cf0\f1 \par } Do you still wish the Panda scan and Ewido has found nothing.
  11. Thank you for reply Here is the log Logfile of HijackThis v1.99.1 Scan saved at 15:42:10, on 11/12/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\netdde.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\Program Files\Filseclab\xfilter\xfilter.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\Voyager100Test\fts.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\AOL 9.0a\aoltray.exe C:\Program Files\Common Files\AOL\1132916045\ee\AOLHostManager.exe C:\Program Files\Common Files\Filseclab\FilMsg.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Common Files\AOL\1132916045\ee\AOLServiceHost.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\AOL\Broadband CheckUp\bin\mpbtn.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe c:\program files\common files\aol\1132916045\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe C:\Program Files\Common Files\AOL\1132916045\ee\AOLServiceHost.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\System32\dllhost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = www.google.co.uk R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [XFILTER] "C:\Program Files\Filseclab\xfilter\xfilter.exe" -a O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Voyager100Test\fts.exe" O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1132916045\ee\AOLHostManager.exe O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0a\aoltray.exe O4 - Global Startup: AOL Broadband Check-Up.lnk = C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe O4 - Global Startup: Filseclab Messenger.lnk = ? O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll O10 - Unknown file in Winsock LSP: c:\program files\filseclab\xfilter\xfilter.dll O15 - Trusted Zone: http://www.airmiles.co.uk O15 - Trusted Zone: http://www.dance-again.com O15 - Trusted Zone: http://www.highlandradio.com O15 - Trusted Zone: www.jacquielawson.com O15 - Trusted Zone: www.kephyr.com O15 - Trusted Zone: http://www.lloydstsb.com O15 - Trusted Zone: http://www.majorgeeks.com O15 - Trusted Zone: http://www.mcgahanlees.com O15 - Trusted Zone: http://forums.techguy.org O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cab O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...84/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123330021234 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37460.cab O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/gs/instal...edsolutions.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...581/mcfscan.cab O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\aol\AOLSPY~1\\aolserv.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe I also have the Bazooka log which I will send if you wish it.Thanks again much appreciated.
  12. Hello I have just joined,I have exploit-beehappyy.biz on my computer found by Bazooka after doing a scan, another type of scanner showed trojan win32.dialer.Ewido and spysweeper haven't found anything bar the odd cookie.I use aol broadband but recently a dialer box comes up asking me to connect to internet using dial up.All very strange,can anyone shed any light on this please as I do not know how to tackle it.Thankyou.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.