| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 69889 | 2006-06-15 12:25:00 | Doh! Spyware quake again ..... Help Please | mi2dear (10556) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 463378 | 2006-06-16 13:33:00 | I dont think they are serious but if you get chance can you post the Spyware Doctor scan.Im sure they are just in the restore or quarantine files.Also Download the trial version of Ewido Security Suite (www.ewido.net) When installing, under "Additional Options" uncheck "Install Background Guard" and "Install scan via context menu". Launch Ewido Security Suite (there should be an icon on your desktop doubleclick it). The program will now go to the main screen. You will need to update ewido to the latest definition files. On the left hand side of the main screen click update and then click on Start Update. The update will start and a progress bar will show the updates being installed. If you have problems with the updater, you can use this link to manually update ewido. www.ewido.net Do not run a scan yet. When you have done this, boot into Safe Mode (restart your PC and keep tapping F8 while it restarts). Run Ewido Security Suite now. Click on Scanner and click Complete System Scan and the scan will begin. During the scan it will prompt you to clean files, click OK. When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK. When the scan is finished, click the Save report button at the bottom of the screen. Save the report to your desktop and close Ewido Security Suite.Please post its log here. |
Pancake (6359) | ||
| 463379 | 2006-06-17 10:15:00 | hi here is the log for spyware doctor Scan Results: scan start: 17/06/2006 6:35:04 PM scan stop: 17/06/2006 6:36:08 PM scanned items: 1587 found items: 0 found and ignored: 0 tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner Infection Name Location Risk Scan Results: scan start: 17/06/2006 6:36:19 PM scan stop: 17/06/2006 6:54:49 PM scanned items: 125799 found items: 204 found and ignored: 0 tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner Infection Name Location Risk Advertising C:\Documents and Settings\Owner\Cookies\owner@adlegend[1].txt Low Advertising C:\Documents and Settings\Owner\Cookies\owner@adopt.hbmediapro[2].txt Low Tracking Cookie(s) C:\Documents and Settings\Owner\Cookies\owner@cgi-bin[1].txt Low Tracking Cookie(s) C:\Documents and Settings\Owner\Cookies\owner@ct.360i[2].txt Low Tracking Cookie(s) C:\Documents and Settings\Owner\Cookies\owner@experts-exchange[2].txt Low Tracking Cookie(s) C:\Documents and Settings\Owner\Cookies\owner@geekstogo[1].txt Low Comet Cursor C:\Documents and Settings\Owner\Cookies\owner@i.screensavers[1].txt Low SpywareNo C:\Documents and Settings\Owner\Cookies\owner@www.pesttrap[1].txt High Comet Cursor C:\Documents and Settings\Owner\Cookies\owner@www.screensavers[2].txt Low Affiliated with Browser Hijackers C:\Documents and Settings\Owner\Favorites\surf's up - miniclip.url Elevated Affiliated with Browser Hijackers C:\Documents and Settings\Owner\Favorites\wakeboarding xs - miniclip.com.url Elevated Comet Cursor C:\Documents and Settings\Owner\My Documents\screensaver\sinstaller.exe Low Trojan.Dluca C:\WINDOWS\system32\sncntr.exe High Trojan.Downloader.Zlob.GEN HKCR\EMediaCodec.Chl High Trojan.Downloader.Zlob.GEN HKCR\EMediaCodec.Chl## High Trojan.Downloader.Zlob.GEN HKCR\EMediaCodec.Chl\CLSID High Trojan.Downloader.Zlob.GEN HKCR\EMediaCodec.Chl\CLSID## High SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4} Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}## Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\TypeLib Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\TypeLib## Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29} Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}## Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\TypeLib Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\TypeLib## Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F} Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}## Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\TypeLib Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\TypeLib## Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8} Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}## Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\TypeLib Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\TypeLib## Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2} Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}## Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\TypeLib Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\TypeLib## Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9} Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}## Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\TypeLib Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\TypeLib## Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9} Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}## Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\TypeLib Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\TypeLib## Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5} Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}## Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\TypeLib Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\TypeLib## Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16} Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}## Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\TypeLib Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\TypeLib## Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A} Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}## Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\TypeLib Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\TypeLib## Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B} Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}## Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\TypeLib Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\TypeLib## Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E} Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}## Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\TypeLib Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\TypeLib## Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D} Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}## Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\TypeLib Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\TypeLib## Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA} Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}## Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\TypeLib Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\TypeLib## Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81} Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}## Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\TypeLib Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\TypeLib## Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4} Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}## Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\TypeLib Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\TypeLib## Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\TypeLib##Version Elevated Trojan.Downloader.Zlob.GEN HKCR\Media-Codec.Chl High Trojan.Downloader.Zlob.GEN HKCR\Media-Codec.Chl## High Trojan.Downloader.Zlob.GEN HKCR\Media-Codec.Chl\CLSID High Trojan.Downloader.Zlob.GEN HKCR\Media-Codec.Chl\CLSID## High SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD} Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}## Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0 Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0## Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\0 Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\0## Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\0\win32 Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\0\win32## Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\FLAGS Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\FLAGS## Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\HELPDIR Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\HELPDIR## Elevated 2020search.com HKCU\Software\Dynamic Toolbar High 2020search.com HKCU\Software\Dynamic Toolbar## High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR## High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR##BarID High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR##BitmapVersion High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR##LastConfigDown High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR##LastLeft High HotVideo_in HKCU\Software\GSoft Medium HotVideo_in HKCU\Software\GSoft## Medium Common Components Unrelated HKCU\Software\Program Info Medium Common Components Unrelated HKCU\Software\Program Info## Medium Common Components Unrelated HKCU\Software\Program Info##ClientID Medium Trojan.Dluca HKCU\Software\sncntr High Trojan.Dluca HKCU\Software\sncntr## High Trojan.Dluca HKCU\Software\sncntr##DocID High Trojan.Dluca HKCU\Software\sncntr##DocTime High Trojan.Dluca HKCU\Software\sncntr##GetInfoRetryCounter High Trojan.Dluca HKCU\Software\sncntr##Info High Trojan.Dluca HKCU\Software\sncntr##LastWNK High Trojan.Downloader.Zlob.GEN HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ecodec.exe High Trojan.Downloader.Zlob.GEN HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ecodec.exe## High Trojan.Dluca HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\sncntr High Trojan.Dluca HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\sncntr## High Trojan.Dluca HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\sncntr##DisplayIcon High Trojan.Dluca HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\sncntr##DisplayName High Trojan.Dluca HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\sncntr##UninstallString High Scan Results: scan start: 17/06/2006 7:00:00 PM scan stop: 17/06/2006 7:18:10 PM scanned items: 90219 found items: 204 found and ignored: 0 tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Hosts Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner Infection Name Location Risk Advertising C:\Documents and Settings\Owner\Cookies\owner@adlegend[1].txt Low Advertising C:\Documents and Settings\Owner\Cookies\owner@adopt.hbmediapro[2].txt Low Tracking Cookie(s) C:\Documents and Settings\Owner\Cookies\owner@cgi-bin[1].txt Low Tracking Cookie(s) C:\Documents and Settings\Owner\Cookies\owner@ct.360i[2].txt Low Tracking Cookie(s) C:\Documents and Settings\Owner\Cookies\owner@experts-exchange[2].txt Low Tracking Cookie(s) C:\Documents and Settings\Owner\Cookies\owner@geekstogo[1].txt Low Comet Cursor C:\Documents and Settings\Owner\Cookies\owner@i.screensavers[1].txt Low SpywareNo C:\Documents and Settings\Owner\Cookies\owner@www.pesttrap[1].txt Low Comet Cursor C:\Documents and Settings\Owner\Cookies\owner@www.screensavers[2].txt Low Affiliated with Browser Hijackers C:\Documents and Settings\Owner\Favorites\surf's up - miniclip.url Elevated Affiliated with Browser Hijackers C:\Documents and Settings\Owner\Favorites\wakeboarding xs - miniclip.com.url Elevated Comet Cursor C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\screensaver\sinstaller.exe Low Trojan.Dluca C:\WINDOWS\system32\sncntr.exe High Trojan.Downloader.Zlob.GEN HKCR\EMediaCodec.Chl High Trojan.Downloader.Zlob.GEN HKCR\EMediaCodec.Chl## High Trojan.Downloader.Zlob.GEN HKCR\EMediaCodec.Chl\CLSID High Trojan.Downloader.Zlob.GEN HKCR\EMediaCodec.Chl\CLSID## High SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4} Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}## Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\TypeLib Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\TypeLib## Elevated SpywareQuake HKCR\Interface\{165E8C46-D58D-4A82-8A8B-5A16237715D4}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29} Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}## Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\TypeLib Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\TypeLib## Elevated SpywareQuake HKCR\Interface\{350CF545-DD5A-4807-B02A-FA1B41339B29}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F} Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}## Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\TypeLib Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\TypeLib## Elevated SpywareQuake HKCR\Interface\{4193BF7B-0C6C-4C23-B295-20F72F97938F}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8} Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}## Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\TypeLib Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\TypeLib## Elevated SpywareQuake HKCR\Interface\{4201428F-7885-4513-B98E-BF6557375CF8}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2} Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}## Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\TypeLib Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\TypeLib## Elevated SpywareQuake HKCR\Interface\{7227E56F-8FE9-4FF6-8BBF-537DE39450E2}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9} Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}## Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\TypeLib Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\TypeLib## Elevated SpywareQuake HKCR\Interface\{7BB9E6B0-96B6-41A6-B01E-363DCEC652C9}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9} Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}## Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\TypeLib Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\TypeLib## Elevated SpywareQuake HKCR\Interface\{835A4DA1-778A-426B-AF73-6A4C5E11B8B9}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5} Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}## Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\TypeLib Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\TypeLib## Elevated SpywareQuake HKCR\Interface\{886903CE-0C3B-485C-8F90-582EC1D1CFA5}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16} Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}## Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\TypeLib Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\TypeLib## Elevated SpywareQuake HKCR\Interface\{9ADDE7B5-93BB-46C9-AB5C-D975B7D32A16}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A} Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}## Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\TypeLib Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\TypeLib## Elevated SpywareQuake HKCR\Interface\{A76556B1-6E37-49F3-8815-595F05A5B37A}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B} Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}## Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\TypeLib Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\TypeLib## Elevated SpywareQuake HKCR\Interface\{A8D2DCEA-D78E-486B-B43C-E2AF008E782B}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E} Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}## Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\TypeLib Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\TypeLib## Elevated SpywareQuake HKCR\Interface\{B44C56FD-31E9-4FAE-A4DE-60EDE0F32B9E}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D} Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}## Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\TypeLib Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\TypeLib## Elevated SpywareQuake HKCR\Interface\{CE557B85-753F-489E-B0CF-C90E0158371D}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA} Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}## Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\TypeLib Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\TypeLib## Elevated SpywareQuake HKCR\Interface\{D198915A-8DBC-43FA-943A-D0E68F2275FA}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81} Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}## Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\TypeLib Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\TypeLib## Elevated SpywareQuake HKCR\Interface\{D9E510C8-1BA8-4A3F-A06C-97286D11BF81}\TypeLib##Version Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4} Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}## Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\ProxyStubClsid Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\ProxyStubClsid## Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\ProxyStubClsid32 Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\ProxyStubClsid32## Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\TypeLib Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\TypeLib## Elevated SpywareQuake HKCR\Interface\{EDC18412-24FD-43C7-8B38-5E67EDB57DB4}\TypeLib##Version Elevated Trojan.Downloader.Zlob.GEN HKCR\Media-Codec.Chl High Trojan.Downloader.Zlob.GEN HKCR\Media-Codec.Chl## High Trojan.Downloader.Zlob.GEN HKCR\Media-Codec.Chl\CLSID High Trojan.Downloader.Zlob.GEN HKCR\Media-Codec.Chl\CLSID## High SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD} Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}## Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0 Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0## Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\0 Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\0## Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\0\win32 Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\0\win32## Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\FLAGS Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\FLAGS## Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\HELPDIR Elevated SpywareQuake HKCR\TypeLib\{5CB9686D-CC21-4927-B904-D91D4479F4BD}\1.0\HELPDIR## Elevated 2020search.com HKCU\Software\Dynamic Toolbar High 2020search.com HKCU\Software\Dynamic Toolbar## High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR## High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR##BarID High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR##BitmapVersion High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR##LastConfigDown High 2020search.com HKCU\Software\Dynamic Toolbar\REALBAR##LastLeft High HotVideo_in HKCU\Software\GSoft Medium HotVideo_in HKCU\Software\GSoft## Medium Common Components Unrelated HKCU\Software\Program Info Medium Common Components Unrelated HKCU\Software\Program Info## Medium Common Components Unrelated HKCU\Software\Program Info##ClientID Medium Trojan.Dluca HKCU\Software\sncntr High Trojan.Dluca HKCU\Software\sncntr## High Trojan.Dluca HKCU\Software\sncntr##DocID High Trojan.Dluca HKCU\Software\sncntr##DocTime High Trojan.Dluca HKCU\Software\sncntr##GetInfoRetryCounter High Trojan.Dluca HKCU\Software\sncntr##Info High Trojan.Dluca HKCU\Software\sncntr##LastWNK High Trojan.Downloader.Zlob.GEN HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ecodec.exe High Trojan.Downloader.Zlob.GEN HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ecodec.exe## High Trojan.Dluca HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\sncntr High Trojan.Dluca HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\sncntr## High Trojan.Dluca HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\sncntr##DisplayIcon High Trojan.Dluca HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\sncntr##DisplayName High Trojan.Dluca HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\sncntr##UninstallString High log for ewido --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 5:46:09 PM, 17/06/2006 + Report-Checksum: 3B22F797 + Scan result: HKLM\SOFTWARE\GMSoft -> Dialer.Generic : Cleaned with backup HKLM\SOFTWARE\GMSoft\Dialers -> Dialer.Generic : Cleaned with backup HKLM\SOFTWARE\Microsoft\VisualStudio\Analyzer\Even ts\{6C736D71-BCBF-11D0-8A23-00AA00B58E10} -> Adware.CoolWebSearch : Cleaned with backup HKU\S-1-5-21-1359937993-2584481472-1090776897-1003\Software\GMSoft -> Dialer.Generic : Cleaned with backup HKU\S-1-5-21-1359937993-2584481472-1090776897-1003\Software\GMSoft\Dialers -> Dialer.Generic : Cleaned with backup :mozilla.8:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\Default User\2cxsq7ke.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@c5.zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup C:\Documents and Settings\Owner\Cookies\owner@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL -> Not-A-Virus.Downloader.Win32.FunWeb : Cleaned with backup C:\Program Files\Media-Codec -> Trojan.Small : Cleaned with backup C:\Program Files\Media-Codec\uninst.exe -> Trojan.Small : Cleaned with backup ::Report End Please advise |
mi2dear (10556) | ||
| 463380 | 2006-06-17 11:00:00 | Things are looking ok...Can you now post a new HJT log please and let me know if your are still having any problems. | Pancake (6359) | ||
| 463381 | 2006-06-17 11:49:00 | Hi Pancake Here is the HJT log...... Logfile of HijackThis v1.99.1 Scan saved at 10:45:46 PM, on 17/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Spyware Doctor\sdhelp.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\System32\hkcmd.exe C:\Windows\system32\HpSrvUI.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 5.exe c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\fxssvc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Spyware Doctor\swdoctor.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Opera7\opera.exe C:\Program Files\HijackThis 1.99.1\HijackThis.exe N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\4rq13khl.slt\prefs.j s) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O3 - Toolbar: Cash4Action Bar - {AFDF828B-490E-43c4-A92C-BCC6D482C770} - C:\Program Files\Internet Explorer\PLUGINS\cash4action.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [hp Silent Service] C:\Windows\system32\HpSrvUI.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 5.exe O4 - HKLM\..\Run: [ScanRegistry] C:\W O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll O9 - Extra button: Cash4Action Bar - {8584F7F8-479C-4c78-9AC1-EEB18D89A8CA} - C:\Program Files\Internet Explorer\PLUGINS\cash4action.dll O9 - Extra 'Tools' menuitem: Cash4Action Bar - {8584F7F8-479C-4c78-9AC1-EEB18D89A8CA} - C:\Program Files\Internet Explorer\PLUGINS\cash4action.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: http://*.windowsupdate.microsoft.com O15 - Trusted Zone: http://*.windowsupdate.com O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - imgfarm.com O17 - HKLM\System\CCS\Services\Tcpip\..\{FD31B142-F27B-45D6-8E38-7DEE5B45AA7D}: NameServer = 210.55.12.1 210.55.12.2 O18 - Protocol: bw+0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {498B875F-FC08-4E39-B5E0-B5EAE6986E24} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe Is this looking any good........ |
mi2dear (10556) | ||
| 463382 | 2006-06-17 12:32:00 | That looks fine.I done see any problems there now... | Pancake (6359) | ||
| 463383 | 2006-06-18 11:30:00 | Thanks mate. Your help is much appreciated. I can heave a sigh of relief now................ | mi2dear (10556) | ||
| 463384 | 2006-06-18 12:15:00 | Glad to help. | Pancake (6359) | ||
| 463385 | 2006-06-20 01:02:00 | Unfortunately, due to a lapse in concentration, I inadvertently OK'd a Zone Alarm Pro message and let Spyware Quake into my system. Once I realised my error I ran a full virus check, using my anti virus (e-Trust) and anti spyware (Counter Spy). This seems to have effectively removed the software. But, the system tray still shows the Spyquake icon, and its message pops up every few minutes or so. As long as I ignore it, nothing bad happens, but I would like to get this item off the system tray. Any ideas on how to do this? With regards, and appreciation Noel |
noelevans (10557) | ||
| 463386 | 2006-06-20 01:26:00 | Run the Smitfix in post #3 and follow all those instuctions again... | Pancake (6359) | ||
| 463387 | 2006-06-23 08:51:00 | Hi Pancake, Can I remove smitfraud smitex from my PC. My PC has gone dead slow |
mi2dear (10556) | ||
| 1 2 3 4 | |||||