Sponsored By

jlmcclure

Winfixer Popups

Recommended Posts

I have been getting porn popups, along with winfixer. I will either get a small error message box, or now a whole browser window is opening. THe first time I ran Norton antivirus, it came up, but could not be deleted. I went to the symantec site to manually delete it, but could not find anything they said would be in the registry. Now when I run Norton, it does not find anything. I've ran AdAware, Spybot, System Mechanic, cleaned all your temp files etc, and now am coming here for help. Thanks!

Lynette

Logfile of HijackThis v1.99.1

Scan saved at 11:02:26 AM, on 12/13/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\SYSTEM32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINNT\system32\LEXBCES.EXE

C:\WINNT\system32\LEXPPS.EXE

C:\WINNT\system32\spoolsv.exe

C:\WINNT\Explorer.EXE

C:\Program Files\iolo\System Mechanic 6\IoloSGCtrl.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Belkin Bulldog Plus\upsd.exe

C:\WINNT\System32\hkcmd.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Lexmark X74-X75\lxbbbmon.exe

C:\Program Files\Lexmark 6200 Series\lxbumon.exe

C:\Program Files\Lexmark 6200 Series\ezprint.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Microsoft AntiSpyware\gcasServ.exe

C:\Program Files\iolo\System Mechanic 6\SystemGuardAlerter.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\WINNT\system32\ctfmon.exe

C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe

C:\Program Files\AWS\WeatherBug\Weather.exe

C:\Program Files\Plaxo\2.4.1.5\InstallStub.exe

C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe

C:\Program Files\Belkin Bulldog Plus\MUPS.exe

C:\Program Files\Trend Micro\Tmas\Tmas.exe

C:\Program Files\Eyetide Media\Eyetide Viewer\EyetideController.exe

C:\WINNT\system32\lxbucoms.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Norton AntiVirus\OPScan.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\3vto8ph1.slt\prefs.js)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O2 - BHO: ATLDistrib Object - {3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - C:\WINNT\system32\awtst.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: (no name) - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - (no file)

O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [EPSON Stylus Photo 820 Series] C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S0EIC1.EXE /P29 "EPSON Stylus Photo 820 Series" /O6 "USB002" /M "Stylus Photo 820"

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINNT\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,[email protected]

O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"

O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6200 Series\ezprint.exe"

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [systemGuardAlerter] "C:\Program Files\iolo\System Mechanic 6\SystemGuardAlerter.exe"

O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe

O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1

O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.4.1.5\InstallStub.exe -a

O4 - HKCU\..\Run: [sMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe"

O4 - Startup: Eyetide Launcher.lnk = C:\Program Files\Eyetide Media\Eyetide Viewer\EyetideController.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: MUPS.lnk = C:\Program Files\Belkin Bulldog Plus\MUPS.exe

O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe

O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000

O15 - Trusted Zone: http://www.ivillage.com

O15 - Trusted Zone: http://www.prospero.com

O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - https://www.plaxo.com/down/latest/PlaxoInstall.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.com/SnapfishActivia.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} - http://a14.g.akamai.net/f/14/7141/1d/www.n...GAPANEL_USA.cab

O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB

O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/download/bin/actxcab.cab

O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab

O16 - DPF: {F229AB32-7BF9-4225-B78F-B4680AE6FC23} (Snapfish File Upload ActiveX Control) - http://www.clarkcolor.com/ClarkUpload.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{69132662-0E4E-4C30-9AB4-74FDD8042C30}: NameServer = 209.193.72.2,209.192.68.2

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: awtst - C:\WINNT\system32\awtst.dll

O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic 6\IoloSGCtrl.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE

O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINNT\system32\lxbucoms.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Intel NCS NetService (NetSvc) - IntelĀ® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: UPS - UPSentry Service (UPSentry_Smart) - Delta - C:\Program Files\Belkin Bulldog Plus\upsd.exe

Share this post


Link to post
Share on other sites

Please print these instructions out for use in Safe Mode.

Please download VundoFix.exe to your desktop.

  • Double-click VundoFix.exe to extract the files
  • This will create a VundoFix folder on your desktop.
  • After the files are extracted, please reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.
  • Once in safe mode open the VundoFix folder and doubleclick on KillVundo.bat
  • You will first be presented with a warning.
    It should look like this
    VundoFix V2.15 by Atri
    By using VundoFix you agree that you are doing so at your own risk
    Press enter to continue....
  • At this point press enter one time.
  • Next you will see:
    Please Type in the filepath as instructed by the forum staff
    and then press enter:
  • At this point please type the following file path (make sure to enter it exactly as below!):
    • C:\WINNT\system32\awtst.dll

    [*]Press Enter to continue with the fix.

    [*] Next you will see:

    Please type in the second filepath as instructed by the forum

    staff then press enter:

    [*]At this point please type the following file path (make sure to enter it exactly as below!):

    • C:\WINNT\system32\tstwa.*

    [*]Press Enter to continue with the fix.

    [*]The fix will run then HijackThis will open, if it does not open automatically please open it manually.

    [*]In HiJackThis, please place a check next to the following items and click FIX CHECKED:

    • R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
      O2 - BHO: ATLDistrib Object - {3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - C:\WINNT\system32\awtst.dll
      O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
      O3 - Toolbar: (no name) - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - (no file)
      O20 - Winlogon Notify: awtst - C:\WINNT\system32\awtst.dll

    [*]After you have fixed these items, close Hijackthis.

    [*]Press enter to exit the program then manually reboot your computer.

    [*]Once your machine reboots please continue with the instructions below.

Download and install CleanUp!

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).

Set the program up as follows:

Click "Options..."

Move the arrow down to "Custom CleanUp!"

Put a check next to the following (Make sure nothing else is checked!):

  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Cleanup! All Users

Click OK

Press the CleanUp! button to start the program.

It may ask you to reboot at the end, click NO.

Then, please run this online virus scan: ActiveScan

Copy the results of the ActiveScan and paste them here along with a new HiJackThis log and the vundofix.txt file from the vundofix folder into this topic.

Share this post


Link to post
Share on other sites

From Active Scan:

Incident Status Location

Adware:adware/adlogix Not disinfected C:\Program Files\adlcontrolcomp

VundoFix V2.15 by Atri

--------------------------------------------------------------------------------------

Listing files contained in the vundofix folder.

--------------------------------------------------------------------------------------

killvundo.bat

process.exe

ReadMe.txt

vundo.reg

vundofix.txt

--------------------------------------------------------------------------------------

Filepaths entered

--------------------------------------------------------------------------------------

The filepath entered was c:WINNT\system32\awtst.dll

The second filepath entered was c:\WINNT\system32\tstwa.*

--------------------------------------------------------------------------------------

Log from Process

--------------------------------------------------------------------------------------

Killing PID 136 'smss.exe'

Killing PID 772 'explorer.exe'

Killing PID 772 'explorer.exe'

Killing PID 772 'explorer.exe'

Killing PID 212 'winlogon.exe'

Killing PID 212 'winlogon.exe'

--------------------------------------------------------------------------------------

c:WINNT\system32\awtst.dll Deleted sucessfully.

c:\WINNT\system32\tstwa.* Deleted sucessfully.

Fixing Registry

--------------------------------------------------------------------------------------

Logfile of HijackThis v1.99.1

Scan saved at 8:04:46 PM, on 12/13/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\SYSTEM32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINNT\system32\LEXBCES.EXE

C:\WINNT\system32\LEXPPS.EXE

C:\WINNT\system32\spoolsv.exe

C:\Program Files\iolo\System Mechanic 6\IoloSGCtrl.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Belkin Bulldog Plus\upsd.exe

C:\WINNT\Explorer.EXE

C:\WINNT\System32\hkcmd.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Lexmark X74-X75\lxbbbmon.exe

C:\Program Files\Lexmark 6200 Series\lxbumon.exe

C:\Program Files\Lexmark 6200 Series\ezprint.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Microsoft AntiSpyware\gcasServ.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\WINNT\system32\ctfmon.exe

C:\Program Files\AWS\WeatherBug\Weather.exe

C:\Program Files\Plaxo\2.4.1.5\InstallStub.exe

C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe

C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe

C:\Program Files\Belkin Bulldog Plus\MUPS.exe

C:\Program Files\Trend Micro\Tmas\Tmas.exe

C:\Program Files\Eyetide Media\Eyetide Viewer\EyetideController.exe

C:\WINNT\system32\lxbucoms.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\3vto8ph1.slt\prefs.js)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O2 - BHO: ATLDistrib Object - {3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - C:\WINNT\system32\awtst.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: (no name) - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - (no file)

O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [EPSON Stylus Photo 820 Series] C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S0EIC1.EXE /P29 "EPSON Stylus Photo 820 Series" /O6 "USB002" /M "Stylus Photo 820"

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINNT\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,[email protected]

O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"

O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s

O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6200 Series\ezprint.exe"

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [systemGuardAlerter] "C:\Program Files\iolo\System Mechanic 6\SystemGuardAlerter.exe"

O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe

O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1

O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.4.1.5\InstallStub.exe -a

O4 - HKCU\..\Run: [sMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe"

O4 - Startup: Eyetide Launcher.lnk = C:\Program Files\Eyetide Media\Eyetide Viewer\EyetideController.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: MUPS.lnk = C:\Program Files\Belkin Bulldog Plus\MUPS.exe

O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe

O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000

O15 - Trusted Zone: http://www.ivillage.com

O15 - Trusted Zone: http://www.prospero.com

O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - https://www.plaxo.com/down/latest/PlaxoInstall.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.com/SnapfishActivia.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} - http://a14.g.akamai.net/f/14/7141/1d/www.n...GAPANEL_USA.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB

O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/download/bin/actxcab.cab

O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab

O16 - DPF: {F229AB32-7BF9-4225-B78F-B4680AE6FC23} (Snapfish File Upload ActiveX Control) - http://www.clarkcolor.com/ClarkUpload.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{69132662-0E4E-4C30-9AB4-74FDD8042C30}: NameServer = 209.193.72.2,209.192.68.2

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: awtst - C:\WINNT\system32\awtst.dll

O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic 6\IoloSGCtrl.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE

O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINNT\system32\lxbucoms.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Intel NCS NetService (NetSvc) - IntelĀ® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: UPS - UPSentry Service (UPSentry_Smart) - Delta - C:\Program Files\Belkin Bulldog Plus\upsd.exe

Thanks!

Share this post


Link to post
Share on other sites

Please download WebRoot SpySweeper from HERE (It's a 2 week trial):

  • Click the Free Trial link under to "SpySweeper" to download the program.
  • Install it. Once the program is installed, it will open.
  • It will prompt you to update to the latest definitions, click Yes.
  • Once the definitions are installed, click Options on the left side.
  • Click the Sweep Options tab.
  • Under What to Sweep please put a check next to the following:

    • Sweep Memory
    • Sweep Registry
    • Sweep Cookies
    • Sweep All User Accounts
    • Enable Direct Disk Sweeping
    • Sweep Contents of Compressed Files
    • Sweep for Rootkits
    • Please UNCHECK Do not Sweep System Restore Folder.

    [*]Click Sweep Now on the left side.

    [*]Click the Start button.

    [*]When it's done scanning, click the Next button.

    [*]Make sure everything has a check next to it, then click the Next button.

    [*]It will remove all of the items found.

    [*]Click Session Log in the upper right corner, copy everything in that window.

    [*]Click the Summary tab and click Finish.

    [*]Paste the contents of the session log you copied into your next reply.

Share this post


Link to post
Share on other sites

********

9:22 AM: | Start of Session, Wednesday, December 14, 2005 |

9:22 AM: Spy Sweeper started

9:22 AM: Sweep initiated using definitions version 584

9:22 AM: Starting Memory Sweep

9:22 AM: Found Adware: virtumonde

9:22 AM: Detected running threat: C:\WINNT\system32\awtst.dll (ID = 77)

9:24 AM: Memory Sweep Complete, Elapsed Time: 00:02:54

9:24 AM: Starting Registry Sweep

9:25 AM: Found Adware: coolsavings

9:25 AM: HKCR\clsid\{11bdb904-c0bc-41ce-910b-0d12fd619fd0}\ (2 subtraces) (ID = 106999)

9:25 AM: HKLM\software\classes\clsid\{11bdb904-c0bc-41ce-910b-0d12fd619fd0}\ (2 subtraces) (ID = 107005)

9:25 AM: Found Trojan Horse: kitten free sex dialer

9:25 AM: HKLM\software\sds software\ (2 subtraces) (ID = 129640)

9:25 AM: HKCR\atldistrib.atldistrib\ (5 subtraces) (ID = 1030533)

9:25 AM: HKCR\atldistrib.atldistrib\clsid\ (1 subtraces) (ID = 1030535)

9:25 AM: HKCR\atldistrib.atldistrib\curver\ (1 subtraces) (ID = 1030537)

9:25 AM: HKCR\atldistrib.atldistrib.1\ (3 subtraces) (ID = 1030539)

9:25 AM: HKCR\atldistrib.atldistrib.1\clsid\ (1 subtraces) (ID = 1030541)

9:25 AM: HKLM\software\classes\atldistrib.atldistrib\ (5 subtraces) (ID = 1030666)

9:25 AM: HKLM\software\classes\atldistrib.atldistrib\clsid\ (1 subtraces) (ID = 1030668)

9:25 AM: HKLM\software\classes\atldistrib.atldistrib\curver\ (1 subtraces) (ID = 1030670)

9:25 AM: HKLM\software\classes\atldistrib.atldistrib.1\ (3 subtraces) (ID = 1030672)

9:25 AM: HKLM\software\classes\atldistrib.atldistrib.1\clsid\ (1 subtraces) (ID = 1030674)

9:25 AM: HKCR\clsid\{3fe36807-69ed-45d1-b9be-85c0e3f75b6a}\ (12 subtraces) (ID = 1037004)

9:25 AM: HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{3fe36807-69ed-45d1-b9be-85c0e3f75b6a}\ (ID = 1037057)

9:25 AM: HKLM\software\classes\clsid\{3fe36807-69ed-45d1-b9be-85c0e3f75b6a}\ (12 subtraces) (ID = 1037059)

9:25 AM: Found Trojan Horse: alwaysupdatednews

9:25 AM: HKU\S-1-5-21-2107301836-2747050126-4071164399-1003\software\aun\ (4 subtraces) (ID = 103544)

9:25 AM: Found Adware: wildmedia

9:25 AM: HKU\S-1-5-21-2107301836-2747050126-4071164399-1003\software\microsoft\internet explorer\main\ || updater2 (ID = 146720)

9:25 AM: Registry Sweep Complete, Elapsed Time:00:00:23

9:25 AM: Starting Cookie Sweep

9:25 AM: Found Spy Cookie: 247realmedia cookie

9:25 AM: [email protected][2].txt (ID = 1953)

9:25 AM: Found Spy Cookie: apmebf cookie

9:25 AM: [email protected][1].txt (ID = 2229)

9:25 AM: Found Spy Cookie: atwola cookie

9:25 AM: [email protected][1].txt (ID = 2255)

9:25 AM: Found Spy Cookie: overture cookie

9:25 AM: [email protected][1].txt (ID = 3106)

9:25 AM: Found Spy Cookie: nextag cookie

9:25 AM: [email protected][1].txt (ID = 5014)

9:25 AM: Found Spy Cookie: partypoker cookie

9:25 AM: [email protected][2].txt (ID = 3111)

9:25 AM: [email protected][1].txt (ID = 3106)

9:25 AM: Found Spy Cookie: questionmarket cookie

9:25 AM: [email protected][1].txt (ID = 3217)

9:25 AM: Cookie Sweep Complete, Elapsed Time: 00:00:00

9:25 AM: Starting File Sweep

9:25 AM: Found Adware: search3 toolbar

9:25 AM: c:\program files\search3 toolbar (5 subtraces) (ID = -2147480360)

9:29 AM: Found Adware: adlogix

9:29 AM: oorjqa.xml (ID = 49162)

9:31 AM: Found Adware: shopathomeselect

9:31 AM: vp.dat (ID = 75980)

9:34 AM: Found Adware: purityscan

9:34 AM: a0076889.exe (ID = 72939)

9:41 AM: Found Adware: bookedspace

9:41 AM: bs5-goodyr1.exe (ID = 51642)

9:42 AM: Found Adware: netratings

9:42 AM: a0089271.dll (ID = 70902)

9:44 AM: adlcontrolcomp.xml (ID = 49219)

9:44 AM: iyzuce.xml (ID = 49219)

9:44 AM: oorjqb.xml (ID = 49280)

9:44 AM: iyzucb.xml (ID = 49280)

9:45 AM: File Sweep Complete, Elapsed Time: 00:19:59

9:45 AM: Full Sweep has completed. Elapsed time 00:23:24

9:45 AM: Traces Found: 98

9:54 AM: Removal process initiated

9:54 AM: Quarantining All Traces: adlogix

9:54 AM: Quarantining All Traces: kitten free sex dialer

9:54 AM: Quarantining All Traces: purityscan

9:54 AM: Quarantining All Traces: virtumonde

9:54 AM: virtumonde is in use. It will be removed on reboot.

9:54 AM: HKLM: software\classes\clsid\{3fe36807-69ed-45d1-b9be-85c0e3f75b6a}\ is in use. It will be removed on reboot.

9:54 AM: C:\WINNT\system32\awtst.dll is in use. It will be removed on reboot.

9:54 AM: Quarantining All Traces: wildmedia

9:54 AM: Quarantining All Traces: alwaysupdatednews

9:54 AM: Quarantining All Traces: bookedspace

9:54 AM: Quarantining All Traces: coolsavings

9:54 AM: Quarantining All Traces: netratings

9:54 AM: Quarantining All Traces: search3 toolbar

9:54 AM: Quarantining All Traces: shopathomeselect

9:54 AM: Quarantining All Traces: 247realmedia cookie

9:54 AM: Quarantining All Traces: apmebf cookie

9:54 AM: Quarantining All Traces: atwola cookie

9:54 AM: Quarantining All Traces: nextag cookie

9:54 AM: Quarantining All Traces: overture cookie

9:54 AM: Quarantining All Traces: partypoker cookie

9:54 AM: Quarantining All Traces: questionmarket cookie

9:54 AM: Warning: Launched explorer.exe

9:54 AM: Warning: Quarantine process could not restart Explorer.

9:57 AM: Removal process completed. Elapsed time 00:02:49

********

8:40 AM: | Start of Session, Wednesday, December 14, 2005 |

8:40 AM: Spy Sweeper started

8:40 AM: Sweep initiated using definitions version 584

8:40 AM: Starting Memory Sweep

8:40 AM: Found Adware: virtumonde

8:40 AM: Detected running threat: C:\WINNT\system32\awtst.dll (ID = 77)

8:43 AM: Memory Sweep Complete, Elapsed Time: 00:03:04

8:43 AM: Starting Registry Sweep

8:43 AM: Found Adware: coolsavings

8:43 AM: HKCR\clsid\{11bdb904-c0bc-41ce-910b-0d12fd619fd0}\ (2 subtraces) (ID = 106999)

8:43 AM: HKLM\software\classes\clsid\{11bdb904-c0bc-41ce-910b-0d12fd619fd0}\ (2 subtraces) (ID = 107005)

8:43 AM: Found Trojan Horse: kitten free sex dialer

8:43 AM: HKLM\software\sds software\ (2 subtraces) (ID = 129640)

8:43 AM: HKCR\atldistrib.atldistrib\ (5 subtraces) (ID = 1030533)

8:43 AM: HKCR\atldistrib.atldistrib\clsid\ (1 subtraces) (ID = 1030535)

8:43 AM: HKCR\atldistrib.atldistrib\curver\ (1 subtraces) (ID = 1030537)

8:43 AM: HKCR\atldistrib.atldistrib.1\ (3 subtraces) (ID = 1030539)

8:43 AM: HKCR\atldistrib.atldistrib.1\clsid\ (1 subtraces) (ID = 1030541)

8:43 AM: HKLM\software\classes\atldistrib.atldistrib\ (5 subtraces) (ID = 1030666)

8:43 AM: HKLM\software\classes\atldistrib.atldistrib\clsid\ (1 subtraces) (ID = 1030668)

8:43 AM: HKLM\software\classes\atldistrib.atldistrib\curver\ (1 subtraces) (ID = 1030670)

8:43 AM: HKLM\software\classes\atldistrib.atldistrib.1\ (3 subtraces) (ID = 1030672)

8:43 AM: HKLM\software\classes\atldistrib.atldistrib.1\clsid\ (1 subtraces) (ID = 1030674)

8:43 AM: HKCR\clsid\{3fe36807-69ed-45d1-b9be-85c0e3f75b6a}\ (12 subtraces) (ID = 1037004)

8:43 AM: HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{3fe36807-69ed-45d1-b9be-85c0e3f75b6a}\ (ID = 1037057)

8:43 AM: HKLM\software\classes\clsid\{3fe36807-69ed-45d1-b9be-85c0e3f75b6a}\ (12 subtraces) (ID = 1037059)

8:43 AM: Found Trojan Horse: alwaysupdatednews

8:43 AM: HKU\S-1-5-21-2107301836-2747050126-4071164399-1003\software\aun\ (4 subtraces) (ID = 103544)

8:43 AM: Found Adware: wildmedia

8:43 AM: HKU\S-1-5-21-2107301836-2747050126-4071164399-1003\software\microsoft\internet explorer\main\ || updater2 (ID = 146720)

8:43 AM: Registry Sweep Complete, Elapsed Time:00:00:25

8:43 AM: Starting Cookie Sweep

8:43 AM: Found Spy Cookie: 247realmedia cookie

8:43 AM: [email protected][2].txt (ID = 1953)

8:43 AM: Found Spy Cookie: apmebf cookie

8:43 AM: [email protected][1].txt (ID = 2229)

8:43 AM: Found Spy Cookie: atwola cookie

8:43 AM: [email protected][1].txt (ID = 2255)

8:43 AM: Found Spy Cookie: overture cookie

8:43 AM: [email protected][1].txt (ID = 3106)

8:43 AM: Found Spy Cookie: nextag cookie

8:43 AM: [email protected][1].txt (ID = 5014)

8:43 AM: Found Spy Cookie: partypoker cookie

8:43 AM: [email protected][2].txt (ID = 3111)

8:43 AM: [email protected][1].txt (ID = 3106)

8:43 AM: Found Spy Cookie: questionmarket cookie

8:43 AM: [email protected][1].txt (ID = 3217)

8:43 AM: Cookie Sweep Complete, Elapsed Time: 00:00:00

8:43 AM: Starting File Sweep

8:44 AM: Found Adware: search3 toolbar

8:44 AM: c:\program files\search3 toolbar (5 subtraces) (ID = -2147480360)

8:47 AM: Found Adware: adlogix

8:47 AM: oorjqa.xml (ID = 49162)

8:50 AM: Found Adware: shopathomeselect

8:50 AM: vp.dat (ID = 75980)

8:54 AM: Found Adware: purityscan

8:54 AM: a0076889.exe (ID = 72939)

9:03 AM: Found Adware: bookedspace

9:03 AM: bs5-goodyr1.exe (ID = 51642)

9:04 AM: Found Adware: netratings

9:04 AM: a0089271.dll (ID = 70902)

9:07 AM: adlcontrolcomp.xml (ID = 49219)

9:07 AM: iyzuce.xml (ID = 49219)

9:07 AM: oorjqb.xml (ID = 49280)

9:07 AM: iyzucb.xml (ID = 49280)

9:07 AM: Warning: Unhandled Archive Type

9:07 AM: Warning: Unhandled Archive Type

9:07 AM: Warning: Unhandled Archive Type

9:07 AM: Warning: Unhandled Archive Type

9:07 AM: Warning: Unhandled Archive Type

9:07 AM: Warning: Invalid Stream

9:07 AM: Warning: Unhandled Archive Type

9:08 AM: Warning: Unhandled Archive Type

9:08 AM: File Sweep Complete, Elapsed Time: 00:24:24

9:08 AM: Full Sweep has completed. Elapsed time 00:28:02

9:08 AM: Traces Found: 98

9:21 AM: Your spyware definitions have been updated.

9:22 AM: | End of Session, Wednesday, December 14, 2005 |

********

8:38 AM: | Start of Session, Wednesday, December 14, 2005 |

8:38 AM: Spy Sweeper started

8:39 AM: Your spyware definitions have been updated.

8:40 AM: | End of Session, Wednesday, December 14, 2005 |

Share this post


Link to post
Share on other sites

Inactive topic...

If you still need help on this problem, contact me or one of the Moderators to re-open this up.

Topic closed.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.