Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

msnupdate!@#@.exe

Status
Not open for further replies.
supertech2000

supertech2000

Technical User
Nov 12, 2003
84
US
When my MSN Premium web browser closes, I get an error message from Vista that says this unidentified program is trying to run. I tell it "no", don't run and everything is fine. Until I close my browser next time. Here is my HijackThis log file. Can anyone help?

Logfile of HijackThis v1.99.1
Scan saved at 6:21:34 AM, on 6/8/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Sierra\Planner\PLNRnote.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Sierra\Planner\PLNRnote.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {AECD14A8-F662-11D1-A395-00805F535788} (Plotwon Control) - O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
 
Sort by date Sort by votes
i'm not sure if these programs will run with Vista, but you can try!





Download AVG Anti-Spyware



* Once you have downloaded AVG Anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
* Once the setup is complete you will need run AVG and update the definition files.
* On the main screen select the icon "Update" then select the "Update now" link.
* Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
* Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
* Once in the Settings screen click on "Recommended actions" and then select "Delete"
* Under "Reports"
* Select "Automatically generate report after every scan"
* Un-Select "Only if threats were found"


Close AVG Anti-Spyware. Anti-spyware, Do NOT run a scan yet. We will do that later in safe mode.






* Click here to download ATF Cleaner by Atribune and save it to your desktop.



* Double-click ATF-Cleaner.exe to run the program.
* Under Main choose: Select All
* Click the Empty Selected button.
o If you use Firefox:
+ Click Firefox at the top and choose: Select All
+ Click the Empty Selected button.
+ NOTE: If you would like to keep your saved passwords, please click No at the prompt.
o If you use Opera:
+ Click Opera at the top and choose: Select All
+ Click the Empty Selected button.
+ NOTE: If you would like to keep your saved passwords, please click No at the prompt.
* Click Exit on the Main menu to close the program.


* Click here for info on how to boot to safe mode if you don't already know
how.




* Now copy these instructions to notepad and save them to your desktop. You
will need them to refer to in safe mode.


* Restart your computer into safe mode now. Perform the following steps in
safe mode:






Run AVG Anti-Spyware!

# IMPORTANT: Do not open any other windows or programs while AVG is scanning as it may interfere with the scanning process:
# Launch AVG Anti-spyware by double-clicking the icon on your desktop.
# Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
# AVG will now begin the scanning process. Be patient this may take a little time.
Once the scan is complete do the following:
# If you have any infections you will prompted, then select "Apply all actions"
# Next select the "Reports" icon at the top.
# Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
# Close AVG and reboot your system back into Normal Mode.


Note: this is a stand alone, it doesn't install to start/programmes.

Download Mwav,



double click on it and it will extract to C:\kaspersky. Click
on the kaspersky folder and click on Kavupd, a black dos window will open
and it will update the programme for you, be patient it will take 5-10
minutes to download the new definitions. Once it's updated, click on mwavscan
to launch the programme.

Use the defaults of:

Memory
startup folders
Registry
system folders
services

Choose drive , all drives and, click scan all files
and then click scan/clean. After it finishes scanning and cleaning post
the log here with a new hijack this log.

Note: this is a very thorough scanner, it might take anything up to an hour
or more, depending on how many drives you have and how badly infected your
pc is.



Highlight the portion of the scan that lists infected items and hold
CTRL + C to Copy then paste it here. The whole log with be extremely
big so there is no way to copy the whole thing. I just need the
infected items list.



Post a new hijack this, the Mwav scan log and the AVg antispware log!






Member of ASAP Alliance of Security Analysis Professionals

under the name khazars
 
Upvote 0 Downvote
mwav wouldn't run in vista, but here are the hijackthis and avg results.

Logfile of HijackThis v1.99.1
Scan saved at 6:13:05 PM, on 6/9/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Sierra\Planner\PLNRnote.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\explorer.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{B69D40A4-F940-4A0B-96AA-910BA5511895}
O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Sierra\Planner\PLNRnote.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {AECD14A8-F662-11D1-A395-00805F535788} (Plotwon Control) - O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WRNotifier - C:\Windows\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:15:42 AM 6/9/2007

+ Scan result:



C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@semdirector.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@semdirector.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\Low\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@semdirector.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@semdirector.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@semdirector.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Dad and Mom\Cookies\Low\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@semdirector.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@www.adobe[2].txt -> TrackingCookie.Adobe : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@ads.cnn[1].txt -> TrackingCookie.Cnn : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@ads.cnn[1].txt -> TrackingCookie.Cnn : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@ads.cnn[1].txt -> TrackingCookie.Cnn : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@ads.cnn[1].txt -> TrackingCookie.Cnn : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@ads.cnn[1].txt -> TrackingCookie.Cnn : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@ads.cnn[1].txt -> TrackingCookie.Cnn : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@www.dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@www.dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@www.dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@www.dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@www.dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@www.dealtime[2].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@sales.liveperson[3].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@sales.liveperson[4].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@sales.liveperson[3].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@sales.liveperson[4].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\Low\dad_and_mom@sales.liveperson[3].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@sales.liveperson[4].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@sales.liveperson[3].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@sales.liveperson[4].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@sales.liveperson[3].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@sales.liveperson[4].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Users\Dad and Mom\Cookies\Low\dad_and_mom@sales.liveperson[3].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@sales.liveperson[4].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\Low\dad_and_mom@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Users\Dad and Mom\Cookies\Low\dad_and_mom@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\Low\dad_and_mom@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Users\Dad and Mom\Cookies\Low\dad_and_mom@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\Low\dad_and_mom@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Users\Dad and Mom\Cookies\Low\dad_and_mom@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@site.skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@skype[2].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@site.skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@skype[2].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@site.skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@skype[2].txt -> TrackingCookie.Skype : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@site.skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@skype[2].txt -> TrackingCookie.Skype : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@site.skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@skype[2].txt -> TrackingCookie.Skype : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@site.skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@skype[2].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\Low\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Users\Dad and Mom\Cookies\Low\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@toplist[1].txt -> TrackingCookie.Toplist : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\Low\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Users\Dad and Mom\Cookies\Low\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Users\Dad and Mom\Cookies\dad_and_mom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Dad and Mom\Cookies\Low\dad_and_mom@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Users\Dad and Mom\AppData\Roaming\Microsoft\Windows\Cookies\Low\dad_and_mom@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Users\Dad and Mom\Application Data\Microsoft\Windows\Cookies\Low\dad_and_mom@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Users\Dad and Mom\Cookies\Low\dad_and_mom@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Cleaned.


::Report end
 
Upvote 0 Downvote
have hijack this fix these entries. close all browsers and programmes before
clicking FIX.



R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =


Try these and see what ones work, the kaspersky one should and post their logs.



Run an online antivirus check from


then run kaspersky online again BUT this time before you scan select scan
options and select EXTENDED BASES




Member of ASAP Alliance of Security Analysis Professionals

under the name khazars
 
Upvote 0 Downvote
Kaspersky found nothing. I told Hijackthis to "fix" your suggestions and only removed one. here is a new log.

Logfile of HijackThis v1.99.1
Scan saved at 6:03:22 PM, on 6/11/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Sierra\Planner\PLNRnote.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{B69D40A4-F940-4A0B-96AA-910BA5511895}
O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Sierra\Planner\PLNRnote.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - O16 - DPF: {AECD14A8-F662-11D1-A395-00805F535788} (Plotwon Control) - O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WRNotifier - C:\Windows\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

amanua
  • Locked
  • Question
vpn7x32.exe in program files folder
Replies
5
Views
191
goombawaho
goombawaho
Bluejay07
  • Locked
  • Question
Virus removal and blocking exe files
Replies
4
Views
121
Bluejay07
Bluejay07
jwaffe
  • Locked
  • Question
Automatically deleting .exe s on a system running NIS 2010
Replies
0
Views
83
jwaffe
jwaffe
1DMF
  • Locked
  • Question
How do drive by virus arbitarily execute code on my machine? 3
Replies
14
Views
232
thefarg
thefarg
Iam2391212
  • Locked
  • Question
Win 7 AnitVirus 2012 removal ( .exe's and .com's wont open)
Replies
8
Views
129
Iam2391212
Iam2391212

Part and Inventory Search

Sponsor

Back
Top