Hey ourwilly,
Here's both the HijackThis log and the AVG Anti-Spyware report,
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 6:09:09 PM 3/6/2007
+ Scan result:
:mozilla.179:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.36:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.37:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.38:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.39:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.40:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.10:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.11:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.12:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.13:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.9:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.142:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.143:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.144:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.145:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.146:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.74:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.75:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.76:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.77:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.78:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.178:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.42:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.159:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.177:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.132:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.133:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.41:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Evan Harrington\Cookies\evan_harrington@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.43:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.44:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.48:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.49:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.50:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.51:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.52:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.166:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.167:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.168:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.169:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.170:C:\Documents and Settings\Evan Harrington\Application Data\Mozilla\Firefox\Profiles\mum5dd33.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
Logfile of HijackThis v1.99.1
Scan saved at 6:14:56 PM, on 3/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP2 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BullGuard Software\BullGuard\bullguard.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell.com
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) -
http://asp.mathxl.co...GenXInstall.cab
O16 - DPF: {4FE89055-5300-469E-AFAD-DEB3181EDE76} (PearsonAsstX Control) -
http://asp.mathxl.co...InstallAsst.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1151965044906
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) -
http://asp.mathxl.co.../MathPlayer.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
Honestly, I have no idea what that Symantec file is since I deleted Norton Antivirus a while ago. It could be the remnants of the Norton folder, but I sincerely doubt that this is the case, since I deleted all the folders and files of Norton. What do you think it is? Do you think it's a virus or possibly malware?
Thanks,
eharri2