Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93112 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Hijackthis Log....help...please

Started by rambo , Jun 17 2007 07:39 PM

  • This topic is locked This topic is locked
8 replies to this topic

#1 rambo

rambo

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 17 June 2007 - 07:39 PM

Logfile of HijackThis v1.99.1
Scan saved at 6:38:40 PM, on 6/17/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\WeirdOnTheWeb\WeirdOnTheWeb.exe
C:\WINDOWS\System32\msxct.exe
C:\WINDOWS\System32\lls7mbil.exe
C:\WINDOWS\System32\msupdate32.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\WINDOWS\rtucg.exe
C:\Program Files\SurfAccuracy\SAcc.exe
C:\WINDOWS\System32\Qjammy.exe
C:\WINDOWS\System32\Qhkyrv.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\WINDOWS\System32\system12.exe
C:\WINDOWS\System32\winservices.exe
C:\WINDOWS\System32\ip2ph.exe
C:\WINDOWS\System32\msvc.exe
C:\WINDOWS\System32\mshelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\wmninit.exe
C:\Program Files\Aprps\CxtPls.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\smsc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\UPD\bkuovetxsg.exe
C:\WINDOWS\dumpreg.exe
C:\Documents and Settings\Owner\Desktop\Scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapp...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - C:\WINDOWS\System32\awtsr.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\Aprps\cxtpls.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {77EE46A5-00DA-C424-7EA5-4863287BC4B4} - C:\WINDOWS\System32\UPD\bkuovetxsg.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll
O3 - Toolbar: ISTbar - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - C:\Program Files\ISTbar\istbarcm.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [eTunnel] C:\sss.exe
O4 - HKLM\..\Run: [WeirdOnTheWeb] "C:\Program Files\WeirdOnTheWeb\WeirdOnTheWeb.exe"
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [msxct] msxct.exe
O4 - HKLM\..\Run: [lls7mbil] C:\WINDOWS\System32\lls7mbil.exe
O4 - HKLM\..\Run: [Services] C:\WINDOWS\system32\1.tmp
O4 - HKLM\..\Run: [microsft Updates] msupdate32.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [GNpBxVPoT] C:\WINDOWS\rtucg.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [version] C:\WINDOWS\System32\Qjammy.exe
O4 - HKLM\..\Run: [secure] C:\WINDOWS\System32\Qhkyrv.exe
O4 - HKLM\..\Run: [GNpBxV÷h$vùõš/‚²ÆC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\rtucg.exe
O4 - HKLM\..\Run: [Microsoft Windows 128bit Subsystem] C:\WINDOWS\System32\system12.exe
O4 - HKLM\..\Run: [AutoLoaderqsvM1OIfaKXL] "C:\WINDOWS\System32\wmvclip.exe"
O4 - HKLM\..\Run: [qF4i34V] wmvclip.exe
O4 - HKLM\..\Run: [MS-patch333] winservices.exe
O4 - HKLM\..\Run: [newms] ip2ph.exe
O4 - HKLM\..\Run: [winnsvc] msvc.exe
O4 - HKLM\..\Run: [winns] mshelper.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [microsft Updates] msupdate32.exe
O4 - HKLM\..\RunServices: [MS-patch333] winservices.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [bovsRQZtl] wmninit.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A918E90-B962-4BA5-8620-76E91CC5BBEB}: NameServer = 205.152.132.23 205.152.144.23
O17 - HKLM\System\CS1\Services\Tcpip\..\{6A918E90-B962-4BA5-8620-76E91CC5BBEB}: NameServer = 205.152.132.23 205.152.144.23
O20 - Winlogon Notify: awtsr - C:\WINDOWS\SYSTEM32\awtsr.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe
O23 - Service: Hardware Clock Driver (hwclock) - Unknown owner - C:\WINDOWS\System32\hwclock.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Workstation Service Library (Microsoft Locator Service) - Unknown owner - C:\WINDOWS\wkssvc.exe
O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

THANKS

    Advertisements

Register to Remove

#2 miekiemoes

miekiemoes

    MalwareBytes

  • Visiting Fellow
  • PipPipPipPip
  • 514 posts

Posted 18 June 2007 - 03:12 AM

Hi,

Your system is terribly infected. Problem with these infections nowadays is, it causes a lot of damage. Even if we clean the malware off your system, I can't guarantee that your system will be clean afterwards, because these infections/bundles leave a lot of leftovers behind that most scanners won't even recognise and logs won't show.
Also, I can't promise you we can repair all the damage it caused... Even after cleaning the malware, you can still get errors afterwards because of the damage. Solving these is not always possible since it will be searching for a needle in a haystack to find the right cause and solution.
So, we can try to clean this up and do what we can, but keep in mind that we can't solve ALL problems this malware already caused.

In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start. Reason I am telling this is because when a system is so terribly infected and we try to clean this up manually, the damage that is already present may interfere with our removal attempts.

You REALLY have to change your surfing habits, because it looks like you just click OK on everything.

Actually this doesn't suprise me at all, because I notice that you do not seem to be running Antivirus software. This is somewhat suicidal in today's digital world.
That's why I want you to install one first!!

Avira, AVG OR Active Virus Shield (uncheck the Security Toolbar during install) are good FREE antivirus.


Reboot your computer afterwards.
After reboot,

* Go to start > controlpanel > software > Add or Remove Programs and uninstall next if present:

SideFind
SurfAccuracy
ISTsvc
ISTbar
BullsEye Network
WeirdOnTheWeb
Apropos
UCmore XP

Reboot once again!

Perform a full scan with your Antivirus and let it remove anything it is finding. Then reboot once again in order to delete files that were in use previously.

Also, I see you never scanned with an Antispyware scanner either.
Download and install Superantispyware
  • Load Superantispyware and click the check for updates button.
  • Once the update is finished click the scan your computer button.
  • Check Perform Complete Scan and then next.
  • Superantispyware will now scan your computer and when its finished it will list all the infections it has found.
  • Make sure that they all have a check next to them and press next.
  • Click finish and you will be taken back to the main interface.
  • It could be possible that it will ask you to reboot your computer in order to delete some files after reboot.
  • I'll need a log afterwards of what has been found.
  • To get the log, Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
  • Post the contents of the log in your next reply together with a new HijackThislog in your next reply - then we'll start from there, because it really makes no sense otherwise that we clean this up manually if an Antivirusscan is not present which should be able to deal with most and prevent further reinfection.

Edited by miekiemoes, 18 June 2007 - 03:14 AM.

AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow

#3 rambo

rambo

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 18 June 2007 - 03:57 PM

Hey,

BullsEye Network would not uninstall-------NSIS Error

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/18/2007 at 02:37 PM

Application Version : 3.8.1002

Core Rules Database Version : 3256
Trace Rules Database Version: 1267

Scan type : Complete Scan
Total Scan Time : 00:11:12

Memory items scanned : 300
Memory threats detected : 0
Registry items scanned : 3554
Registry threats detected : 81
File items scanned : 13704
File threats detected : 133

Unclassified.Unknown Origin
HKLM\Software\Classes\CLSID\{00DBDAC8-4691-4797-8E6A-7C6AB89BC441}
HKCR\CLSID\{00DBDAC8-4691-4797-8E6A-7C6AB89BC441}
HKCR\CLSID\{00DBDAC8-4691-4797-8E6A-7C6AB89BC441}\InprocServer32
HKCR\CLSID\{00DBDAC8-4691-4797-8E6A-7C6AB89BC441}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\AWTSR.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00DBDAC8-4691-4797-8E6A-7C6AB89BC441}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{00DBDAC8-4691-4797-8E6A-7C6AB89BC441}
HKCR\CLSID\{00DBDAC8-4691-4797-8E6A-7C6AB89BC441}

Adware.Apropos Media/CxtPls
HKLM\Software\Classes\CLSID\{016235BE-59D4-4CEB-ADD5-E2378282A1D9}
HKCR\CLSID\{016235BE-59D4-4CEB-ADD5-E2378282A1D9}
HKCR\CLSID\{016235BE-59D4-4CEB-ADD5-E2378282A1D9}\InprocServer32
HKCR\CLSID\{016235BE-59D4-4CEB-ADD5-E2378282A1D9}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\APRPS\CXTPLS.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{016235BE-59D4-4CEB-ADD5-E2378282A1D9}
HKCR\CLSID\{016235BE-59D4-4CEB-ADD5-E2378282A1D9}

Adware.IST/SideFind
HKLM\Software\Classes\CLSID\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}
HKU\S-1-5-21-1659004503-1715567821-839522115-1003\Software\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}
HKCR\CLSID\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}
HKCR\CLSID\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}\Implemented Categories
C:\Program Files\SideFind

ADP UrlCatcher Class BHO
HKLM\Software\Classes\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}
HKCR\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}
HKCR\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}
HKCR\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\InprocServer32
HKCR\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\InprocServer32#ThreadingModel
HKCR\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\ProgID
HKCR\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\Programmable
HKCR\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\VersionIndependentProgID
C:\WINDOWS\SYSTEM32\MSBE.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}

Adware.IST/ISTBar (Slotch Bar)
HKLM\Software\Classes\CLSID\{FAA356E4-D317-42a6-AB41-A3021C6E7D52}
HKCR\CLSID\{FAA356E4-D317-42A6-AB41-A3021C6E7D52}
HKCR\CLSID\{FAA356E4-D317-42A6-AB41-A3021C6E7D52}
HKCR\CLSID\{FAA356E4-D317-42A6-AB41-A3021C6E7D52}\InprocServer32
HKCR\CLSID\{FAA356E4-D317-42A6-AB41-A3021C6E7D52}\InprocServer32#ThreadingModel
HKCR\CLSID\{FAA356E4-D317-42A6-AB41-A3021C6E7D52}\ProgID
C:\PROGRAM FILES\ISTBAR\ISTBARCM.DLL
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{FAA356E4-D317-42a6-AB41-A3021C6E7D52}
HKCR\ISTbar.BarObj
HKCR\ISTbar.BarObj\CLSID
HKU\.DEFAULT\Software\IST
HKU\S-1-5-21-1659004503-1715567821-839522115-1003\Software\IST
HKU\S-1-5-18\Software\IST
C:\Program Files\ISTBar
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main#BandRest [ Never ]
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main#BandRest [ Never ]
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main#BandRest [ Never ]

Adware.UCMore/The Search Accelerator
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar#{44BE0690-5429-47f0-85BB-3FFD8020233E}
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar#{44BE0690-5429-47f0-85BB-3FFD8020233E}
HKU\.DEFAULT\Software\Effective-i
HKU\S-1-5-18\Software\Effective-i
HKU\.DEFAULT\Software\Maxthon\Plugin\toolbar\{44BE0690-5429-47f0-85BB-3FFD8020233E}
HKU\S-1-5-18\Software\Maxthon\Plugin\toolbar\{44BE0690-5429-47f0-85BB-3FFD8020233E}

Browser Hijacker.Internet Explorer Zone Hijack
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny#http
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net\ny#https

Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\owner@windowsmedia[1].txt
C:\Documents and Settings\Owner\Cookies\owner@www.winfixer[1].txt
C:\Documents and Settings\Owner\Cookies\owner@pacificpoker[1].txt
C:\Documents and Settings\Owner\Cookies\owner@a.websponsors[1].txt
C:\Documents and Settings\Owner\Cookies\owner@adopt.hbmediapro[2].txt
C:\Documents and Settings\Owner\Cookies\owner@advertising[1].txt
C:\Documents and Settings\Owner\Cookies\owner@roiservice[1].txt
C:\Documents and Settings\Owner\Cookies\owner@adprofile[2].txt
C:\Documents and Settings\Owner\Cookies\owner@azjmp[2].txt
C:\Documents and Settings\Owner\Cookies\owner@server.cpmstar[2].txt
C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt
C:\Documents and Settings\Owner\Cookies\owner@banner.casinolasvegas[2].txt
C:\Documents and Settings\Owner\Cookies\owner@dist.belnk[2].txt
C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt
C:\Documents and Settings\Owner\Cookies\owner@dcswhhs4tpljwp5jjudlnp3nh_5i7r[1].txt
C:\Documents and Settings\Owner\Cookies\owner@blp.valueclick[1].txt
C:\Documents and Settings\Owner\Cookies\owner@stats1.reliablestats[2].txt
C:\Documents and Settings\Owner\Cookies\owner@tour.splash.sexsearch[1].txt
C:\Documents and Settings\Owner\Cookies\owner@revenue[2].txt
C:\Documents and Settings\Owner\Cookies\owner@phg.hitbox[1].txt
C:\Documents and Settings\Owner\Cookies\owner@as1.falkag[2].txt
C:\Documents and Settings\Owner\Cookies\owner@adserving.autotrader[1].txt
C:\Documents and Settings\Owner\Cookies\owner@realmedia[2].txt
C:\Documents and Settings\Owner\Cookies\owner@qksrv[2].txt
C:\Documents and Settings\Owner\Cookies\owner@bluestreak[1].txt
C:\Documents and Settings\Owner\Cookies\owner@emarketmakers[1].txt
C:\Documents and Settings\Owner\Cookies\owner@leadgenetwork[1].txt
C:\Documents and Settings\Owner\Cookies\owner@1.primaryads[1].txt
C:\Documents and Settings\Owner\Cookies\owner@statcounter[1].txt
C:\Documents and Settings\Owner\Cookies\owner@www.directnetadvertising[1].txt
C:\Documents and Settings\Owner\Cookies\owner@metareward[2].txt
C:\Documents and Settings\Owner\Cookies\owner@2o7[1].txt
C:\Documents and Settings\Owner\Cookies\owner@partypoker[2].txt
C:\Documents and Settings\Owner\Cookies\owner@zedo[1].txt
C:\Documents and Settings\Owner\Cookies\owner@www.rowise[1].txt
C:\Documents and Settings\Owner\Cookies\owner@valueclick[2].txt
C:\Documents and Settings\Owner\Cookies\owner@c5.zedo[2].txt
C:\Documents and Settings\Owner\Cookies\owner@ehg.hitbox[2].txt
C:\Documents and Settings\Owner\Cookies\owner@apmebf[1].txt
C:\Documents and Settings\Owner\Cookies\owner@commission-junction[2].txt
C:\Documents and Settings\Owner\Cookies\owner@www.xctrk[2].txt
C:\Documents and Settings\Owner\Cookies\owner@1071912622[1].txt
C:\Documents and Settings\Owner\Cookies\owner@fastclick[1].txt
C:\Documents and Settings\Owner\Cookies\owner@hits.clickandtrack[2].txt
C:\Documents and Settings\Owner\Cookies\owner@192[1].txt
C:\Documents and Settings\Owner\Cookies\owner@c.enhance[1].txt
C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[1].txt
C:\Documents and Settings\Owner\Cookies\owner@cpvfeed[1].txt
C:\Documents and Settings\Owner\Cookies\owner@revsci[1].txt
C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt
C:\Documents and Settings\Owner\Cookies\owner@maxserving[1].txt
C:\Documents and Settings\Owner\Cookies\owner@linksynergy[2].txt
C:\Documents and Settings\Owner\Cookies\owner@nextag[2].txt
C:\Documents and Settings\Owner\Cookies\owner@winfixer[2].txt
C:\Documents and Settings\Owner\Cookies\owner@statse.webtrendslive[1].txt
C:\Documents and Settings\Owner\Cookies\owner@casinolasvegas[1].txt
C:\Documents and Settings\Owner\Cookies\owner@hitbox[1].txt
C:\Documents and Settings\Owner\Cookies\owner@adopt.specificclick[2].txt
C:\Documents and Settings\Owner\Cookies\owner@ehg-nissan.hitbox[1].txt
C:\Documents and Settings\Owner\Cookies\owner@belnk[1].txt
C:\Documents and Settings\Owner\Cookies\owner@trafficmp[2].txt
C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt
C:\Documents and Settings\Owner\Cookies\owner@casalemedia[2].txt
C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt
C:\Documents and Settings\Owner\Cookies\owner@adknowledge[2].txt
C:\Documents and Settings\Owner\Cookies\owner@atwola[2].txt
C:\Documents and Settings\Owner\Cookies\owner@sav.coolsavings[2].txt
C:\Documents and Settings\Owner\Cookies\owner@overture[2].txt
C:\Documents and Settings\Owner\Cookies\owner@www.azoogleads[2].txt
C:\Documents and Settings\Owner\Cookies\owner@yfdmedia[2].txt
C:\Documents and Settings\Owner\Cookies\owner@citi.bridgetrack[2].txt
C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt
C:\Documents and Settings\Owner\Cookies\owner@perf.overture[1].txt
C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt
C:\Documents and Settings\Owner\Cookies\owner@exitexchange[1].txt
C:\Documents and Settings\Owner\Cookies\owner@serving-sys[1].txt
C:\Documents and Settings\Owner\Cookies\owner@linkstattrack[1].txt

Adware.Apropos Media
HKU\S-1-5-21-1659004503-1715567821-839522115-1003\Software\Aprps
HKLM\Software\Aprps
HKLM\Software\Aprps\Client
HKLM\Software\Aprps\Client#ProxyStub
HKLM\Software\Aprps\Client#Plugin
HKLM\Software\Aprps\Client#ClientName
HKLM\Software\Aprps\Client#LegalNote
HKLM\Software\Aprps\Client#InstallationId
HKLM\Software\Aprps\Client#PartnerId
HKLM\Software\Aprps\Client#ServerAddress
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AproposClient
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AproposClient#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AproposClient#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AproposClient#DisplayIcon
C:\Program Files\Aprps\AI_17-06-2007.log
C:\Program Files\Aprps\AI_18-06-2007.log
C:\Program Files\Aprps\atl.dll
C:\Program Files\Aprps\data.bin
C:\Program Files\Aprps
HKLM\Software\Envolo
HKLM\Software\Envolo\AutoUpdate
HKLM\Software\Envolo\AutoUpdate#NextPingTime64
HKLM\Software\Envolo\AutoUpdate\State
HKLM\Software\Envolo\AutoUpdate\State#AM_1.0.226
HKLM\Software\Envolo\AutoUpdate\State#AM_version

Adware.Avenue Media/Internet Optimizer
HKU\.DEFAULT\Software\Avenue Media
HKU\S-1-5-18\Software\Avenue Media
HKU\.DEFAULT\SOFTWARE\Policies\Avenue Media
HKU\S-1-5-18\SOFTWARE\Policies\Avenue Media
HKLM\SOFTWARE\Policies\Avenue Media
C:\Program Files\Internet Optimizer
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks#_{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
HKU\S-1-5-21-1659004503-1715567821-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks#_{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks#_{CFBFAE00-17A6-11D0-99CB-00C04FD64497}

Trojan.Malware
C:\asdf.txt

Adware.BargainBuddy/NaviSearch
C:\Program Files\BullsEye Network\2005_06_22.data.zip
C:\Program Files\BullsEye Network\2005_06_23.data.zip
C:\Program Files\BullsEye Network\2005_06_26.data.zip
C:\Program Files\BullsEye Network\2005_06_28.data.zip
C:\Program Files\BullsEye Network\2005_07_07.data.zip
C:\Program Files\BullsEye Network\2005_07_08.data.zip
C:\Program Files\BullsEye Network\2005_07_15.data.zip
C:\Program Files\BullsEye Network\2005_07_17.data.zip
C:\Program Files\BullsEye Network\2005_07_18.data.zip
C:\Program Files\BullsEye Network\2005_07_21.data.zip
C:\Program Files\BullsEye Network\2005_07_22.data.zip
C:\Program Files\BullsEye Network\2005_07_23.data.zip
C:\Program Files\BullsEye Network\2005_08_01.data.zip
C:\Program Files\BullsEye Network\2005_08_02.data.zip
C:\Program Files\BullsEye Network\2005_08_09.data.zip
C:\Program Files\BullsEye Network\2005_08_15.data.zip
C:\Program Files\BullsEye Network\2005_08_16.data.zip
C:\Program Files\BullsEye Network\2005_08_23.data.zip
C:\Program Files\BullsEye Network\2005_08_27.data.zip
C:\Program Files\BullsEye Network\2005_09_03.data.zip
C:\Program Files\BullsEye Network\2005_09_09.data.zip
C:\Program Files\BullsEye Network\2005_09_13.data.zip
C:\Program Files\BullsEye Network\2005_09_14.data.zip
C:\Program Files\BullsEye Network\2005_09_20.data.zip
C:\Program Files\BullsEye Network\2005_10_05.data.zip
C:\Program Files\BullsEye Network\2005_10_08.data.zip
C:\Program Files\BullsEye Network\2005_10_09.data.zip
C:\Program Files\BullsEye Network\ad.dat
C:\Program Files\BullsEye Network\bin
C:\Program Files\BullsEye Network\ub.dat
C:\Program Files\BullsEye Network

Adware.UCMore
C:\WINDOWS\..\UCmore - The Search Accelerator

Adware.eXact Advertising
C:\SYSTEM VOLUME INFORMATION\_RESTORE{4E04B1FA-1584-4CA9-B661-7393FC0534AE}\RP13\A0046966.EXE

Adware.SurfSideKick
C:\WINDOWS\TEMP\SSKUPDATER3.EXE

Trojan.Unknown Origin
C:\WINDOWS\TEMPF.TXT

Trace.Known Threat Sources
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K1MNGDU7\sitefind_logo[1].gif
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GLYFWL2F\header_title-right[1].gif
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GPYR8XEF\header_title-left[1].gif
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GLYFWL2F\sfexd001[2].htm
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GDYZ01MF\common[1].js
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GLYFWL2F\header_title-bg[1].gif
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\K1MNGDU7\results[1].htm
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ARI12JO3\sfexd001[1].htm

Logfile of HijackThis v1.99.1
Scan saved at 2:43:31 PM, on 6/18/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Owner\Desktop\Scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapp...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
R3 - Default URLSearchHook is missing
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E33769B-CDAE-1590-00E1-5612689CCB46} - C:\WINDOWS\System32\UPD\bkuovetxsg.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [eTunnel] C:\sss.exe
O4 - HKLM\..\Run: [msxct] msxct.exe
O4 - HKLM\..\Run: [microsft Updates] msupdate32.exe
O4 - HKLM\..\Run: [GNpBxVPoT] C:\WINDOWS\rtucg.exe
O4 - HKLM\..\Run: [AutoLoaderqsvM1OIfaKXL] "C:\WINDOWS\System32\wmvclip.exe"
O4 - HKLM\..\Run: [qF4i34V] wmvclip.exe
O4 - HKLM\..\Run: [MS-patch333] winservices.exe
O4 - HKLM\..\Run: [newms] ip2ph.exe
O4 - HKLM\..\Run: [winnsvc] msvc.exe
O4 - HKLM\..\Run: [winns] mshelper.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [aol] "C:\Program Files\AOL\Active Virus Shield\avp.exe"
O4 - HKLM\..\RunServices: [microsft Updates] msupdate32.exe
O4 - HKLM\..\RunServices: [MS-patch333] winservices.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [bovsRQZtl] wmninit.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtsr - awtsr.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
O23 - Service: Active Virus Shield (AVP) - AOL - C:\Program Files\AOL\Active Virus Shield\avp.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

THANKS

Edited by rambo, 18 June 2007 - 03:59 PM.

#4 miekiemoes

miekiemoes

    MalwareBytes

  • Visiting Fellow
  • PipPipPipPip
  • 514 posts

Posted 18 June 2007 - 04:08 PM

Hi,

Do you understand now why an Antivirus and Antispywarescan is so important? If you had run them previously, then you would never start this thread, because as far as I can see, there are only leftovers present here now. None of the malware related processes that were running previously are running now, which is a good sign.
Don't worry if you couldn't uninstall BullsEye Network. I see SuperAntispyware already deleted the entire related folder..

Let's deal with the rest now...

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapp...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapp...//www.yahoo.com
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {7E33769B-CDAE-1590-00E1-5612689CCB46} - C:\WINDOWS\System32\UPD\bkuovetxsg.dll (file missing)
O4 - HKLM\..\Run: [eTunnel] C:\sss.exe
O4 - HKLM\..\Run: [msxct] msxct.exe
O4 - HKLM\..\Run: [microsft Updates] msupdate32.exe
O4 - HKLM\..\Run: [GNpBxVPoT] C:\WINDOWS\rtucg.exe
O4 - HKLM\..\Run: [AutoLoaderqsvM1OIfaKXL] "C:\WINDOWS\System32\wmvclip.exe"
O4 - HKLM\..\Run: [qF4i34V] wmvclip.exe
O4 - HKLM\..\Run: [MS-patch333] winservices.exe
O4 - HKLM\..\Run: [newms] ip2ph.exe
O4 - HKLM\..\Run: [winnsvc] msvc.exe
O4 - HKLM\..\Run: [winns] mshelper.exe
O4 - HKLM\..\RunServices: [microsft Updates] msupdate32.exe
O4 - HKLM\..\RunServices: [MS-patch333] winservices.exe
O4 - HKCU\..\Run: [bovsRQZtl] wmninit.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O20 - Winlogon Notify: awtsr - awtsr.dll (file missing)

* Click on Fix Checked when finished and exit HijackThis.
Make sure your Internet Explorer is closed when you click Fix Checked!

Post a new HijackThislog in your next reply.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow

#5 rambo

rambo

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 18 June 2007 - 05:40 PM

Hi,

Logfile of HijackThis v1.99.1
Scan saved at 4:39:13 PM, on 6/18/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Owner\Desktop\Scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [aol] "C:\Program Files\AOL\Active Virus Shield\avp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A918E90-B962-4BA5-8620-76E91CC5BBEB}: NameServer = 205.152.132.23 205.152.144.23
O17 - HKLM\System\CS1\Services\Tcpip\..\{6A918E90-B962-4BA5-8620-76E91CC5BBEB}: NameServer = 205.152.132.23 205.152.144.23
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
O23 - Service: Active Virus Shield (AVP) - AOL - C:\Program Files\AOL\Active Virus Shield\avp.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

THANKS

#6 miekiemoes

miekiemoes

    MalwareBytes

  • Visiting Fellow
  • PipPipPipPip
  • 514 posts

Posted 18 June 2007 - 11:03 PM

This log looks clean again. How are things now?
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow

#7 rambo

rambo

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 19 June 2007 - 10:54 AM

Hi, Everything seems fine. Is there anything else that i can download that will help with protection in the future or do i have all i need? THANKS

#8 miekiemoes

miekiemoes

    MalwareBytes

  • Visiting Fellow
  • PipPipPipPip
  • 514 posts

Posted 19 June 2007 - 12:18 PM

Glad I could help. :)

Please read my Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.

Happy Surfing again!
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow

#9 miekiemoes

miekiemoes

    MalwareBytes

  • Visiting Fellow
  • PipPipPipPip
  • 514 posts

Posted 04 July 2007 - 05:01 PM

Since this issue appears resolved ... this Topic is closed. If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·