Jump to content

Sharky009

Members
 View Profile  See their activity

  • Posts

    19

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Sharky009
    Is there a way I could recover it? Download from somewhere maby? Or maby you could add me to your msn list if you have time to talk. [email protected] Oh, can you see something that could have caused the e-mail problem? (70 blank e-mail messages to my msn popped up out of nowhere) /EDIT It's landesher, I'm at a friends place.
  2. Sharky009
    Ok. Did that. Everything seems to be ok for now. Thank you very much Colt. If I have some other problems in the future, I'll post them here. So an IT genius like u could help me. :wink:
  3. Sharky009
    Wee... I can change my wallpaper. lol. I did the things that I had to do in Safemode. After that, now I can change my wallpaper. I didn't do this Panda search. Do I still have to do it? Ok. Here is the HiJackThis log Logfile of HijackThis v1.99.1 Scan saved at 13:44:53, on 26.11.2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\WINDOWS\system32\services[Caution: ExecutableFile] C:\WINDOWS\system32\lsass[Caution: ExecutableFile] C:\WINDOWS\system32\svchost[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile] C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] C:\PROGRA~1\COMMON~1\Stardock\SDMCP[Caution: ExecutableFile] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload[Caution: ExecutableFile] C:\WINDOWS\Explorer[Caution: ExecutableFile] C:\Program Files\Java\jre1.5.0_04\bin\jusched[Caution: ExecutableFile] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05[Caution: ExecutableFile] C:\WINDOWS\System32\RUNDLL32[Caution: ExecutableFile] C:\Program Files\Browser MOUSE\mouse32a[Caution: ExecutableFile] C:\Program Files\D-Tools\daemon[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile] C:\Documents and Settings\Sander\Desktop\ares\Ares Lite Edition\AresLite[Caution: ExecutableFile] C:\Program Files\CursorXP\CursorXP[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile] C:\Program Files\ewido\security suite\ewidoctrl[Caution: ExecutableFile] C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile] C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile] C:\WINDOWS\System32\nvsvc32[Caution: ExecutableFile] C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService[Caution: ExecutableFile] C:\Program Files\Webroot\Spy Sweeper\WRSSSDK[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr[Caution: ExecutableFile] C:\WINDOWS\System32\wuauclt[Caution: ExecutableFile] C:\Program Files\Internet Explorer\IEXPLORE[Caution: ExecutableFile] C:\Hijackthis\HijackThis[Caution: ExecutableFile] O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile] O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05[Caution: ExecutableFile] O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a[Caution: ExecutableFile] O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon[Caution: ExecutableFile]" -lang 1033 O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin[Caution: ExecutableFile]" /StartupJobs O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio[Caution: ExecutableFile]" /RANDOM O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt[Caution: ExecutableFile] O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon[Caution: ExecutableFile] /Consumer O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper[Caution: ExecutableFile]" /startintray O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] /STARTUP O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [areslite] "C:\Documents and Settings\Sander\Desktop\ares\Ares Lite Edition\AresLite[Caution: ExecutableFile]" -h O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP[Caution: ExecutableFile]" -s O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire[Caution: ExecutableFile] O4 - Global Startup: Adobe Gamma Loader[Caution: ExecutableFile].lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D3A7982E-915D-4589-8ECE-249F70D0C941} (Launch Control) - http://aaotracker.4players.de/LaunchGame.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F28B19E0-2F1A-4189-97C7-CF3FDED1F881}: NameServer = 194.126.115.18 194.126.101.34 O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile] O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile] O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile] O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile] O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile] O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile] O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl[Caution: ExecutableFile] O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile] O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32[Caution: ExecutableFile] O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan[Caution: ExecutableFile] O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile] O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile] O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile] O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService[Caution: ExecutableFile] O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK[Caution: ExecutableFile] O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr[Caution: ExecutableFile] Here's the Ewido Security Suite report --------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 13:33:28, 26.11.2005 + Report-Checksum: 20FE8782 + Scan result: C:\Documents and Settings\Sander\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Sander\Cookies\sander@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup C:\Documents and Settings\Sander\Cookies\sander@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup C:\Documents and Settings\Sander\Cookies\sander@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup C:\Documents and Settings\Sander\Local Settings\Temporary Internet Files\Content.IE5\NF5NRH8W\load[1][Caution: Executable File] -> TrojanDownloader.Small.bws : Cleaned with backup C:\Documents and Settings\Sander\Local Settings\Temporary Internet Files\Content.IE5\NF5NRH8W\load[2][Caution: Executable File] -> TrojanDownloader.Small.bws : Cleaned with backup C:\Documents and Settings\Sander\Local Settings\Temporary Internet Files\Content.IE5\WZBBAWTL\load[1][Caution: Executable File] -> TrojanDownloader.Small.bws : Cleaned with backup C:\WINDOWS\tool3[Caution: ExecutableFile] -> TrojanDropper.Small.aja : Cleaned with backup ::Report End
  4. Sharky009
    I can't find the Panda Activescan shortcut... Ok, gotta go to sleep. Will come here 1-st thing after school tomorrow.
  5. Sharky009
    Sorry for the delay. I was busy and not home. :roll: Jotti virusscan found.. Nothing Service load: 0% 100% File: kl[Caution: ExecutableFile] Status: OK MD5 6422adddabd9d54361a1ab5151049698 Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VBA32 Found nothing Virus total found nothing also. :( ____ I'm gonna start the MWav virus scan in a few hours and let it scan the whole night. So hoping to post the results tomorrow.
  6. Sharky009
    So here is the list.. ACDSee 5.0 PowerPack Ad-aware 6 Personal Ad-Aware SE Personal Adobe Acrobat 5.0 Adobe Photoshop 6.0 Adobe Photoshop 7.0 America's Army AMRConverter AresLite 2.0.0 AVG Free Edition Battlefield 2(TM) BootSkin Browser MOUSE ccCommon CCleaner (remove only) Codec Pack - All In 1 6.0.2.2 Counter-Strike 1.6 CursorXP DAEMON Tools EAX4 Unified Redist ewido security suite FEAR FlatOut Football Generation Fraps HijackThis 1.99.1 Hitman Contracts hp deskjet 3320 series (Remove only) IconPackager Internet Worm Protection J2SE Runtime Environment 5.0 Update 4 Kaspersky On-line Scanner LiveReg (Symantec Corporation) LiveUpdate 2.5 (Symantec Corporation) LogonStudio Macromedia Dreamweaver 4 Macromedia Extension Manager Macromedia FreeHand 10 Macromedia Shockwave Player Magic ISO Maker v5.0 (build 0166) Microsoft Office XP Professional with FrontPage MSN Messenger 7.0 Nero 6 Ultra Edition Nokia Connectivity Cable Driver Norton AntiVirus 2005 Norton AntiVirus 2005 (Symantec Corporation) Norton AntiVirus Help Norton AntiVirus Parent MSI Norton AntiVirus SYMLT MSI Norton WMI Update NVIDIA Drivers Panda ActiveScan Silent Hunter III SmartFTP Client Soldier of Fortune II - Double Helix MP TEST SPBBC Spy Sweeper Spybot - Search & Destroy 1.4 Stardock Central SuperCleaner Symantec Symantec Script Blocking Installer SymNet ubi.com Ulead DVD MovieFactory 3 Disc Creator Winamp (remove only) WinCustomize Browser WindowBlinds Windows Media Encoder 9 Series Windows Media Encoder 9 Series WinRAR archiver Worms 3D Worms 4 Mayhem Demo Xfire (remove only)
  7. Sharky009
    So I made 2 screenshots of this "kl[Caution: ExecutableFile]" file I tried to delete it manually... I opened it...
  8. Sharky009
    "EAX4 Unified Redist" was the only one I could find...
  9. Sharky009
    About the ISP.. Yep it's correct. I don't have to hijackthis fix it. And I didn't fix this Fileplanet stuff.. My computer is still very slow and I'm unable to select my background. Remember that I couldnt delete this file?? Adware:adware/cws.searchmeup No disinfected C:\WINDOWS\kl.e3e (CAUTION - executable file) Maybe it's the trouble maker.. Don't know. I didn't turn off the system restore while running the cwshredder. Did I have to? Oh and I can't update my windows.. :(
  10. Sharky009
    CWShredder didn't find anything... :? HiJackThis log after the scans. Logfile of HijackThis v1.99.1 Scan saved at 23:23:21, on 15.11.2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\WINDOWS\system32\services[Caution: ExecutableFile] C:\WINDOWS\system32\lsass[Caution: ExecutableFile] C:\WINDOWS\system32\svchost[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile] C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] C:\PROGRA~1\COMMON~1\Stardock\SDMCP[Caution: ExecutableFile] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload[Caution: ExecutableFile] C:\WINDOWS\Explorer[Caution: ExecutableFile] C:\Program Files\Java\jre1.5.0_04\bin\jusched[Caution: ExecutableFile] C:\WINDOWS\System32\RUNDLL32[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] C:\Documents and Settings\Sander\Desktop\ares\Ares Lite Edition\AresLite[Caution: ExecutableFile] C:\Program Files\CursorXP\CursorXP[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile] C:\Program Files\ewido\security suite\ewidoctrl[Caution: ExecutableFile] C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile] C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile] C:\WINDOWS\System32\nvsvc32[Caution: ExecutableFile] C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService[Caution: ExecutableFile] C:\Program Files\Webroot\Spy Sweeper\WRSSSDK[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr[Caution: ExecutableFile] C:\WINDOWS\System32\wuauclt[Caution: ExecutableFile] C:\Hijackthis\HijackThis[Caution: ExecutableFile] O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile] O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05[Caution: ExecutableFile] O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a[Caution: ExecutableFile] O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon[Caution: ExecutableFile]" -lang 1033 O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin[Caution: ExecutableFile]" /StartupJobs O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio[Caution: ExecutableFile]" /RANDOM O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt[Caution: ExecutableFile] O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon[Caution: ExecutableFile] /Consumer O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper[Caution: ExecutableFile]" /startintray O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] /STARTUP O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [areslite] "C:\Documents and Settings\Sander\Desktop\ares\Ares Lite Edition\AresLite[Caution: ExecutableFile]" -h O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP[Caution: ExecutableFile]" -s O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire[Caution: ExecutableFile] O4 - Global Startup: Adobe Gamma Loader[Caution: ExecutableFile].lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D3A7982E-915D-4589-8ECE-249F70D0C941} (Launch Control) - http://aaotracker.4players.de/LaunchGame.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F28B19E0-2F1A-4189-97C7-CF3FDED1F881}: NameServer = 194.126.115.18 194.126.101.34 O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile] O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile] O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile] O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile] O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile] O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile] O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl[Caution: ExecutableFile] O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile] O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32[Caution: ExecutableFile] O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan[Caution: ExecutableFile] O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile] O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile] O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile] O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService[Caution: ExecutableFile] O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK[Caution: ExecutableFile] O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr[Caution: ExecutableFile] Ewido results --------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 23:16:24, 15.11.2005 + Report-Checksum: E37F7103 + Scan result: HKLM\SOFTWARE\Need2Find -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup HKLM\SOFTWARE\Need2Find\bar\Partner -> Spyware.Need2Find : Cleaned with backup HKU\S-1-5-21-1417001333-1677128483-682003330-1004\Software\Need2Find -> Spyware.Need2Find : Cleaned with backup HKU\S-1-5-21-1417001333-1677128483-682003330-1004\Software\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup C:\Documents and Settings\Rein\Cookies\[email protected][2].txt -> Spyware.Cookie.Adocean : Cleaned with backup C:\Documents and Settings\Sander\Cookies\sander@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup C:\Documents and Settings\Sander\Cookies\sander@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup C:\Documents and Settings\Sander\Cookies\sander@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup C:\Documents and Settings\Sander\Cookies\sander@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup C:\Program Files\Need2Find -> Spyware.Need2Find : Cleaned with backup C:\Program Files\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup C:\Program Files\Need2Find\bar\History -> Spyware.Need2Find : Cleaned with backup C:\Program Files\Need2Find\bar\History\%21.jpg -> Spyware.Need2Find : Cleaned with backup C:\Program Files\Need2Find\bar\History\%23.jpg -> Spyware.Need2Find : Cleaned with backup C:\Program Files\Need2Find\bar\History\%ÃÆââ¬Å¡Ãâä2.jpg -> Spyware.Need2Find : Cleaned with backup C:\Program Files\Need2Find\bar\History\)ÃÆââ¬Å¡Ãâä2.jpg -> Spyware.Need2Find : Cleaned with backup C:\Program Files\Need2Find\bar\Settings -> Spyware.Need2Find : Cleaned with backup C:\RECYCLER\S-1-5-21-1417001333-1677128483-682003330-1004\Dc3[Caution: ExecutableFile] -> Not-A-Virus.Hoax.Win32.Renos.w : Cleaned with backup C:\RECYCLER\S-1-5-21-1417001333-1677128483-682003330-1004\Dc4[Caution: ExecutableFile] -> Not-A-Virus.Hoax.Win32.Renos.w : Cleaned with backup C:\WINDOWS\explorer1[Caution: ExecutableFile] -> TrojanDropper.Small.aia : Cleaned with backup ::Report End
  11. Sharky009
    Ok will post the log in a sec. But check up to my last post... Maybe u can say something about this? And yes, manually as "Pressed delete button on keyboard" :P
  12. Sharky009
    Housecall found 23 spyware. Got rid of them. Panda scan found This Incident Status Location Adware:adware/spysheriff No disinfected C:\winstall[Caution: ExecutableFile] Adware:adware/cws.searchmeup No disinfected C:\WINDOWS\kl[Caution: ExecutableFile] Adware:adware/twain-tech No disinfected C:\WINDOWS\smdat32a.sys Adware:adware/isearch No disinfected C:\WINDOWS\tool2[Caution: ExecutableFile] Adware:adware/need2find No disinfected C:\PROGRAM FILES\Need2Find Spyware:spyware/dyfuca No disinfected Windows Registry Possible Virus. No disinfected C:\Program Files\Valve\cstrike\nk hack.dll Possible Virus. No disinfected C:\Program Files\Valve\nk hack.dll Adware:Adware/SpySheriff No disinfected C:\WINDOWS\tool2[Caution: ExecutableFile] Adware:Adware/SpySheriff No disinfected C:\winstall[Caution: ExecutableFile] Didn't delete them automatically so had to delete them manually.. But I couldn't delete this "kl[Caution: ExecutableFile]" //Edit: Ok I read another thread on this forum. A guy with a similar problem like mine posted this screenshot... I had the same thing. And I had a weird background. It wasn't the one what u, coltm4carbine, showed to him - It was something else. I can't remember it very much. And I still can't change my desktop wallpaper.
  13. Sharky009
    Hmm... I scanned with AVG in safemode. It found only 1 - the "loader[Caution: ExecutableFile]" So I got rid of that. But it didn't find the other ones. Maybe it was because I turned off system restore in Safe mode and didn't restart the computer. :roll:
  14. Sharky009
    Yes, I was the administrator. I remember I had alot of errors when installing Norton. So I think it was the fault of the Setup file. Maybe I should try Kaspersky? I'll download the trial maybe?
  15. Sharky009
    Ok.. I disabled the system restore. I go to safemode. But I can't run the full scan. I can't even run it in normal mode. I'm getting an error like that http://service1.symantec.com/support/nav.nsf/docid/2002100717403806?OpenDocument&src=_mi&product=NAV&version=11.0&language=english&module=3014&error=554&build=STANDARD
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept