Custom Search
Join the PC homebuilding revolution! Read the all-new, FREE 200-page online guide: How to Build Your Own PC!
NOTE: Using robot software to mass-download the site degrades the server and is prohibited. See here for more.
Find The PC Guide helpful? Please consider a donation to The PC Guide Tip Jar. Visa/MC/Paypal accepted.
Page 1 of 2 12 LastLast
Results 1 to 25 of 32

Thread: how do i remove these adwares

  1. #1

    how do i remove these adwares

    when i ran spysweeper it detected the following adwares. internet optimizer, roings search enhancement, money tree,webhancer. when i ran spyware doctor it said all spywares are removed. why is it so. when i open a browser page it auto matically gets directed to adultfriendfinder site. its a browser attack how do i remove all these. please help.

  2. #2
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,167
    Download a copy of Hijackthis. Unzip it into a permanent folder.
    Click on the icon.
    Choose the option to scan and create a log.
    Post the contents of the log here for review.
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  3. #3

    how do i remove these adwares

    Logfile of HijackThis v1.99.1
    Scan saved at 5:54:45 AM, on 2/12/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINXP\System32\smss.exe
    C:\WINXP\system32\csrss.exe
    C:\WINXP\SYSTEM32\winlogon.exe
    C:\WINXP\system32\services.exe
    C:\WINXP\system32\lsass.exe
    C:\WINXP\system32\svchost.exe
    C:\WINXP\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINXP\Explorer.EXE
    C:\WINXP\System32\svchost.exe
    C:\WINXP\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINXP\system32\spoolsv.exe
    C:\WINXP\System32\ezSP_Px.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\windows\eee2.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINXP\System32\msgconfigrs.exe
    C:\WINXP\System32\alg.exe
    D:\norton antivirus v.imp\navapsvc.exe
    C:\Program Files\Network Monitor\netmon.exe
    C:\Program Files\Common Files\AOL\1132619104\ee\AOLHostManager.exe
    C:\Program Files\Common Files\AOL\1132619104\ee\AOLServiceHost.exe
    D:\norton antivirus v.imp\AdvTools\NPROTECT.EXE
    D:\norton antivirus v.imp\SAVScan.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    C:\Program Files\Netscape\Netscape\Netscp.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe
    C:\Program Files\Spyware Doctor\Update.exe
    C:\Documents and Settings\swapna\Desktop\HijackThis.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://about:blank
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shell.windows.com/fileassoc/0...ir.asp?Ext=pdf
    R3 - URLSearchHook: (no name) - _{EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\prefs.j s)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\norton antivirus v.imp\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINXP\System32\msdxm.ocx
    O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\norton antivirus v.imp\NavShExt.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINXP\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check] D:\NORTON~1.IMP\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1132619104\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [Microsoft Configs 32] msgconfigrs.exe
    O4 - HKLM\..\Run: [ahkw] C:\windows\eee2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\RunServices: [Microsoft Configs 32] msgconfigrs.exe
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [Microsoft Configs 32] msgconfigrs.exe
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O15 - Trusted Zone: *.media-motor.net
    O15 - Trusted Zone: *.popuppers.com
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{66E25A70-9663-449B-9FB6-91FE0F364123}: NameServer = 10.100.100.1,202.63.164.18,202.63.164.17,202.71.13 6.67
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - D:\norton antivirus v.imp\navapsvc.exe
    O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\norton antivirus v.imp\AdvTools\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - D:\norton antivirus v.imp\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    when i start windows after sometime a blank browser opens at the corner of which is written duf

  4. #4
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,167
    Let's see what Ewido can fix w/o doing it manually.

    Please download, install, and update the NEW free version of Ewido trojan scanner:

    1. When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
    2. When you run Ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
    3. From the main Ewido screen, click on update in the left menu, then click the Start update button.
    4. After the update finishes (the status bar at the bottom will display "Update successful")


    Perform a full system scan and fix all that it finds.

    Post back with a new HJT log and the Ewido log.
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  5. #5

    how do i remove this

    thanks.

    ---------------------------------------------------------
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 8:56:04 AM, 2/20/2006
    + Report-Checksum: 3581B4CB

    + Scan result:

    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\PocketLAN for Pocket PC 2002 2.51 FULL.rar/PocketLAN for Pocket PC 2002 2.51 FULL\Navigon 2 Keygenerator.exe -> Backdoor.RCServ.c : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\PocketLAN for Pocket PC 2002 2.51 FULL.rar/PocketLAN for Pocket PC 2002 2.51 FULL\SetupPL2520.exe -> Backdoor.Wollf.a : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\hack\complete_set_hacking_tools+manuals\ hacking_tools\hvlscan.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\hack\complete_set_hacking_tools+manuals\ hacking_tools\wingatespoof_hlp.zip/UHANFO.EXE -> Trojan.ControlDuSockets.a : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\Ghost.Keylogger.3.73..(by.king-alp).rar/Ghost Keylogger v3.73 Crack contains viruses according to panda online scan\syncagent.EXE -> Logger.GhostKeyLogger.c : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\spywares\iOpus_Software+Serialsz_Starr_P C_Monitor_Pro3.23_Password_RecoveryXP4.0_Internet_ Macros3.04_Beee2.24-www.eselgate.de.rar/iOpus-Software\Starr 3.23 pro\iopus-starr-pro-setup.exe/wsys.exe -> Not-A-Virus.Monitor.Win32.Starr.323 : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\WUSave.cab/Save.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\WUSave.cab/SaveUninst.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\2 WUSave.cab/Save.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\2 WUSave.cab/SaveUninst.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\saveinstwm.exe/Save.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\saveinstwm.exe/SaveUninst.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\saveinstwm.exe/Save.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\saveinstwm.exe/SaveUninst.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\saveinstwm.exe/Weather.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\saveinstwm.exe/Uninst.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\saveinstwm.exe/Weather.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\adware\saveinstwm.exe/Uninst.exe -> Adware.SaveNow : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\hack tool danger\Hacking Tools - Complete Set - Scan, crack, password, all u need! Banned Illegal CIA FBI Army.zip/HaxTools/enum.exe -> Not-A-Virus.HackTool.Win32.EnumPlus.a : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\hack tool danger\Hacking Tools - Complete Set - Scan, crack, password, all u need! Banned Illegal CIA FBI Army.zip/HaxTools/NC.EXE -> Backdoor.Ncx.a : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\2 iSpyNow v2.0 (keylogger).zip/iSpyNow v2.0.zip/hs-is2py.rar/ispynow-setup.exe -> Backdoor.Delf.bz : Ignored
    D:\my downloads\from d\My Downloads\hack,serial,peer\danger (viruses,spyware, diallers)\2 iSpyNow v2.0 (keylogger).zip/ISpyNow v2.0 WinALL.zip/hs-is2py.rar/ispynow-setup.exe -> Backdoor.Delf.bz : Ignored
    :mozilla.155:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.158:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.159:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.160:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup


    ::Report End


    "about the d drive im aware of these malwares"



    can u please suggest me a very good antivirus.

  6. #6

    how do i remove this

    Logfile of HijackThis v1.99.1
    Scan saved at 8:57:19 AM, on 2/20/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINXP\System32\smss.exe
    C:\WINXP\SYSTEM32\winlogon.exe
    C:\WINXP\system32\services.exe
    C:\WINXP\system32\lsass.exe
    C:\WINXP\system32\svchost.exe
    C:\WINXP\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINXP\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINXP\system32\spoolsv.exe
    C:\WINXP\System32\ezSP_Px.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINXP\System32\msgconfigrs.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Shareaza\Shareaza.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    C:\Program Files\Common Files\AOL\1132619104\ee\AOLHostManager.exe
    C:\Program Files\Common Files\AOL\1132619104\ee\AOLServiceHost.exe
    C:\Program Files\ewido\security suite\ewidoguard.exe
    D:\norton antivirus v.imp\navapsvc.exe
    D:\norton antivirus v.imp\AdvTools\NPROTECT.EXE
    D:\norton antivirus v.imp\SAVScan.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    C:\Program Files\Netscape\Netscape\Netscp.exe
    C:\Documents and Settings\swapna\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://about:blank
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shell.windows.com/fileassoc/0...ir.asp?Ext=pdf
    R3 - URLSearchHook: (no name) - _{EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\prefs.j s)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\norton antivirus v.imp\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINXP\System32\msdxm.ocx
    O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\norton antivirus v.imp\NavShExt.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINXP\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check] D:\NORTON~1.IMP\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1132619104\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [Microsoft Configs 32] msgconfigrs.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\RunServices: [Microsoft Configs 32] msgconfigrs.exe
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [Microsoft Configs 32] msgconfigrs.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O15 - Trusted Zone: *.media-motor.net
    O15 - Trusted Zone: *.popuppers.com
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{66E25A70-9663-449B-9FB6-91FE0F364123}: NameServer = 10.100.100.1,202.63.164.18,202.63.164.17,202.71.13 6.67
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
    O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - D:\norton antivirus v.imp\navapsvc.exe
    O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\norton antivirus v.imp\AdvTools\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - D:\norton antivirus v.imp\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

  7. #7
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,167
    Why did you choose to ignore those items. If you are downloading stuff like that you will never be clean.

    Did you place these in your trusted Zone?

    O15 - Trusted Zone: *.media-motor.net
    O15 - Trusted Zone: *.popuppers.com
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  8. #8

    how do i remove these adwares

    im aware that those items that i ignored are dangerous. ive kept them to be moved on to a separate cd

    O15 - Trusted Zone: *.media-motor.net
    O15 - Trusted Zone: *.popuppers.com

    no ive not placed them in my trusted zone. what shud i do now.


    can u suggest me a very good antivirus like ewido.
    what security softwares shud i always have on my pc that can detect these malwares, adwares, keyloggers, trojans, viruses etc.

    can u suggest me a good book that can teach me about security.

  9. #9
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,167
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://about:blank

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shell.windows.com/fileassoc/0...ir.asp?Ext=pdf

    R3 - URLSearchHook: (no name) - _{EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
    O4 - HKLM\..\Run: [Microsoft Configs 32] msgconfigrs.exe
    O4 - HKLM\..\RunServices: [Microsoft Configs 32] msgconfigrs.exe
    O4 - HKCU\..\Run: [Microsoft Configs 32] msgconfigrs.exe

    O15 - Trusted Zone: *.media-motor.net
    O15 - Trusted Zone: *.popuppers.com

    O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)

    Close all open program and browser windows except hijack this and click
    fix checked,

    Re-boot and post a new log
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  10. #10

    how do i remove these adwares

    Logfile of HijackThis v1.99.1
    Scan saved at 10:00:23 AM, on 2/27/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINXP\System32\smss.exe
    C:\WINXP\SYSTEM32\winlogon.exe
    C:\WINXP\system32\services.exe
    C:\WINXP\system32\lsass.exe
    C:\WINXP\system32\svchost.exe
    C:\WINXP\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINXP\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINXP\system32\spoolsv.exe
    C:\WINXP\System32\ezSP_Px.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Shareaza\Shareaza.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    D:\norton antivirus v.imp\navapsvc.exe
    D:\norton antivirus v.imp\AdvTools\NPROTECT.EXE
    D:\norton antivirus v.imp\SAVScan.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    C:\Program Files\Netscape\Netscape\Netscp.exe
    C:\Documents and Settings\swapna\Desktop\HijackThis.exe

    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\prefs.j s)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\norton antivirus v.imp\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINXP\System32\msdxm.ocx
    O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\norton antivirus v.imp\NavShExt.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINXP\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check] D:\NORTON~1.IMP\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{66E25A70-9663-449B-9FB6-91FE0F364123}: NameServer = 10.100.100.1,202.63.164.18,202.63.164.17,202.71.13 6.67
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
    O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - D:\norton antivirus v.imp\navapsvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\norton antivirus v.imp\AdvTools\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - D:\norton antivirus v.imp\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    can u suggest me a very good antivirus like ewido.
    what security softwares shud i always have on my pc that can detect these malwares, adwares, keyloggers, trojans, viruses etc.

    can u suggest me a good book that can teach me about security.

  11. #11
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,167
    For security:

    For anti-virus I recommend Avast

    For a firewall I use Sygate It is no longer supported so others like Kerio

    For what you do I would purchse the Ewido and all of it's updates.

    I would scan regularly with spy sweeper, Ewido and Avast.

    and lastly:

    Get that garbage off your PC and on to a CD pronto
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  12. #12

    how do i remove these adwares

    thank you very much for helping me out.

    For a firewall I use Sygate It is no longer supported so others like Kerio .....what do u mean by this statement

    can u suggest me a good book so that i can learn security from basics

    now is my pc clear of all the viruses.
    i will surely get the garbage out of my pc soon.

  13. #13
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,167
    The company that makes Sygate was sold and there are no updates. I like it for the depth of the configuration.

    Security changes too fast for books.....

    Remove the crap and then post another HJT and ewido log then we will know if you are clean for sure.
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  14. #14

    how do i remove this adwares

    ok i will do that and mail u the log

  15. #15

    how do i remove this

    please let me know which startup items are not necessary. what is this ezshieldprotector

    ewido anti-malware - Startup report
    ---------------------------------------------------------

    + Created on: 9:12:16 AM, 3/5/2006
    + Report-Checksum: BEB5DFF7

    Reg\HKLM\Run ezShieldProtector for Px C:\WINXP\System32\ezSP_Px.exe

    Reg\HKLM\Run ccApp "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

    Reg\HKLM\Run Advanced Tools Check D:\NORTON~1.IMP\AdvTools\ADVCHK.EXE

    Reg\HKLM\Run SSC_UserPrompt C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe

    Reg\HKLM\Run SunJavaUpdateSched C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

    Reg\HKCU\Run SpySweeper C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0

    Reg\HKCU\Run Shareaza "C:\Program Files\Shareaza\Shareaza.exe" -tray

    Reg\HKCU\Run MSMSGS "C:\Program Files\Messenger\msmsgs.exe" /background

    Shell\CommonStartup Microsoft Office.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk

  16. #16

    how do i remove this

    ---------------------------------------------------------
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 8:48:48 AM, 3/5/2006
    + Report-Checksum: F0F2550C

    + Scan result:


    :mozilla.140:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.143:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.144:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.145:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.146:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.147:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.149:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.150:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.151:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.153:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.162:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Doubleclick : Cleaned with backup
    :mozilla.166:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.167:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.168:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.169:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.170:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.171:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.172:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.173:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.174:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.175:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.176:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.177:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.178:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.184:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.185:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.186:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.188:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.189:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.190:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.198:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.206:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.207:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.208:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.209:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.210:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.211:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup

    ::Report End

  17. #17

    how do i remove this

    Logfile of HijackThis v1.99.1
    Scan saved at 9:13:52 AM, on 3/5/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINXP\System32\smss.exe
    C:\WINXP\SYSTEM32\winlogon.exe
    C:\WINXP\system32\services.exe
    C:\WINXP\system32\lsass.exe
    C:\WINXP\system32\svchost.exe
    C:\WINXP\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINXP\system32\spoolsv.exe
    D:\norton antivirus v.imp\navapsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Shareaza\Shareaza.exe
    D:\norton antivirus v.imp\AdvTools\NPROTECT.EXE
    C:\Program Files\Messenger\msmsgs.exe
    D:\norton antivirus v.imp\SAVScan.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\WINXP\explorer.exe
    C:\Program Files\Netscape\Netscape\Netscp.exe
    C:\Documents and Settings\swapna\Desktop\HijackThis.exe

    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\prefs.j s)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\norton antivirus v.imp\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINXP\System32\msdxm.ocx
    O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\norton antivirus v.imp\NavShExt.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINXP\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check] D:\NORTON~1.IMP\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{66E25A70-9663-449B-9FB6-91FE0F364123}: NameServer = 10.100.100.1,202.63.164.18,202.63.164.17,202.71.13 6.67
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - D:\norton antivirus v.imp\navapsvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\norton antivirus v.imp\AdvTools\NPROTECT.EXE
    O23 - Service: SAVScan - Symantec Corporation - D:\norton antivirus v.imp\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    awaiting for a reply. ive sent u 3 reports startup items , ewido and hijack this

  18. #18
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,167
    Your log looks clean.

    I would kill:

    Reg\HKCU\Run Shareaza "C:\Program Files\Shareaza\Shareaza.exe" -tray

    from startup you can load it when you need it.

    How is the system running?
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  19. #19

    how do i remove these adwares

    today as my system started i got the msg "unable to load driver 2" i had to press ok. then it went off after sometime.
    few days back norton detected w32spybot worm. i ran the antivirus in safe mode. i did not get any msg but in the final window it displayed detected virus one and deleted one .i was not sure was it the spybot worm. since then no worm was detected. i did got to nav site to check removal of spybot worm. it said to delete some registry entries. since spybot was not detected again i did not check the registry.
    in my start up log from ewido there were one entry

    Reg\HKLM\Run ezShieldProtector for Px C:\WINXP\System32\ezSP_Px.exe

    which program has installed ezShieldProtector and is it necessary .if not how do i remove it

    i use shareza to download music videos. i will disable shareza from startup list.

    im again sending u the report from ewido scan which a performed today

  20. #20

    how do i remove these adwares

    -
    why am i getting these below result even after ewido removes it always
    --------------------------------------------------------
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 8:08:01 AM, 3/6/2006
    + Report-Checksum: AC339C93

    + Scan result:


    :mozilla.126:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.129:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.130:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.131:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.132:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.133:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.135:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.136:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.137:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.139:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.148:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Doubleclick : Cleaned with backup
    :mozilla.152:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.153:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.154:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.155:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.156:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.157:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.158:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.159:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.160:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.161:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.162:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.163:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.164:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.170:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.171:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.172:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.174:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.175:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.176:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.182:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.189:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.190:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.191:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.192:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.193:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.194:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.197:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.198:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.199:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.200:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.201:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup
    :mozilla.202:C:\Documents and Settings\swapna\Application Data\Mozilla\Profiles\default\xk1hebj0.slt\cookies .txt -> TrackingCookie.Esomniture : Cleaned with backup


    ::Report End

  21. #21
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,167
    You system appears free of malware.........

    How is it running?

    Any pop-ups?
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  22. #22

    how to remove these adwares

    which program has installed ezshield protector
    in the ewido log the tracking cookies which are detected are they dangerous and do i have to remove them always using ewido

  23. #23
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,167
    Quote Originally Posted by gotodreams
    which program has installed ezshield protector
    The answer is here

    Quote Originally Posted by gotodreams
    in the ewido log the tracking cookies which are detected are they dangerous and do i have to remove them always using ewido
    You will always get cookies unless you turn them off. They are really of no consequence. You can remove them if you want.
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

  24. #24

    how do i remove these adwares

    thanks a lot for all ur help. god bless. hope to be in touch with u soon

  25. #25
    Join Date
    Jul 2001
    Location
    Wyncote, PA, USA
    Posts
    10,167
    Now you need to armor up so this does not happen again.

    Step One: Switch to Firefox. Since switching to Firefox I am spyware free. It's just a better browser and safer to boot. Add the Noscript Extension and you are very safe.

    Step Two: Download, install and keep updated SpywareBlaster

    Step Three:Get yourself a firewall. Your choices for a free firewall are Kerio and Sygate

    Step Four: Make sure you keep your AV software updated.
    No two moments are alike and a person who thinks that any two moments are alike has never lived.

    A.J. Heschel

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •