Tech Support banner

Status
Not open for further replies.
1 - 20 of 76 Posts

·
Registered
Joined
·
129 Posts
Discussion Starter #1
Could someone please help me??? I downloaded adware se and spybot and I am still getting popup's from surf sidekick. I can not seem to delete the file. I also tryed doing a hijack this logfile but for some reason I am having trouble doing this. Please help!

Thank you
Michelle
 

·
Registered
Joined
·
1,462 Posts
Please download HijackThis http://www.greyknight17.com/spy/HijackThis.exe- this program will help us determine if there are any spyware/malware

on your computer. Create a folder at C:\HJT and move HijackThis.exe there. Double click on the program to run it.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Post that log here!
 

·
Registered
Joined
·
129 Posts
Discussion Starter #3
I clicked your link and it ask me to run or save. First I hit run and nothing happens & than I tried saving and I get a message saying: Cannot not copy hijack this, make sure the disk is not full or write protected & that the file is not currently in use & I also get a message from Mcafee saying: W32/generic worm!p2p. Is this normal??

Thank you
 

·
Registered
Joined
·
1,462 Posts
oh yes, McAfee...
Dont worry about that, we'll take different routes.

Download MWaveScan
  • Double-click mwav.exe and unzip it to its default Directory @ C:\Kaspersky
  • Locate "kavupd.exe" in the New Folder and Double Click to Update.
  • If it says the signatures are more than 30 days old, keep trying![*]Keep trying until you get the actual signatures! (it will say "downloading yadda yadda yadda")
  • When you see "Updates downloaded Successfully, please press any key to continue" go ahead, but do not run anything else in this folder...


Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.


Now go to the Kaspersky folder-> Locate and Double Click "mwavscan.com" to launch the MWAV Scanner!

Once opened-> Leave the Default Settings "ticked" and add a "tick" to"Drives"-> this will light up "All Drives"-> Add a "tick" to "Scan all Files"-> Click "Scan Clean" to begin!
This Scan may take Several Hours or more to Complete,Depending on the Hard Drive Size!

Please be sure it is Completed before proceeding!

1. Once the Scan has finished, All entries Identified as Infected will displayed in the lower pane! - Highlight everything that is inside the lower pane and press Ctrl+C at the same time to Copy!
2. Open a Blank Notepad Page and Paste the results (Ctrl+V) to it and Save it to your Desktop!
 

·
Registered
Joined
·
129 Posts
Discussion Starter #5
I hope this is right!


ile C:\WINDOWS\cpbrkpie.ocx tagged as not-a-virus:AdWare.Win32.Coupons. No Action Taken.
File C:\WINDOWS\system32\7gb4fstj.dll tagged as not-a-virus:AdWare.Win32.Sahat.ad. No Action Taken.
File C:\WINDOWS\system32\bo3si2d6.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken.
File C:\WINDOWS\system32\gevvnlmn.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken.
File C:\WINDOWS\system32\Screensaver_Manager.v.1.4[1].exe infected by "Trojan-Proxy.Win32.Mitglieder.cu" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Michelle Hammann\Local Settings\Temp\i3D.tmp tagged as not-a-virus:AdWare.Win32.SurfSide.j. No Action Taken.
File C:\Documents and Settings\Michelle Hammann\Local Settings\Temp\RelatedSetup.exe infected by "Trojan-Downloader.Win32.Small.bmx" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Michelle Hammann\Local Settings\Temp\SSK3_B5.exe infected by "Trojan-Dropper.Win32.Small.qn" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Michelle Hammann\Local Settings\Temp\updater.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Michelle Hammann\Local Settings\Temporary Internet Files\Content.IE5\49MNC92N\WinFixer2005ScannerInstall[1].exe tagged as not-a-virus:Downloader.Win32.Agent.d. No Action Taken.
File C:\Program Files\Common Files\fqbrrqtc\dfpcfofe\altdtobq.exe tagged as not-a-virus:AdWare.Win32.Gator.a. No Action Taken.
File C:\Program Files\Common Files\fqbrrqtc\femcdbnarn\nttftndus.exe tagged as not-a-virus:AdWare.Win32.Gator.a. No Action Taken.
File C:\Program Files\iWon\Messenger\bin\IWONIDLE.DLL tagged as not-a-virus:AdWare.IWon.a. No Action Taken.
File C:\Program Files\iWon\Messenger\bin\iWonIdle0.dll tagged as not-a-virus:AdWare.IWon.a. No Action Taken.
File C:\Program Files\Microsoft AntiSpyware\Quarantine\191A5CE7-283C-434C-A3E0-BC637B\9110E3E6-5322-4A23-82E6-81CE74 tagged as not-a-virus:AdWare.Win32.DelphinMedia.Viewer.f. No Action Taken.
File C:\Program Files\Microsoft AntiSpyware\Quarantine\22EBC618-EDDD-480B-801A-2A99DD\4BD7AD27-220B-48FF-AE09-491480 tagged as not-a-virus:AdWare.Win32.DelphinMedia.Viewer.f. No Action Taken.
File C:\Program Files\Microsoft AntiSpyware\Quarantine\6A08A331-60F6-48FA-9CA4-A937E8\20E8F8B3-E674-4247-AEBF-BA06FD tagged as not-a-virus:AdWare.Win32.DelphinMediaViewer.c. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP585\A0043010.dll tagged as not-a-virus:AdWare.IWon.a. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP601\A0045428.dll tagged as not-a-virus:AdWare.IWon.a. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP601\A0045451.dll tagged as not-a-virus:AdWare.IWon.a. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP603\A0045550.dll tagged as not-a-virus:AdWare.IWon.a. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP610\A0045758.dll tagged as not-a-virus:AdWare.IWon.a. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP616\A0045997.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP616\A0045999.dll tagged as not-a-virus:AdWare.Win32.Sahat.ad. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP617\A0046119.dll tagged as not-a-virus:AdWare.IWon.a. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP619\A0046224.exe tagged as not-a-virus:AdWare.Win32.Gator.1008. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP619\A0046242.dll tagged as not-a-virus:AdWare.IWon.a. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP622\A0046338.exe tagged as not-a-virus:AdWare.Win32.Sahat.f. No Action Taken.
File C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP624\A0047433.exe infected by "Trojan-Proxy.Win32.Mitglieder.cu" Virus. Action Taken: File Deleted.
File C:\WINDOWS\cpbrkpie.ocx tagged as not-a-virus:AdWare.Win32.Coupons. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\popcaploader.dll tagged as not-a-virus:Downloader.Win32.PopCap.b. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\Preloader.dll tagged as not-a-virus:Downloader.Win32.OTXloader. No Action Taken.
File C:\WINDOWS\SYSTEM32\7gb4fstj.dll tagged as not-a-virus:AdWare.Win32.Sahat.ad. No Action Taken.
File C:\WINDOWS\SYSTEM32\bo3si2d6.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken.
File C:\WINDOWS\SYSTEM32\gevvnlmn.ini tagged as not-a-virus:AdWare.Win32.Sahat.ao. No Action Taken.






Thanks!
 

·
Registered
Joined
·
6,574 Posts
Download KillBox http://www.greyknight17.com/spy/KillBox.exe.

Please download CleanUp! (Alternate Link if main link don't work - http://www.greyknight17.com/spy/CleanUp.exe ) and install it. Do not run it yet!

Run KillBox and check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'. For each of the following files below, check the box that says 'Unregister .dll Before Deleting' if it's not grayed out. Copy and paste each of the following into KillBox (hitting the X button for each file - Choose YES when informs you the file will be deleted on Reboot. Choose NO when it asks if you want to reboot):

C:\WINDOWS\cpbrkpie.ocx
C:\Documents and Settings\Michelle Hammann\Local Settings\Temp\i3D.tmp
C:\Documents and Settings\Michelle Hammann\Local Settings\Temporary Internet Files\Content.IE5\49MNC92N\WinFixer2005ScannerInst all[1].exe
C:\Program Files\Common Files\fqbrrqtc
C:\Program Files\iWon
C:\WINDOWS\cpbrkpie.ocx
C:\WINDOWS\Downloaded Program Files\popcaploader.dll .
C:\WINDOWS\Downloaded Program Files\Preloader.dll
C:\WINDOWS\SYSTEM32\7gb4fstj.dll
C:\WINDOWS\SYSTEM32\bo3si2d6.ini
C:\WINDOWS\SYSTEM32\gevvnlmn.ini


Empy this folder:

C:\Program Files\Microsoft AntiSpyware\Quarantine\


Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
    [X]Scan local drives for temporary files (Please uncheck this option)
  • Cleanup! All Users
Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.

WARNING - CleanUp! will delete all files and folders contained within Temporary Directories. If you knowingly have items you would like to keep stored in these locations, Move them now!!!

Please run an online virus scan at Panda ActiveScan. Save the results and bring them with you in your next post.

Return a fresh HJT log when you're done.


FYI...Microsoft Antispyware - While in it's 'BETA' version, this program can be describe as 'rogueware'. Rogue/Suspect means that these products are of unknown, questionable, or dubious value as anti-spyware protection. Please read the following discussion to help you decide. http://www.techsupportforum.com/showthread.php?goto=newpost&t=59797
 

·
Registered
Joined
·
129 Posts
Discussion Starter #7
Okay here is the results:


Incident Status Location

Spyware:Spyware/SurfSideKick No disinfected C:\Program Files\SurfSideKick 3\SskCore.dll
Adware:Adware/TVMedia No disinfected C:\Program Files\SurfSideKick 3\SskBho.dll
Adware:adware/quicksearch No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\Install.inf
Spyware:spyware/surfsidekick No disinfected C:\Documents and Settings\Michelle Hammann\Local Settings\Temporary Internet Files\Ssk.log
Spyware:spyware/betterinet No disinfected C:\WINDOWS\INF\biini.inf
Adware:adware/coupons No disinfected C:\WINDOWS\cpbrkpie.ocx
Adware:adware/exact.bargainbuddyNo disinfected C:\WINDOWS\msxct1.ini
Adware:adware/ncase No disinfected C:\PROGRAM FILES\FlashTalk
Adware:adware/savenow No disinfected C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\nsv
Adware:adware/delfinmedia No disinfected Windows Registry
Adware:Adware/CWS No disinfected C:\Documents and Settings\Michelle Hammann\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-6fd9f626-21349751.class
Adware:Adware/Gator No disinfected C:\Program Files\Common Files\fqbrrqtc\dfpcfofe\altdtobq.exe

Did I do this right??
 

·
TSF Security Manager, Emeritus
Joined
·
42,837 Posts
Hello nicdan,

Reboot into Safe Mode.

Copy the file names below to the clipboard by highlighting them and pressing Ctrl-C:

C:\Program Files\SurfSideKick 3\SskCore.dll
C:\Program Files\SurfSideKick 3\SskBho.dll
C:\WINDOWS\DOWNLOADED PROGRAM FILES\Install.inf
C:\WINDOWS\INF\biini.inf
C:\WINDOWS\cpbrkpie.ocx
C:\WINDOWS\msxct1.ini
C:\Program Files\Common Files\fqbrrqtc\dfpcfofe\altdtobq.exe


Start KillBox.
Go to the File menu, and choose Paste from Clipboard.
Verify that you've done this properly by clicking the dropdown-arrow next to the Full Path of File to Delete field. The filenames you pasted will be found in there.
Select/tick the following:
* Delete on Reboot
* End Explorer Shell While Killing File
* Unregister.dll Before Deleting" if it's not grayed out.
Click the RED X button.

Click [Yes] at the 'Delete on Reboot' prompt. Click [No] at the Pending Operations prompt.

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

SurfSideKick 3
FlashTalk


Delete the following Files and Folders if they still exist.

C:\Program Files\SurfSideKick 3
C:\Program Files\Common Files\fqbrrqtc
C:\PROGRAM FILES\FlashTalk
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\nsv

Follow the instructions here to clean out your Java cache...
http://www.java.com/en/download/help/cache_virus.xml

Reboot into Normal Mode. Run another scan with Panda and post it here.

Please try again to download HijackThis:

http://www.greyknight17.com/spy/HijackThis.exe - this program will help us determine if there are any spyware/malware on your computer. Create a folder at C:\HJT and move HijackThis.exe there. Double click on the program to run it.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Post the hijackthis.log file here. Do not fix anything in HijackThis since they may be harmless.
 

·
TSF Security Manager, Emeritus
Joined
·
52,197 Posts
To be able to download and use HJT, make sure that your McAfee is up to date, version and definitions. Otherwise, it will continue to incorrectly ID part of it as a worm.

Your other option is to temporarily disable McAfee long enough to download and run the scan.

It seems McAfee is detecting the new HijackThis version as W32/Generic.worm!p2p. It is not the first time this happened and probably not the last time either. There is no virus in HijackThis. McAfee incorrectly detects the PE compression method I use on all of my programs as a generic Kazaa worm. I will try to contact McAfee about this and see if the incorrect detection can be removed in their next update.
[Update 2] Success! McAfee has put out new definitions that no longer detect HijackThis 1.99.1 as a virus.
http://www.merijn.org/
 

·
Registered
Joined
·
129 Posts
Discussion Starter #11
OKay I feel dumb now......Whats a clipboard??? I need to copy something to a clipboard is it the same as a notebook???? :4-dontkno
 

·
TSF Security Manager, Emeritus
Joined
·
42,837 Posts
See my reply to your PM... :wink:
 

·
Registered
Joined
·
129 Posts
Discussion Starter #13
here is hijack log:

Logfile of HijackThis v1.99.1
Scan saved at 10:49:54 AM, on 10/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\iWon\Messenger\bin\i1IMPipe.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Documents and Settings\Michelle Hammann\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sp/*http://www.yahoo.com
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: COMMUNICATOR - {4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} - C:\WINDOWS\SYSTEM32\communicator.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [ZingSpooler] C:\Program Files\Common Files\Zing\ZingSpooler.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MyPointsPointAlert] javaw -cp "C:\Program Files\MyPointsPointAlert\System\Code" Main lp: "C:\Program Files\MyPointsPointAlert"
O4 - HKLM\..\Run: [iWon Messenger Pipe] C:\Program Files\iWon\Messenger\bin\i1IMPipe.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [stb] C:\WINDOWS\system32\stb.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [C:_Program Files_WordPerfe3a] C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe /Watch
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: MyPoints - file://C:\Program Files\MyPointsPointAlert\System\Temp\mypoints_script0.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Point Alert - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - file://C:\Program Files\MyPointsPointAlert\System\Temp\mypoints_script0.htm (file missing) (HKCU)
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} (AsyncDownloader Class) - http://survey.otxresearch.com/Preloader.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://66.48.68.135/save/makeover.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/US/install.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.yorkphoto.com/YorkActivia.cab
O16 - DPF: {427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control) - http://www.imagestation.com/common/classes/BPImageEditor.cab?ver=1,1,0,32
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-9.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
O16 - DPF: {5E943D9C-F8DC-4258-8E3F-A61BB3405A33} (ZingBatchAXDwnl Class) - http://www.imagestation.com/common/classes/batchdwnl.cab?version=4,3,2,20802
O16 - DPF: {6B1B6D11-E497-11D3-BE0C-005004AD2E83} (ImageStation Home Printing Control) - http://www.imagestation.com/common/classes/ISUSPrintActiveX.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} (Snapfish File Upload ActiveX Control) - http://www.snapfish.com/SnapfishUpload.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4021/ftp.coupons.com/v3123/cpbrkpie.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - http://a320.g.akamai.net/7/320/1456...players/english/5.0/win/PulsePlayer5AxWin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {C915801D-6F00-49CD-8A9A-8DE5C11ADDC1} (Pixami Drag/Drop Upload UI Control) - http://www.photoworks.com/pixami/DragDropUploader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
 

·
Registered
Joined
·
129 Posts
Discussion Starter #14
Here is Panda scan:

Incident Status Location

Spyware:spyware/surfsidekick No disinfected C:\Documents and Settings\Michelle Hammann\Local Settings\Temporary Internet Files\Ssk.log
Adware:adware/savenow No disinfected C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\nsv
Adware:adware/delfinmedia No disinfected Windows Registry
Adware:Adware/CWS No disinfected C:\Documents and Settings\Michelle Hammann\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\SecurityClassLoader.class-6fd9f626-21349751.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\a.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\b.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\ba.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bb.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bc.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bd.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\be.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bf.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bg.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bh.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bi.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bj.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bk.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bl.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bm.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bn.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bo.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bp.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bq.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\br.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bs.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bt.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bu.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bv.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bw.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bx.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\by.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\bz.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\c.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\ca.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cb.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cc.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cd.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\ce.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cf.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cg.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\ch.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\ci.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cj.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\ck.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cl.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cm.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cn.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\co.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cp.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cq.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cr.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cs.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\ct.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cu.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cv.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cx.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\cz.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\d.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\da.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\db.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dc.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dd.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\de.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\df.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\di.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dl.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dn.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dp.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dr.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\ds.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dt.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\du.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dv.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dw.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dy.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\dz.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\ed.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\f.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\h.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\i.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\j.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\l.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\m.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\Main.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\n.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\p.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\q.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\r.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\s.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\t.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\u.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\w.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\MyPointsPointAlert\System\Code\x.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\MyPointsPointAlert\System\Code\y.class
Adware:Adware/Gator No disinfected C:\RECYCLER\S-1-5-21-202006160-4084473541-3789031440-1007\Dc2\dfpcfofe\altdtobq.exe
Adware:Adware/Gator No disinfected C:\RECYCLER\S-1-5-21-202006160-4084473541-3789031440-1007\Dc2\femcdbnarn\nttftndus.exe
Spyware:Spyware/SurfSideKick No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP602\A0045524.dll
Spyware:Spyware/SurfSideKick No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP602\A0045525.dll
Spyware:Spyware/SurfSideKick No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP602\A0045526.exe
Adware:Adware/TVMedia No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP616\A0046002.dll
Spyware:Spyware/SurfSideKick No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP616\A0046003.dll
Spyware:Spyware/SurfSideKick No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP616\A0046004.exe
Adware:Adware/Gator No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP619\A0046224.exe
Adware:Adware/Coupons No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP625\A0047691.ocx
Adware:Adware/TVMedia No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP625\A0047746.dll
Spyware:Spyware/SurfSideKick No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP625\A0047747.dll
Spyware:Spyware/SurfSideKick No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP625\A0047748.exe
Spyware:Spyware/BetterInet No disinfected C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP625\A0047751.inf
 

·
Registered
Joined
·
6,574 Posts
Download KillBox http://www.greyknight17.com/spy/KillBox.exe.

Run KillBox and check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'. For each of the following files below, check the box that says 'Unregister .dll Before Deleting' if it's not grayed out. Copy and paste each of the following into KillBox (hitting the X button for each file - Choose YES when informs you the file will be deleted on Reboot. Choose NO when it asks if you want to reboot):

C:\Documents and Settings\Michelle Hammann\Local Settings\Temporary Internet Files\Ssk.log
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\nsv
C:\Documents and Settings\Michelle Hammann\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Se curityClassLoader.class-6fd9f626-21349751.class
C:\Program Files\MyPointsPointAlert


Reboot your computer.

Please download Trend Micro™ Anti-Spyware for the Web Utility (by clicking the "Scan and Clean your PC" button).
  • Save it to your desktop.
  • Double-click the new icon on your desktop (tmas-web-scan.exe)
  • It will say "Loading TrendMicro definitions".
  • Once the definitions are loaded, the program will appear to close then re-open.
  • Click "Start Scan"
  • After it's done scanning, click "Scan Results"
  • Make sure all items found have a check next to them, then click "Clean Threats Now".
  • Click Exit.
Reboot your computer. In place of the TrendMicro icon will be a text file called "Antispyware.log", please double-click that log and copy the entire contents and paste them in your next post.
 

·
Registered
Joined
·
129 Posts
Discussion Starter #16
Here is the antispyware log:

Started Scanning
Internet Cookies
Found 'apmebf.com' in 'Internet Explorer Cache'
Found 'realmedia.com' in 'Internet Explorer Cache'
Found 'casalemedia.com' in 'Internet Explorer Cache'
Found 'ads.pointroll.com' in 'Internet Explorer Cache'
Found 'fastclick.net' in 'Internet Explorer Cache'
Found 'z1.adserver.com' in 'Internet Explorer Cache'
Found 'questionmarket.com' in 'Internet Explorer Cache'
Found 'targetnet.com' in 'Internet Explorer Cache'
Found 'citi.bridgetrack.com' in 'Internet Explorer Cache'
Found 'atdmt.com' in 'Internet Explorer Cache'
Found 'trafficmp.com' in 'Internet Explorer Cache'
Found 'azjmp.com' in 'Internet Explorer Cache'
Found 'www.shopathomeselect.com' in 'Internet Explorer Cache'
Found 'qksrv.net' in 'Internet Explorer Cache'
Found 'imrworldwide.com' in 'Internet Explorer Cache'
Found 'edge.ru4.com' in 'Internet Explorer Cache'
Found 'adopt.specificclick.net' in 'Internet Explorer Cache'
Found 'hits.clickandtrack.net' in 'Internet Explorer Cache'
Found 'serving-sys.com' in 'Internet Explorer Cache'
Found 'mediaplex.com' in 'Internet Explorer Cache'
Found 'servedby.advertising.com' in 'Internet Explorer Cache'
Found 'tribalfusion.com' in 'Internet Explorer Cache'
Found 'ad.yieldmanager.com' in 'Internet Explorer Cache'
Found 'hitbox.com' in 'Internet Explorer Cache'
Found 'centrport.net' in 'Internet Explorer Cache'
Found 'revenue.net' in 'Internet Explorer Cache'
Found '2o7.net' in 'Internet Explorer Cache'
Found 'advertising.com' in 'Internet Explorer Cache'
Found 'go.com' in 'Internet Explorer Cache'
Found 'doubleclick.net' in 'Internet Explorer Cache'
Found 'maxserving.com' in 'Internet Explorer Cache'
Found 'keywordmax.com' in 'Internet Explorer Cache'
Programs in Memory
Windows Registry
Found 'Search Bar' in 'Software\Microsoft\Internet Explorer\Main'
Found '' in 'Software\Dynamic Toolbar'
Found '' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinMX'
Found '' in 'SOFTWARE\Mvu'
Found '' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility'
Found '' in 'Software\Mvu'
Internet URL Shortcuts
Files and Directories
Found 'wmv0104.dbd' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv0106.ddx' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv0204.ddx' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv0315.ddx' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv0412.ddx' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv0504.ddx' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv0904.ddx' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv1125.ddx' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv1204.ddx' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv1215.dbd' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv1909.ddx' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv1920.dbd' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found 'wmv2007.dbd' in 'C:\Documents and Settings\All Users\Application Data\nsv'
Found '' in 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX'
Found '' in 'C:\Program Files\Dynamic Toolbar'
Found 'a.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'b.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ba.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bb.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bc.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bd.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'be.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bf.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bg.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bh.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bi.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bj.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bk.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bl.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bm.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bn.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bo.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bp.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bq.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'br.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bs.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bt.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bu.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bv.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bw.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bx.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'by.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'bz.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'c.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ca.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cb.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cc.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cd.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ce.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cf.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cg.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ch.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ci.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cj.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ck.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cl.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cm.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cn.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'co.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cp.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cq.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cr.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cs.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ct.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cu.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cv.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cw.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cx.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cy.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'cz.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'd.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'da.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'db.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dc.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dd.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'de.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'df.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dg.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dh.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'di.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dj.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dk.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dl.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dn.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dp.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dq.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dr.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ds.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dt.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'du.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dv.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dw.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dy.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'dz.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'e.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ea.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'eb.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ec.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'ed.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'f.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'g.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'h.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'i.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'j.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'k.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'l.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'm.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'Main.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'n.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'o.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'p.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'q.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'r.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 's.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 't.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'u.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'v.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'w.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'x.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'y.class' in 'C:\Program Files\MyPointsPointAlert\System\Code'
Found 'topmoxie_conflicts2.htm' in 'C:\Program Files\MyPointsPointAlert\System\Html'
Found 'topmoxie_proxy.htm' in 'C:\Program Files\MyPointsPointAlert\System\Html'
Found 'browsers.dls' in 'C:\Program Files\MyPointsPointAlert\System\System'
Found 'personality.dls' in 'C:\Program Files\MyPointsPointAlert\System\System'
Found 'system.dls' in 'C:\Program Files\MyPointsPointAlert\System\System'
Found '' in 'C:\Program Files\Spyware Stormer'
Found '' in 'C:\Program Files\WinMX'
Found 'errcatch.exe' in 'C:\Program Files\WinMX'
Found 'uninstall.exe' in 'C:\Program Files\WinMX'
Found 'WinMX.exe' in 'C:\Program Files\WinMX'
Found 'Dc3.exe' in 'C:\RECYCLER\S-1-5-21-202006160-4084473541-3789031440-1007'
Found 'Ring1.wav' in 'C:\RECYCLER\S-1-5-21-202006160-4084473541-3789031440-1007\Dc4\wav'
Found 'Belt.inf' in 'C:\WINDOWS\INF'
Finished Scanning
Started Backup
Finished Backup
Started Cleaning
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0104.dbd' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0104.dbd' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0104.dbd'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0106.ddx' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0106.ddx' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0106.ddx'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0204.ddx' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0204.ddx' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0204.ddx'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0315.ddx' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0315.ddx' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0315.ddx'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0412.ddx' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0412.ddx' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0412.ddx'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0504.ddx' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0504.ddx' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0504.ddx'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0904.ddx' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0904.ddx' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv0904.ddx'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1125.ddx' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1125.ddx' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1125.ddx'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1204.ddx' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1204.ddx' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1204.ddx'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1215.dbd' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1215.dbd' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1215.dbd'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1909.ddx' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1909.ddx' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1909.ddx'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1920.dbd' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1920.dbd' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv1920.dbd'
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv2007.dbd' in shortcut areas.
Checking for 'C:\Documents and Settings\All Users\Application Data\nsv\wmv2007.dbd' in startup areas.
Cleaning 'C:\Documents and Settings\All Users\Application Data\nsv\wmv2007.dbd'
Checking for 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX' in shortcut areas.
Checking for 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX' in startup areas.
Cleaning 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX'
Checking for 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX\WinMX.lnk' in shortcut areas.
Checking for 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX\WinMX.lnk' in startup areas.
Cleaning 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX\WinMX.lnk'
Checking for 'C:\Program Files\Dynamic Toolbar' in shortcut areas.
Checking for 'C:\Program Files\Dynamic Toolbar' in startup areas.
Cleaning 'C:\Program Files\Dynamic Toolbar'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\a.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\a.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\a.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\b.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\b.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\b.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ba.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ba.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ba.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bb.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bb.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bb.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bc.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bc.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bc.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bd.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bd.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bd.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\be.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\be.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\be.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bf.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bf.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bf.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bg.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bg.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bg.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bh.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bh.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bh.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bi.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bi.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bi.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bj.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bj.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bj.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bk.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bk.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bk.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bl.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bl.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bl.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bm.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bm.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bm.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bn.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bn.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bn.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bo.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bo.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bo.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bp.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bp.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bp.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bq.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bq.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bq.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\br.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\br.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\br.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bs.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bs.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bs.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bt.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bt.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bt.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bu.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bu.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bu.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bv.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bv.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bv.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bw.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bw.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bw.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bx.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bx.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bx.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\by.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\by.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\by.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bz.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\bz.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\bz.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\c.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\c.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\c.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ca.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ca.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ca.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cb.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cb.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cb.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cc.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cc.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cc.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cd.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cd.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cd.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ce.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ce.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ce.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cf.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cf.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cf.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cg.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cg.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cg.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ch.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ch.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ch.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ci.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ci.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ci.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cj.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cj.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cj.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ck.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ck.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ck.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cl.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cl.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cl.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cm.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cm.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cm.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cn.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cn.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cn.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\co.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\co.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\co.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cp.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cp.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cp.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cq.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cq.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cq.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cr.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cr.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cr.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cs.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cs.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cs.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ct.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ct.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ct.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cu.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cu.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cu.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cv.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cv.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cv.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cw.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cw.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cw.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cx.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cx.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cx.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cy.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cy.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cy.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cz.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\cz.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\cz.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\d.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\d.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\d.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\da.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\da.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\da.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\db.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\db.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\db.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dc.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dc.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dc.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dd.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dd.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dd.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\de.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\de.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\de.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\df.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\df.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\df.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dg.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dg.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dg.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dh.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dh.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dh.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\di.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\di.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\di.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dj.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dj.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dj.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dk.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dk.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dk.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dl.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dl.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dl.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dn.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dn.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dn.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dp.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dp.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dp.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dq.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dq.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dq.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dr.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dr.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dr.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ds.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ds.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ds.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dt.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dt.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dt.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\du.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\du.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\du.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dv.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dv.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dv.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dw.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dw.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dw.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dy.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dy.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dy.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dz.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\dz.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\dz.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\e.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\e.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\e.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ea.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ea.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ea.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\eb.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\eb.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\eb.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ec.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ec.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ec.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ed.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\ed.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\ed.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\f.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\f.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\f.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\g.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\g.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\g.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\h.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\h.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\h.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\i.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\i.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\i.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\j.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\j.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\j.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\k.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\k.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\k.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\l.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\l.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\l.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\m.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\m.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\m.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\Main.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\Main.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\Main.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\n.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\n.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\n.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\o.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\o.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\o.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\p.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\p.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\p.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\q.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\q.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\q.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\r.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\r.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\r.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\s.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\s.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\s.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\t.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\t.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\t.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\u.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\u.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\u.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\v.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\v.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\v.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\w.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\w.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\w.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\x.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\x.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\x.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\y.class' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Code\y.class' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Code\y.class'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Html\topmoxie_conflicts2.htm' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Html\topmoxie_conflicts2.htm' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Html\topmoxie_conflicts2.htm'
Checking for 'C:\Program Files\MyPointsPointAlert\System\Html\topmoxie_proxy.htm' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\Html\topmoxie_proxy.htm' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\Html\topmoxie_proxy.htm'
Checking for 'C:\Program Files\MyPointsPointAlert\System\System\browsers.dls' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\System\browsers.dls' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\System\browsers.dls'
Checking for 'C:\Program Files\MyPointsPointAlert\System\System\personality.dls' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\System\personality.dls' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\System\personality.dls'
Checking for 'C:\Program Files\MyPointsPointAlert\System\System\system.dls' in shortcut areas.
Checking for 'C:\Program Files\MyPointsPointAlert\System\System\system.dls' in startup areas.
Cleaning 'C:\Program Files\MyPointsPointAlert\System\System\system.dls'
Checking for 'C:\Program Files\Spyware Stormer' in shortcut areas.
Checking for 'C:\Program Files\Spyware Stormer' in startup areas.
Cleaning 'C:\Program Files\Spyware Stormer'
Checking for 'C:\Program Files\Spyware Stormer\Setup.exe' in shortcut areas.
Checking for 'C:\Program Files\Spyware Stormer\Setup.exe' in startup areas.
Cleaning 'C:\Program Files\Spyware Stormer\Setup.exe'
Checking for 'C:\Program Files\WinMX' in shortcut areas.
Checking for 'C:\Program Files\WinMX' in startup areas.
Cleaning 'C:\Program Files\WinMX'
Checking for 'C:\Program Files\WinMX\errcatch.exe' in shortcut areas.
Checking for 'C:\Program Files\WinMX\errcatch.exe' in startup areas.
Cleaning 'C:\Program Files\WinMX\errcatch.exe'
Checking for 'C:\Program Files\WinMX\library.dat' in shortcut areas.
Checking for 'C:\Program Files\WinMX\library.dat' in startup areas.
Cleaning 'C:\Program Files\WinMX\library.dat'
Checking for 'C:\Program Files\WinMX\license.txt' in shortcut areas.
Checking for 'C:\Program Files\WinMX\license.txt' in startup areas.
Cleaning 'C:\Program Files\WinMX\license.txt'
Checking for 'C:\Program Files\WinMX\settings.dat' in shortcut areas.
Checking for 'C:\Program Files\WinMX\settings.dat' in startup areas.
Cleaning 'C:\Program Files\WinMX\settings.dat'
Checking for 'C:\Program Files\WinMX\uninstall.exe' in shortcut areas.
Checking for 'C:\Program Files\WinMX\uninstall.exe' in startup areas.
Cleaning 'C:\Program Files\WinMX\uninstall.exe'
Checking for 'C:\Program Files\WinMX\WinMX.exe' in shortcut areas.
Found 'WinMX.lnk' in 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX\'
Found 'WinMX.lnk' in 'C:\Documents and Settings\Michelle Hammann\Desktop\'
[SCANMODS] The file 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX\WinMX.lnk' was not found. Most likely already cleaned by another scanner module.
Checking for 'C:\Program Files\WinMX\WinMX.exe' in startup areas.
Cleaning 'C:\Program Files\WinMX\WinMX.exe'
Checking for 'C:\Program Files\WinMX\wpnpchannelcmds.txt' in shortcut areas.
Checking for 'C:\Program Files\WinMX\wpnpchannelcmds.txt' in startup areas.
Cleaning 'C:\Program Files\WinMX\wpnpchannelcmds.txt'
Checking for 'C:\Program Files\WinMX\errcatch.exe' in shortcut areas.
Checking for 'C:\Program Files\WinMX\errcatch.exe' in startup areas.
Cleaning 'C:\Program Files\WinMX\errcatch.exe'
[SCANMODS] The file 'C:\Program Files\WinMX\errcatch.exe' was not found. Most likely already cleaned by another scanner module.
Checking for 'C:\Program Files\WinMX\uninstall.exe' in shortcut areas.
Checking for 'C:\Program Files\WinMX\uninstall.exe' in startup areas.
Cleaning 'C:\Program Files\WinMX\uninstall.exe'
[SCANMODS] The file 'C:\Program Files\WinMX\uninstall.exe' was not found. Most likely already cleaned by another scanner module.
Checking for 'C:\Program Files\WinMX\WinMX.exe' in shortcut areas.
Found 'WinMX.lnk' in 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX\'
Found 'WinMX.lnk' in 'C:\Documents and Settings\Michelle Hammann\Desktop\'
[SCANMODS] The file 'C:\Documents and Settings\Michelle Hammann\Start Menu\Programs\WinMX\WinMX.lnk' was not found. Most likely already cleaned by another scanner module.
[SCANMODS] The file 'C:\Documents and Settings\Michelle Hammann\Desktop\WinMX.lnk' was not found. Most likely already cleaned by another scanner module.
Checking for 'C:\Program Files\WinMX\WinMX.exe' in startup areas.
Cleaning 'C:\Program Files\WinMX\WinMX.exe'
[SCANMODS] The file 'C:\Program Files\WinMX\WinMX.exe' was not found. Most likely already cleaned by another scanner module.
Checking for 'C:\RECYCLER\S-1-5-21-202006160-4084473541-3789031440-1007\Dc3.exe' in shortcut areas.
Checking for 'C:\RECYCLER\S-1-5-21-202006160-4084473541-3789031440-1007\Dc3.exe' in startup areas.
Cleaning 'C:\RECYCLER\S-1-5-21-202006160-4084473541-3789031440-1007\Dc3.exe'
Checking for 'C:\RECYCLER\S-1-5-21-202006160-4084473541-3789031440-1007\Dc4\wav\Ring1.wav' in shortcut areas.
Checking for 'C:\RECYCLER\S-1-5-21-202006160-4084473541-3789031440-1007\Dc4\wav\Ring1.wav' in startup areas.
Cleaning 'C:\RECYCLER\S-1-5-21-202006160-4084473541-3789031440-1007\Dc4\wav\Ring1.wav'
Checking for 'C:\WINDOWS\INF\Belt.inf' in shortcut areas.
Checking for 'C:\WINDOWS\INF\Belt.inf' in startup areas.
Cleaning 'C:\WINDOWS\INF\Belt.inf'
Finished Cleaning





THANK YOU!!!
 

·
Registered
Joined
·
6,574 Posts
Sorry to be a pain, but since TMAS has found a significant amount, I would like you to run the scan again, using the same options as before. I just want to make sure it got everything it claims. :sayyes:
 

·
Registered
Joined
·
129 Posts
Discussion Starter #18
Here is the log again.

Started Scanning
Internet Cookies
Found 'questionmarket.com' in 'Internet Explorer Cache'
Found 'atdmt.com' in 'Internet Explorer Cache'
Found 'tribalfusion.com' in 'Internet Explorer Cache'
Found 'doubleclick.net' in 'Internet Explorer Cache'
Programs in Memory
Windows Registry
Internet URL Shortcuts
Files and Directories
Finished Scanning
Started Backup
Finished Backup
Started Cleaning
Finished Cleaning
 

·
TSF Security Manager, Emeritus
Joined
·
52,197 Posts
tetonbob said:
To be able to download and use HJT, make sure that your McAfee is up to date, version and definitions. Otherwise, it will continue to incorrectly ID part of it as a worm.

Your other option is to temporarily disable McAfee long enough to download and run the scan.

It seems McAfee is detecting the new HijackThis version as W32/Generic.worm!p2p. It is not the first time this happened and probably not the last time either. There is no virus in HijackThis. McAfee incorrectly detects the PE compression method I use on all of my programs as a generic Kazaa worm. I will try to contact McAfee about this and see if the incorrect detection can be removed in their next update.
[Update 2] Success! McAfee has put out new definitions that no longer detect HijackThis 1.99.1 as a virus.
http://www.merijn.org/
Now, please try to give us the HJT scan.
 

·
Registered
Joined
·
129 Posts
Discussion Starter #20
HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 5:14:08 PM, on 10/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\iWon\Messenger\bin\i1IMPipe.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\WinZip\WZQKPICK.EXE
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Documents and Settings\Michelle Hammann\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sp/*http://www.yahoo.com
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: COMMUNICATOR - {4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} - C:\WINDOWS\SYSTEM32\communicator.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [ZingSpooler] C:\Program Files\Common Files\Zing\ZingSpooler.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MyPointsPointAlert] javaw -cp "C:\Program Files\MyPointsPointAlert\System\Code" Main lp: "C:\Program Files\MyPointsPointAlert"
O4 - HKLM\..\Run: [iWon Messenger Pipe] C:\Program Files\iWon\Messenger\bin\i1IMPipe.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [stb] C:\WINDOWS\system32\stb.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [C:_Program Files_WordPerfe3a] C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe /Watch
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: MyPoints - file://C:\Program Files\MyPointsPointAlert\System\Temp\mypoints_script0.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Point Alert - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - file://C:\Program Files\MyPointsPointAlert\System\Temp\mypoints_script0.htm (file missing) (HKCU)
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} (AsyncDownloader Class) - http://survey.otxresearch.com/Preloader.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://66.48.68.135/save/makeover.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/US/install.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.yorkphoto.com/YorkActivia.cab
O16 - DPF: {427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control) - http://www.imagestation.com/common/classes/BPImageEditor.cab?ver=1,1,0,32
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-9.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
O16 - DPF: {5E943D9C-F8DC-4258-8E3F-A61BB3405A33} (ZingBatchAXDwnl Class) - http://www.imagestation.com/common/classes/batchdwnl.cab?version=4,3,2,20802
O16 - DPF: {6B1B6D11-E497-11D3-BE0C-005004AD2E83} (ImageStation Home Printing Control) - http://www.imagestation.com/common/classes/ISUSPrintActiveX.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} (Snapfish File Upload ActiveX Control) - http://www.snapfish.com/SnapfishUpload.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4021/ftp.coupons.com/v3123/cpbrkpie.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - http://a320.g.akamai.net/7/320/1456...players/english/5.0/win/PulsePlayer5AxWin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {C915801D-6F00-49CD-8A9A-8DE5C11ADDC1} (Pixami Drag/Drop Upload UI Control) - http://www.photoworks.com/pixami/DragDropUploader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
 
1 - 20 of 76 Posts
Status
Not open for further replies.
Top