Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Name: XpUser4Real
Hi, I have removed lots of trojans and viruses from this PC. It runs fine but is really slow starting webpages, etc on DSL. My friend wanted me to do a fresh install on his PC but he has no Xp Pro disc so I'm pretty well stuck just getting it to run back to normal again.
Here is what I've done:
1-I ran HJT and removed whatever I KNEW (after googling on-line) was no good
2-I ran Dr Cureit and deleted some adware
3-I ran Spyware Blaster with the new updates
4-I ran Combofix and as far as I can see, there were no problems...but I'm sure not an expert on that, as it didn't reboot to move anything.
5-I did sfc /scannow and all files were fine
6-I did an online scan with Kaspersky and removed more trojan infections.
7-I did an x-cleaner scan and removed some more adware.
8-I did a scan at pitstop for optimizing and it worked out fine.
9-I tried the trial version of Trojan remover and it doesn't find anything. It also scans on starup.
10-I tried Silent runners and really didn't know how to interpret it
11-I totally uninstalled Norton 2003 plus used the extra Symantec uninstaller for that version to be sure it was gone
12-I loaded Avast! and it boot scanned and found some trojans which I moved to quarantine
12-I installed Comodo FirewallThe last 3, I did them first before I went on-line for on-line scans
The only program right now that finds anything is Spybot and it is altnet in the registry. I tried many removal attempts (reboot scans because it said the file was in memory) and it would not remove.
I also tried deleting the altnet folder in the registry and it wouldn't remove.
Is there anything you might know that can help me speed this PC up a bit and maybe get rid of the altnet?
ThanksHopefully my advice will help you...Please post back with your results....thanks
Thanks for your reply, I'll have a new one in a few minutes
Hopefully my advice will help you...Please post back with your results....thanks
0 
Here it is:
JerryTTraylor - 06-12-29 16:11:27.68 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\JerryTTraylor\Desktop"((((((((((((((((((((((((((((((( Files Created from 2006-11-29 to 2006-12-29 ))))))))))))))))))))))))))))))))))
2006-12-29 13:32 163,840 --a------ C:\WINDOWS\system32\igfxres.dll
2006-12-29 13:16 <DIR> d-------- C:\Program Files\Lavalys
2006-12-29 13:05 <DIR> dr-h----- C:\Documents and Settings\JerryTTraylor\Recent
2006-12-29 13:04 <DIR> d-------- C:\Program Files\CCleaner
2006-12-29 10:50 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\Application Data\gtopala
2006-12-29 01:57 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2006-12-29 01:08 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\.housecall6.6
2006-12-29 01:06 <DIR> d-------- C:\WINDOWS\Sun
2006-12-29 01:06 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\Application Data\Sun
2006-12-29 01:04 <DIR> d-------- C:\Program Files\Java
2006-12-29 01:02 <DIR> d-------- C:\Program Files\Common Files\Java
2006-12-29 00:08 <DIR> d-------- C:\Program Files\Unlocker
2006-12-29 00:01 <DIR> d-------- C:\Program Files\GiPo@Utilities
2006-12-29 00:01 <DIR> d-------- C:\Program Files\Common Files\Gibinsoft Shared
2006-12-28 23:29 <DIR> d-------- C:\Program Files\Microsoft Bootvis
2006-12-28 23:20 <DIR> d-------- C:\Program Files\RegScrubXP
2006-12-28 23:01 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\Application Data\Lavasoft
2006-12-28 21:25 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2006-12-28 21:25 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2006-12-28 21:25 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2006-12-28 21:25 <DIR> d-------- C:\Program Files\Trojan Remover
2006-12-28 21:25 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\Application Data\Simply Super Software
2006-12-28 21:11 <DIR> d-------- C:\WINDOWS\WBEM
2006-12-28 21:11 <DIR> d-------- C:\WINDOWS\system32\en-US
2006-12-28 21:09 <DIR> d--h-c--- C:\WINDOWS\ie7
2006-12-28 21:07 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2006-12-28 21:06 <DIR> d-------- C:\WINDOWS\network diagnostic
2006-12-28 20:29 <DIR> d-------- C:\WINDOWS\Prefetch
2006-12-28 20:17 9,728 --------- C:\WINDOWS\system32\comsdupd.exe
2006-12-28 20:17 896,512 --------- C:\WINDOWS\system32\wmspdmoe.dll
2006-12-28 20:17 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll
2006-12-28 20:17 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2006-12-28 20:17 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll
2006-12-28 20:17 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll
2006-12-28 20:17 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2006-12-28 20:17 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2006-12-28 20:17 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2006-12-28 20:17 78,336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-12-28 20:17 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2006-12-28 20:17 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2006-12-28 20:17 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2006-12-28 20:17 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2006-12-28 20:17 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2006-12-28 20:17 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2006-12-28 20:17 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2006-12-28 20:17 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2006-12-28 20:17 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2006-12-28 20:17 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2006-12-28 20:17 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2006-12-28 20:17 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys
2006-12-28 20:17 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2006-12-28 20:17 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2006-12-28 20:17 60,416 --------- C:\WINDOWS\system32\fwcfg.dll
2006-12-28 20:17 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll
2006-12-28 20:17 6,656 --------- C:\WINDOWS\system32\kbdinben.dll
2006-12-28 20:17 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll
2006-12-28 20:17 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll
2006-12-28 20:17 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll
2006-12-28 20:17 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys
2006-12-28 20:17 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2006-12-28 20:17 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2006-12-28 20:17 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys
2006-12-28 20:17 526,848 --------- C:\WINDOWS\system32\p2psvc.dll
2006-12-28 20:17 52,224 --------- C:\WINDOWS\system32\mspmsnsv.dll
2006-12-28 20:17 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2006-12-28 20:17 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2006-12-28 20:17 50,688 --------- C:\WINDOWS\system32\btpanui.dll
2006-12-28 20:17 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2006-12-28 20:17 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll
2006-12-28 20:17 49,152 --------- C:\WINDOWS\system32\powercfg.exe
2006-12-28 20:17 484,864 --------- C:\WINDOWS\system32\wmspdmod.dll
2006-12-28 20:17 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll
2006-12-28 20:17 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2006-12-28 20:17 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2006-12-28 20:17 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys
2006-12-28 20:17 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2006-12-28 20:17 44,032 --------- C:\WINDOWS\system32\twext.dll
2006-12-28 20:17 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys
2006-12-28 20:17 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys
2006-12-28 20:17 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys
2006-12-28 20:17 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys
2006-12-28 20:17 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys
2006-12-28 20:17 40,832 --------- C:\WINDOWS\system32\drivers\irbus.sys
2006-12-28 20:17 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2006-12-28 20:17 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2006-12-28 20:17 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2006-12-28 20:17 384,512 --------- C:\WINDOWS\system32\mp4sdmod.dll
2006-12-28 20:17 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2006-12-28 20:17 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2006-12-28 20:17 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2006-12-28 20:17 36,096 --------- C:\WINDOWS\system32\drivers\intelppm.sys
2006-12-28 20:17 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2006-12-28 20:17 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2006-12-28 20:17 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2006-12-28 20:17 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2006-12-28 20:17 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll
2006-12-28 20:17 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll
2006-12-28 20:17 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll
2006-12-28 20:17 310,272 --------- C:\WINDOWS\system32\mp43dmod.dll
2006-12-28 20:17 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2006-12-28 20:17 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys
2006-12-28 20:17 30,208 --------- C:\WINDOWS\system32\bthserv.dll
2006-12-28 20:17 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2006-12-28 20:17 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2006-12-28 20:17 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2006-12-28 20:17 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2006-12-28 20:17 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2006-12-28 20:17 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2006-12-28 20:17 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2006-12-28 20:17 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2006-12-28 20:17 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2006-12-28 20:17 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll
2006-12-28 20:17 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys
2006-12-28 20:17 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2006-12-28 20:17 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys
2006-12-28 20:17 262,784 --------- C:\WINDOWS\system32\drivers\http.sys
2006-12-28 20:17 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys
2006-12-28 20:17 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2006-12-28 20:17 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2006-12-28 20:17 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll
2006-12-28 20:17 24,576 --------- C:\WINDOWS\system32\httpapi.dll
2006-12-28 20:17 233,472 --------- C:\WINDOWS\system32\wmpdxm.dll
2006-12-28 20:17 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-12-28 20:17 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll
2006-12-28 20:17 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2006-12-28 20:17 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2006-12-28 20:17 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2006-12-28 20:17 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll
2006-12-28 20:17 201,728 --------- C:\WINDOWS\system32\ati2dvag.dll
2006-12-28 20:17 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll
2006-12-28 20:17 20,992 --------- C:\WINDOWS\system32\bthci.dll
2006-12-28 20:17 193,024 --------- C:\WINDOWS\system32\fsquirt.exe
2006-12-28 20:17 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll
2006-12-28 20:17 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2006-12-28 20:17 17,408 --------- C:\WINDOWS\system32\winshfhc.dll
2006-12-28 20:17 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll
2006-12-28 20:17 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2006-12-28 20:17 168,448 --------- C:\WINDOWS\system32\wmerror.dll
2006-12-28 20:17 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2006-12-28 20:17 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-12-28 20:17 151,552 --------- C:\WINDOWS\system32\wmidx.dll
2006-12-28 20:17 15,872 --------- C:\WINDOWS\system32\w3ssl.dll
2006-12-28 20:17 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys
2006-12-28 20:17 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2006-12-28 20:17 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys
2006-12-28 20:17 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2006-12-28 20:17 14,336 --------- C:\WINDOWS\system32\auditusr.exe
2006-12-28 20:17 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll
2006-12-28 20:17 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2006-12-28 20:17 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2006-12-28 20:17 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2006-12-28 20:17 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll
2006-12-28 20:17 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2006-12-28 20:17 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2006-12-28 20:17 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2006-12-28 20:17 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2006-12-28 20:17 128,896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2006-12-28 20:17 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2006-12-28 20:17 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2006-12-28 20:17 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2006-12-28 20:17 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2006-12-28 20:17 116,224 --------- C:\WINDOWS\system32\p2p.dll
2006-12-28 20:17 114,688 --------- C:\WINDOWS\system32\wmpasf.dll
2006-12-28 20:17 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2006-12-28 20:17 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2006-12-28 20:17 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2006-12-28 20:17 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2006-12-28 20:17 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2006-12-28 20:17 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll
2006-12-28 20:17 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2006-12-28 20:17 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2006-12-28 20:17 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys
2006-12-28 20:17 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2006-12-28 20:17 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2006-12-28 20:17 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2006-12-28 20:17 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys
2006-12-28 20:17 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys
2006-12-28 20:17 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2006-12-28 20:17 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2006-12-28 20:17 1,119,744 --------- C:\WINDOWS\system32\wmsdmoe2.dll
2006-12-28 20:17 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2006-12-28 20:17 1,001,472 --------- C:\WINDOWS\system32\wmvdmoe2.dll
2006-12-28 20:17 <DIR> d-------- C:\WINDOWS\provisioning
2006-12-28 20:17 <DIR> d-------- C:\WINDOWS\peernet
2006-12-28 20:12 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2006-12-28 19:58 <DIR> d-------- C:\WINDOWS\EHome
2006-12-28 19:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-12-28 19:31 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-12-28 19:31 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2006-12-28 19:31 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2006-12-28 17:13 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\DoctorWeb
2006-12-28 17:12 <DIR> d--hs---- C:\WINDOWS\CSC
2006-12-28 16:57 <DIR> d-------- C:\hijackthis
2006-12-28 15:30 <DIR> d-------- C:\Program Files\Trustix
2006-12-28 15:27 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\Application Data\Comodo
2006-12-28 15:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2006-12-28 15:25 69,120 --a------ C:\WINDOWS\system32\drivers\inspect.sys
2006-12-28 15:25 61,056 --a------ C:\WINDOWS\system32\drivers\cmdmon.sys
2006-12-28 15:25 <DIR> d-------- C:\Program Files\Comodo
2006-12-28 15:21 <DIR> d-------- C:\WINDOWS\pss
2006-12-28 15:20 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-28 15:18 <DIR> d-------- C:\Program Files\SpywareBlaster
2006-12-28 14:54 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2006-12-28 14:54 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2006-12-28 14:54 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2006-12-28 14:54 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe
2006-12-28 14:54 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll
2006-12-28 14:54 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2006-12-28 14:54 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll
2006-12-28 14:54 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2006-12-28 14:54 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2006-12-28 14:54 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2006-12-28 14:54 <DIR> d-------- C:\Program Files\Alwil Software
2006-12-28 14:17 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-29 13:52 -------- d-------- C:\Program Files\Oberon Media
2006-12-29 13:52 -------- d-------- C:\Program Files\Common Files
2006-12-29 01:12 -------- d-------- C:\Program Files\Internet Explorer
2006-12-28 23:29 -------- d---s---- C:\Documents and Settings\JerryTTraylor\Application Data\Microsoft
2006-12-28 23:01 -------- d-------- C:\Program Files\Lavasoft
2006-12-28 21:13 -------- d-------- C:\Program Files\Outlook Express
2006-12-28 21:13 -------- d-------- C:\Program Files\Common Files\System
2006-12-28 20:58 -------- d-------- C:\Program Files\Windows Media Player
2006-12-28 20:53 -------- d-------- C:\Program Files\Messenger
2006-12-28 20:17 -------- d-------- C:\Program Files\Movie Maker
2006-12-28 20:12 -------- d-------- C:\Program Files\NetMeeting
2006-12-28 20:11 -------- d-------- C:\Program Files\Windows NT
2006-12-28 17:46 -------- d-------- C:\Program Files\hbinst
2006-12-28 17:46 -------- d-------- C:\Program Files\Copy of AdDestroyer
2006-12-28 16:04 -------- d-------- C:\Program Files\MyWay
2006-12-28 16:03 -------- d-------- C:\Program Files\Free Offers from Freeze.com
2006-12-07 17:02 2174976 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-11-07 23:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-10-19 07:56 713216 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 06:35 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 06:35 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 06:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Comodo Firewall"="\"C:\\Program Files\\Comodo\\Firewall\\CPF.exe\" /background"
"UnlockerAssistant"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\""[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,3a,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,00,03,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,00,03,\
00,00,01,00,00,00[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 2000 Series.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\hp psc 2000 Series.lnk"
"backup"="C:\\WINDOWS\\pss\\hp psc 2000 Series.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpobnz08.exe "
"item"="hp psc 2000 Series"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\hpoddt01.exe.lnk"
"backup"="C:\\WINDOWS\\pss\\hpoddt01.exe.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpotdd01.exe "
"item"="hpoddt01.exe"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~2\\Office\\OSA9.exe -b -l"
"item"="Microsoft Office"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Verizon Online Support Center.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Verizon Online Support Center.lnk"
"backup"="C:\\WINDOWS\\pss\\Verizon Online Support Center.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\VERIZO~1\\SUPPOR~1\\bin\\matcli.exe -boot"
"item"="Verizon Online Support Center"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^JerryTTraylor^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
"path"="C:\\Documents and Settings\\JerryTTraylor\\Start Menu\\Programs\\Startup\\PowerReg Scheduler.exe"
"backup"="C:\\WINDOWS\\pss\\PowerReg Scheduler.exeStartup"
"location"="Startup"
"command"="C:\\Documents and Settings\\JerryTTraylor\\Start Menu\\Programs\\Startup\\PowerReg Scheduler.exe"
"item"="PowerReg Scheduler"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADKQXDKR]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ADKQXDKR"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\ADKQXDKR.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hkcmd"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\hkcmd.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="igfxtray"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\igfxtray.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IOV]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IOV"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\IOV.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPInSightLAN 01]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IPClient"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Verizon Online\\DSL 4.0\\IP InSight\\IPClient.exe\" -l"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPInSightMonitor 01]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IPMon32"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Verizon Online\\DSL 4.0\\IP InSight\\IPMon32.exe\""
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KHost"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\kdx\\KHost.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MotiveSB"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\VERIZO~1\\SUPPOR~1\\SMARTB~1\\MotiveSB.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\qlanel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qlanel"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\qlanel.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RealPlay"
"hkey"="HKLM"
"command"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Trjscan"
"hkey"="HKLM"
"command"="C:\\Program Files\\Trojan Remover\\Trjscan.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherOnTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WeatherOnTray"
"hkey"="HKLM"
"command"="C:\\Program Files\\Hotbar\\bin\\4.4.6.0\\WeatherOnTray.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ypager"
"hkey"="HKCU"
"command"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"
"inimapping"="0"[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1097348540.jobCompletion time: 06-12-29 16:13:02.45
C:\ComboFix.txt ... 06-12-29 16:13
C:\ComboFix2.txt ... 06-12-29 14:34
Hopefully my advice will help you...Please post back with your results....thanks
0
Delete these folders, they are rogues, look in add/remove programs and uninstall if present:
C:\Program Files\Copy of AdDestroyer
C:\Program Files\MyWay
C:\Program Files\Free Offers from Freeze.com
Open notepad (Start Menu > Run > Type notepad and press "ok".
Copy and paste everything into notepad between the x's making regedit4 the top line.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
REGEDIT4[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADKQXDKR]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\qlanel]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherOnTray]
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXGo to File on the top bar and choose" Save As", Change the "Save As Type" to All Files, Name it Fix.reg then save it to your desktop.
Double click Fix.reg (or right click and choose Merge) and it will ask if you want to merge the contents into the registry, choose Yes.
See if Spybot pick it up now, if it does see if you can get the registry path out of spybot.
0
If Spybot identifies the registry key as HKEY-LOCAL-MACHINE/Software/Altnet boot he computer into safe mode and run Spybot from safe mode.
0
Hi Jabuck, I've made all the changes and am running the scan now. I have to go to work till 12am....it's 5:50pm right now. So if the scan isn't done before I leave, I'll post it as soon as I get home,
Thanks for your great knowledge!Hopefully my advice will help you...Please post back with your results....thanks
0
Hi, I finished running safemode scan (regular mode just asked me to run a scan on reboot) and still altnet won't delete (same message). Also when it rebooted, my colors got real pale.
Any other suggestions?
Thanks for your helpHopefully my advice will help you...Please post back with your results....thanks
0
Dont mean to interfere with this post but here are some Altnet Removal Instructions that may help
" Please Post back to let us know if we helped "
0
Delete the regisitry key listed in Bob's post. Be sure to reboot after you delete the keys.
0
Thanks for the info Bob, but when I went down the list.
This one entry was missing:HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\App Management\\ARPCache\\AltnetDM]
The AltnetDM
So that stopped that idea right there.....so I'm still stuck
Hopefully my advice will help you...Please post back with your results....thanks
0
Also have you turned off your system restore ? then back on ? some of these nastys like to embed themselves into there
" Please Post back to let us know if we helped "
0
Here is a link to Geeks To Go that has resolved the issue which may also assist you
" Please Post back to let us know if we helped "
0
Yes Bob, thanks, I did the system restore thing and I tried that link.
Still no success....Jabuck? Any more ideas?Hopefully my advice will help you...Please post back with your results....thanks
0
I also found a zip file called altnet.zip, I ran the bat file and it was supposed to allow me to get permissions to delete the altnet folder....still didn't work
Hopefully my advice will help you...Please post back with your results....thanks
0
Here's the Hijackthis Log
Logfile of HijackThis v1.99.1
Scan saved at 4:02:29 PM, on 12/30/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP1 (7.00.5730.0011)Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.exe
C:\hijackthis\hijackthis\scanner.exe.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Comodo Firewall] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/gam...
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/gam...
O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yo...
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/gam...
O16 - DPF: Yahoo! MahJong - http://download.games.yahoo.com/gam...
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/gam...
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/...
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xcle...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/res...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1....
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yah...
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - file://D:\Bin\html\files\MotivePreQual.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeHopefully my advice will help you...Please post back with your results....thanks
0
Here's the combo fix Log:
JerryTTraylor - 06-12-30 16:04:26.21 Service Pack 1
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\JerryTTraylor\Desktop"((((((((((((((((((((((((((((((( Files Created from 2006-11-30 to 2006-12-30 ))))))))))))))))))))))))))))))))))
2006-12-29 13:32 163,840 --a------ C:\WINDOWS\system32\igfxres.dll
2006-12-29 13:16 <DIR> d-------- C:\Program Files\Lavalys
2006-12-29 13:05 <DIR> dr-h----- C:\Documents and Settings\JerryTTraylor\Recent
2006-12-29 13:04 <DIR> d-------- C:\Program Files\CCleaner
2006-12-29 10:50 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\Application Data\gtopala
2006-12-29 01:57 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2006-12-29 01:08 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\.housecall6.6
2006-12-29 01:06 <DIR> d-------- C:\WINDOWS\Sun
2006-12-29 01:06 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\Application Data\Sun
2006-12-29 01:04 <DIR> d-------- C:\Program Files\Java
2006-12-29 01:02 <DIR> d-------- C:\Program Files\Common Files\Java
2006-12-29 00:08 <DIR> d-------- C:\Program Files\Unlocker
2006-12-29 00:01 <DIR> d-------- C:\Program Files\GiPo@Utilities
2006-12-29 00:01 <DIR> d-------- C:\Program Files\Common Files\Gibinsoft Shared
2006-12-28 23:29 <DIR> d-------- C:\Program Files\Microsoft Bootvis
2006-12-28 23:20 <DIR> d-------- C:\Program Files\RegScrubXP
2006-12-28 23:01 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\Application Data\Lavasoft
2006-12-28 21:25 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2006-12-28 21:25 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2006-12-28 21:25 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2006-12-28 21:25 <DIR> d-------- C:\Program Files\Trojan Remover
2006-12-28 21:25 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\Application Data\Simply Super Software
2006-12-28 21:11 <DIR> d-------- C:\WINDOWS\WBEM
2006-12-28 21:11 <DIR> d-------- C:\WINDOWS\system32\en-US
2006-12-28 21:09 <DIR> d--h-c--- C:\WINDOWS\ie7
2006-12-28 21:07 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2006-12-28 21:06 <DIR> d-------- C:\WINDOWS\network diagnostic
2006-12-28 20:29 <DIR> d-------- C:\WINDOWS\Prefetch
2006-12-28 20:17 9,728 --------- C:\WINDOWS\system32\comsdupd.exe
2006-12-28 20:17 896,512 --------- C:\WINDOWS\system32\wmspdmoe.dll
2006-12-28 20:17 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll
2006-12-28 20:17 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2006-12-28 20:17 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll
2006-12-28 20:17 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll
2006-12-28 20:17 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2006-12-28 20:17 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2006-12-28 20:17 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2006-12-28 20:17 78,336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-12-28 20:17 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2006-12-28 20:17 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2006-12-28 20:17 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2006-12-28 20:17 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2006-12-28 20:17 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2006-12-28 20:17 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2006-12-28 20:17 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2006-12-28 20:17 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2006-12-28 20:17 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2006-12-28 20:17 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2006-12-28 20:17 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2006-12-28 20:17 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys
2006-12-28 20:17 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2006-12-28 20:17 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2006-12-28 20:17 60,416 --------- C:\WINDOWS\system32\fwcfg.dll
2006-12-28 20:17 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll
2006-12-28 20:17 6,656 --------- C:\WINDOWS\system32\kbdinben.dll
2006-12-28 20:17 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll
2006-12-28 20:17 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll
2006-12-28 20:17 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll
2006-12-28 20:17 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys
2006-12-28 20:17 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2006-12-28 20:17 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2006-12-28 20:17 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys
2006-12-28 20:17 526,848 --------- C:\WINDOWS\system32\p2psvc.dll
2006-12-28 20:17 52,224 --------- C:\WINDOWS\system32\mspmsnsv.dll
2006-12-28 20:17 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2006-12-28 20:17 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2006-12-28 20:17 50,688 --------- C:\WINDOWS\system32\btpanui.dll
2006-12-28 20:17 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2006-12-28 20:17 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll
2006-12-28 20:17 49,152 --------- C:\WINDOWS\system32\powercfg.exe
2006-12-28 20:17 484,864 --------- C:\WINDOWS\system32\wmspdmod.dll
2006-12-28 20:17 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll
2006-12-28 20:17 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2006-12-28 20:17 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2006-12-28 20:17 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys
2006-12-28 20:17 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2006-12-28 20:17 44,032 --------- C:\WINDOWS\system32\twext.dll
2006-12-28 20:17 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys
2006-12-28 20:17 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys
2006-12-28 20:17 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys
2006-12-28 20:17 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys
2006-12-28 20:17 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys
2006-12-28 20:17 40,832 --------- C:\WINDOWS\system32\drivers\irbus.sys
2006-12-28 20:17 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2006-12-28 20:17 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2006-12-28 20:17 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2006-12-28 20:17 384,512 --------- C:\WINDOWS\system32\mp4sdmod.dll
2006-12-28 20:17 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2006-12-28 20:17 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2006-12-28 20:17 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2006-12-28 20:17 36,096 --------- C:\WINDOWS\system32\drivers\intelppm.sys
2006-12-28 20:17 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2006-12-28 20:17 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2006-12-28 20:17 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2006-12-28 20:17 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2006-12-28 20:17 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll
2006-12-28 20:17 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll
2006-12-28 20:17 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll
2006-12-28 20:17 310,272 --------- C:\WINDOWS\system32\mp43dmod.dll
2006-12-28 20:17 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2006-12-28 20:17 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys
2006-12-28 20:17 30,208 --------- C:\WINDOWS\system32\bthserv.dll
2006-12-28 20:17 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2006-12-28 20:17 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2006-12-28 20:17 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2006-12-28 20:17 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2006-12-28 20:17 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2006-12-28 20:17 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2006-12-28 20:17 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2006-12-28 20:17 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2006-12-28 20:17 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2006-12-28 20:17 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll
2006-12-28 20:17 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys
2006-12-28 20:17 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2006-12-28 20:17 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys
2006-12-28 20:17 262,784 --------- C:\WINDOWS\system32\drivers\http.sys
2006-12-28 20:17 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys
2006-12-28 20:17 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2006-12-28 20:17 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2006-12-28 20:17 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll
2006-12-28 20:17 24,576 --------- C:\WINDOWS\system32\httpapi.dll
2006-12-28 20:17 233,472 --------- C:\WINDOWS\system32\wmpdxm.dll
2006-12-28 20:17 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-12-28 20:17 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll
2006-12-28 20:17 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2006-12-28 20:17 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2006-12-28 20:17 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2006-12-28 20:17 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll
2006-12-28 20:17 201,728 --------- C:\WINDOWS\system32\ati2dvag.dll
2006-12-28 20:17 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll
2006-12-28 20:17 20,992 --------- C:\WINDOWS\system32\bthci.dll
2006-12-28 20:17 193,024 --------- C:\WINDOWS\system32\fsquirt.exe
2006-12-28 20:17 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll
2006-12-28 20:17 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2006-12-28 20:17 17,408 --------- C:\WINDOWS\system32\winshfhc.dll
2006-12-28 20:17 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll
2006-12-28 20:17 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2006-12-28 20:17 168,448 --------- C:\WINDOWS\system32\wmerror.dll
2006-12-28 20:17 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2006-12-28 20:17 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-12-28 20:17 151,552 --------- C:\WINDOWS\system32\wmidx.dll
2006-12-28 20:17 15,872 --------- C:\WINDOWS\system32\w3ssl.dll
2006-12-28 20:17 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys
2006-12-28 20:17 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2006-12-28 20:17 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys
2006-12-28 20:17 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2006-12-28 20:17 14,336 --------- C:\WINDOWS\system32\auditusr.exe
2006-12-28 20:17 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll
2006-12-28 20:17 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2006-12-28 20:17 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2006-12-28 20:17 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2006-12-28 20:17 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll
2006-12-28 20:17 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2006-12-28 20:17 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2006-12-28 20:17 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2006-12-28 20:17 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2006-12-28 20:17 128,896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2006-12-28 20:17 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2006-12-28 20:17 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2006-12-28 20:17 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2006-12-28 20:17 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2006-12-28 20:17 116,224 --------- C:\WINDOWS\system32\p2p.dll
2006-12-28 20:17 114,688 --------- C:\WINDOWS\system32\wmpasf.dll
2006-12-28 20:17 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2006-12-28 20:17 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2006-12-28 20:17 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2006-12-28 20:17 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2006-12-28 20:17 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2006-12-28 20:17 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll
2006-12-28 20:17 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2006-12-28 20:17 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2006-12-28 20:17 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys
2006-12-28 20:17 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2006-12-28 20:17 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2006-12-28 20:17 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2006-12-28 20:17 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys
2006-12-28 20:17 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys
2006-12-28 20:17 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2006-12-28 20:17 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2006-12-28 20:17 1,119,744 --------- C:\WINDOWS\system32\wmsdmoe2.dll
2006-12-28 20:17 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2006-12-28 20:17 1,001,472 --------- C:\WINDOWS\system32\wmvdmoe2.dll
2006-12-28 20:17 <DIR> d-------- C:\WINDOWS\provisioning
2006-12-28 20:17 <DIR> d-------- C:\WINDOWS\peernet
2006-12-28 20:12 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2006-12-28 19:58 <DIR> d-------- C:\WINDOWS\EHome
2006-12-28 19:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-12-28 19:31 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-12-28 19:31 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2006-12-28 19:31 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2006-12-28 17:13 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\DoctorWeb
2006-12-28 17:12 <DIR> d--hs---- C:\WINDOWS\CSC
2006-12-28 16:57 <DIR> d-------- C:\hijackthis
2006-12-28 15:30 <DIR> d-------- C:\Program Files\Trustix
2006-12-28 15:27 <DIR> d-------- C:\Documents and Settings\JerryTTraylor\Application Data\Comodo
2006-12-28 15:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2006-12-28 15:25 69,120 --a------ C:\WINDOWS\system32\drivers\inspect.sys
2006-12-28 15:25 61,056 --a------ C:\WINDOWS\system32\drivers\cmdmon.sys
2006-12-28 15:25 <DIR> d-------- C:\Program Files\Comodo
2006-12-28 15:21 <DIR> d-------- C:\WINDOWS\pss
2006-12-28 15:20 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-28 15:18 <DIR> d-------- C:\Program Files\SpywareBlaster
2006-12-28 14:54 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2006-12-28 14:54 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2006-12-28 14:54 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2006-12-28 14:54 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe
2006-12-28 14:54 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll
2006-12-28 14:54 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2006-12-28 14:54 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll
2006-12-28 14:54 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2006-12-28 14:54 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2006-12-28 14:54 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2006-12-28 14:54 <DIR> d-------- C:\Program Files\Alwil Software
2006-12-28 14:17 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-30 10:19 -------- d---s---- C:\Documents and Settings\JerryTTraylor\Application Data\Microsoft
2006-12-29 13:52 -------- d-------- C:\Program Files\Oberon Media
2006-12-29 13:52 -------- d-------- C:\Program Files\Common Files
2006-12-29 01:12 -------- d-------- C:\Program Files\Internet Explorer
2006-12-28 23:01 -------- d-------- C:\Program Files\Lavasoft
2006-12-28 21:13 -------- d-------- C:\Program Files\Outlook Express
2006-12-28 21:13 -------- d-------- C:\Program Files\Common Files\System
2006-12-28 20:58 -------- d-------- C:\Program Files\Windows Media Player
2006-12-28 20:53 -------- d-------- C:\Program Files\Messenger
2006-12-28 20:17 -------- d-------- C:\Program Files\Movie Maker
2006-12-28 20:12 -------- d-------- C:\Program Files\NetMeeting
2006-12-28 20:11 -------- d-------- C:\Program Files\Windows NT
2006-12-28 17:46 -------- d-------- C:\Program Files\hbinst
2006-12-07 17:02 2174976 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-11-07 23:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-10-19 07:56 713216 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 06:35 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 06:35 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 06:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Comodo Firewall"="\"C:\\Program Files\\Comodo\\Firewall\\CPF.exe\" /background"
"UnlockerAssistant"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\""[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,da,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,00,03,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,00,03,\
00,00,01,00,00,00[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 2000 Series.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\hp psc 2000 Series.lnk"
"backup"="C:\\WINDOWS\\pss\\hp psc 2000 Series.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpobnz08.exe "
"item"="hp psc 2000 Series"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\hpoddt01.exe.lnk"
"backup"="C:\\WINDOWS\\pss\\hpoddt01.exe.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpotdd01.exe "
"item"="hpoddt01.exe"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~2\\Office\\OSA9.exe -b -l"
"item"="Microsoft Office"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Verizon Online Support Center.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Verizon Online Support Center.lnk"
"backup"="C:\\WINDOWS\\pss\\Verizon Online Support Center.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\VERIZO~1\\SUPPOR~1\\bin\\matcli.exe -boot"
"item"="Verizon Online Support Center"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^JerryTTraylor^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
"path"="C:\\Documents and Settings\\JerryTTraylor\\Start Menu\\Programs\\Startup\\PowerReg Scheduler.exe"
"backup"="C:\\WINDOWS\\pss\\PowerReg Scheduler.exeStartup"
"location"="Startup"
"command"="C:\\Documents and Settings\\JerryTTraylor\\Start Menu\\Programs\\Startup\\PowerReg Scheduler.exe"
"item"="PowerReg Scheduler"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADKQXDKR]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ADKQXDKR"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\ADKQXDKR.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hkcmd"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\hkcmd.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="igfxtray"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\igfxtray.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IOV]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IOV"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\IOV.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPInSightLAN 01]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IPClient"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Verizon Online\\DSL 4.0\\IP InSight\\IPClient.exe\" -l"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPInSightMonitor 01]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IPMon32"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Verizon Online\\DSL 4.0\\IP InSight\\IPMon32.exe\""
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KHost"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\kdx\\KHost.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MotiveSB"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\VERIZO~1\\SUPPOR~1\\SMARTB~1\\MotiveSB.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\qlanel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qlanel"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\qlanel.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RealPlay"
"hkey"="HKLM"
"command"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Trjscan"
"hkey"="HKLM"
"command"="C:\\Program Files\\Trojan Remover\\Trjscan.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherOnTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WeatherOnTray"
"hkey"="HKLM"
"command"="C:\\Program Files\\Hotbar\\bin\\4.4.6.0\\WeatherOnTray.exe"
"inimapping"="0"[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ypager"
"hkey"="HKCU"
"command"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"
"inimapping"="0"[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1097348540.jobCompletion time: 06-12-30 16:05:57.26
C:\ComboFix.txt ... 06-12-30 16:05
C:\ComboFix2.txt ... 06-12-29 16:13
C:\ComboFix3.txt ... 06-12-29 14:34
Hopefully my advice will help you...Please post back with your results....thanks
0
Before we get in to deep check for a realtime protection tool. I don't see any running but if Spybot's "tea timer" is running it can reinstall items that have been cleaned as any other real time protection can. Temporarily disable any of the following anti-spyware realtime protection programs that you may have Temporarily Disable Realtime Protection then try to delete the registry entry.
I have not ran across a quarantined file causing this but I suppose it could so empty any cleanup tool quarantine folders in Dr. Web Cureit, Trojan Remover, or any other ones.
I see you ran regscrubxp, would it not delete the key, it could be a permission problem? Have you tried booting into safe mode from both Administrator and Owner and deleting the keys from there?
0
Hi Jabuck,
I don't have any real-time scanners working now, I disabled Trojan Remover a few days ago. I don't use Tea Timer.
Yes, I did try removing in both normal and safe mode as administrator.Funny thing is, I just had the SP2 waiting to be downloaded ( the icon near the clock that says click here to install the up-dates.) I turned off automatically download updates for now notification.
I checked my add/remove and all the SP2 components are already installed?
I had SP2 installed via the MS disc Service Pack 2 for XP?
Hopefully my advice will help you...Please post back with your results....thanks
0
Some of the newer machines probably have xp sp2 installed already but will still need to be updated.
Did you try to remove it with the registry toll regscubxp?
0
Hi, no, I didn't remove it, it used to be XP Pro SP1 and I updated it to SP2.
RegScrubXP (as far as I know) just finds like missing files and such that don't exist and that's why I clean them out. That's the only feature I use on it.
Do you think that I should remove SP2 from my add/remove programs and then re-install it again from the updates? I'm a little confused at this minute.
Also in response #7 I had mentioned that the screen was washed out....what had happened was that it reverted out of the windows XP setting, so I reset it and that's fine.
Anything else we can try to get rid of altnet?
Thanks
Hopefully my advice will help you...Please post back with your results....thanks
0
Hmmmm....I didn't know there was an option on regscrubXp for removing certain keys?
Hopefully my advice will help you...Please post back with your results....thanks
0
I don't know either as I don't use that one.
Download and install registrar Lite. Free Trial at the bottom of the page.
Run it. Click the Search Menu item. In the "Text to Search for" box, type in altnet. In the "Search In" box, make sure Registry is selected from the drop down menu. Click the magnifying glass icon in the lower left corner to commence the search. Delete anything that is found by highligting it and pressing the red "X".
0
Hi, I tried the program as you said, but you have to purchase the software to access removal.
Hopefully my advice will help you...Please post back with your results....thanks
0
Hi everybody & a Happy New Year.
RegSeeker
http://www.hoverdesk.net/freeware.htm
RegSeeker is a perfect companion for your Windows registry!
RegSeeker includes a powerful registry cleaner and can display various informations like your startup entries, several histories (even index.dat files), installed applications and much more! With RegSeeker you can search for any item inside your registry, export/delete the results, open them in the registry. RegSeeker also includes a tweaks panel to optimize your OS! RegSeeker is FREE for personal use only! 95/98/NT4/ME/2000/XP/2003
My personal use, is to use it this way & delete only the Green entries.
1: Click on > Clean the registry.
2: Click on OK.
3: When searching is finished, click on > Select All & choose > Select all Green items.
4: Right click on any Green item & click on > Delete selected items.
RegSeeker is also very good for registry searching, click on > Find in registry, tick all the boxes in > Keys, put a word ( example altnet ) in > Search for: & click > Search. Now you have a list on one page, of all the registry entries for altnet.
0
Hi John, thanks for the link. I found all the altnet entries and deleted them, they came back on reboot? This is a stubborn one I'd say!
Hopefully my advice will help you...Please post back with your results....thanks
0
I just found this link on the net and will try to make the bootable CD
ftp://ftp.wizardnco.com/pub/Docs/RemoveAltnet/removealtnet.htm
I'll post back if it worksHopefully my advice will help you...Please post back with your results....thanks
0
Just downloaded the program as I thought my older version may be different. Added several new registy keys to my registry. And was able to delete them with no problem with the newer Registrar Lite.
It is a little different than the older versioin. Once you find the altnet keys copy or write them down x off of that screen. Then click the green cube to navigate to the keys>double click them to get them in the right pane then click to highlight>click the red X.
0
Hi Jabuck,
I did as you said and got to delete the keys, but the folders wouldn't delete (access denied) but when I rebooted, the entries were still in there? STUBBORN!!!Hopefully my advice will help you...Please post back with your results....thanks
0
How can I get rid of "Altnet"?
http://www.spywareremove.com/remove...
Your best defense to remove Altnet, or any other spyware, is to quickly detect and delete Altnet processes, registry keys, DLL files, and other hazardous Altnet files from your computer. Click here to manually uninstall Altnet using "Add/Remove Programs" in your PC.
Remove Altnet Manually
Note: This manual removal process is difficult and you run the risk of destroying your computer. We recommend that you use the automatic removal process.
Remove Altnet processes:
altnetuninstall.exe
adm.exe
setup.exe
adm4005.exe
asm.exe
asmend.exe
Remove Altnet registry values:
6ad2f325-2f86-473e-908f-9d4d30698a62
99A8E2B2-3405-4C0D-9110-131C14CAAF62
8B0FEF15-54DC-49F5-8377-8172DE975F75
1D3BCE37-7834-4579-8169-E67681420A98
DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2
C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D
3f4d4f88-0198-4921-b630-957f3eb814e0
3646C2BD-3554-49CA-8125-44DEEFB881DE
E813099D-5529-47F4-9B37-4AFAFCB00A43
9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8
bff4f684-677e-44f4-8c74-1d575c950e10
5830698f-7fc0-40cd-a453-9a0cafdf3a64
676f6d1d-c559-42a9-860b-27c1477b7179
Unregister Altnet DLL files:
adm25.dll
adm4.dll
admdata.dll
admdloader.dll
admfdi.dll
admprog.dll
atl.dll
Detect and Delete these Altnet files:
altnetuninstall.exe
adm.exe
setup.exe
adm4005.exe
asm.exe
asmend.exe
adm25.dll
adm4.dll
admdata.dll
admdloader.dll
admfdi.dll
admprog.dll
atl.dll
asmfiles.cab
dmfiles.cab
dminstall7.cab
mysearch.cab
peerpointsmanager.lnk
dmsetup.bmp
dmsetupbig.bmp
jslegals.txt
selectdir.txt
altnet.css
local_redeem.html
local_start.html
local_wallet.html
Our Recommendation:
To avoid the unnecessary risk of damaging your computer, we highly recommend you use a good spyware cleaner/remover to track Altnet and automatically find and remove other spyware, adware, trojans, and viruses in your PC.
Altnet Automatic Remover:
Download Altnet RemoverDownload Altnet remover software.
http://www.spywareremove.com/Spywar...
0
"Download Altnet RemoverDownload Altnet remover software.
http://www.spywareremove.com/Spywar...Just downloaded it & they recommend using because they get a sale.
Now you have all the file names, manual deletion with either RegSeeker or registrar Lite will be quite easy.
0
John, that was SpyHunter and you have to pay for the program to remove alnet
Hopefully my advice will help you...Please post back with your results....thanks
0
sorry John, I guess I was posting as you were. I already have the names of the files using registrar lite. I did some screenshots of them.
I haven't mastered making a BartPE boot disc...I can't get it to boot from the CD, I must be doing something wrong I guess using response #28
Hopefully my advice will help you...Please post back with your results....thanks
0
"I haven't mastered making a BartPE boot disc...I can't get it to boot from the CD, I must be doing something wrong I guess using response #28"
I had a look at that & that's why I did Response Number 31, just in case, you could'nt figure it out.
0
Response Number 31
Unregister Altnet DLL files:You may not know how to do the above, here is how.
Start > Run, copy & paste the info below, example
regsvr32 /u adm25.dll & hit Enter.
Now do the next dll in that group.
0
Thanks John, I could only find one file and I unregistered it.
I also did some searches on the numbered registry values and deleted the few I found. I rebooted and returned to regular mode and it was still there!!! What a hair-puller!Hopefully my advice will help you...Please post back with your results....thanks
0
Got to go out now XpUser4Real, are you copying & pasting everything ( particularly the registry entries ) into your searches. Doing that way, eliminates any typo's.
0
" I found all the altnet entries and deleted them, they came back on reboot?
Did you turn off system restore and try removing them in SAFE Mode?
Also have you tried MOVE ON BOOT" Please Post back to let us know if we helped "
0
Other posts say SuperShell is effective for this altnet
" Please Post back to let us know if we helped "
0
Hi, thanks Bob for the links. I finally made a Bart PE boot disc and it removed the Altnet folders...BUT, now I can't boot up back into windows in any mode. I think I can reverse the procedure. I'll post back.
Hopefully my advice will help you...Please post back with your results....thanks
0
Oh well, I finally gave up on this cleaning, so I decided to reformat and do a fresh install.
Thanks everyone for your help!
Happy HolidaysHopefully my advice will help you...Please post back with your results....thanks
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
