Ok here it goes. I have 2 problems.

1. Every now and then, about once every 2 mins, a blank website comes up with the address in the title bar,

"http://www.ad-w-a-r-e.com/callback_ron.php?GUID={C1000E9F-F9A1-4196-AB7C-7535D45CF487}&country=GB&type=".

There's nothing to it, just a blank webpage with that address in and this text (but changes everytime it seems),

"sendExternalEvent('EVENT:IEBROWSER:www.automotive.com/redir/newcar.asp?src_id=2193&kw_camp=ron');".

2. Ok this problem may be a bit simpler. When a non-existant url is entered, I get the Page Cannot Be Displayed page, but then it automatically jumps to "http://www.spotresults.com/dns.php?url=MYSITE".

How can I clean these as they are really irritating. I've done the usual Spybot, HJT and Ad-Aware but with to avail. I cannot seem to be able to get rid of these.

Does anyone have any bright ideas??

Thanks a lot in advance :)

Run HijackThis 1.98.2, make sure it's installed in your program files. Run it and post a log.

Also make sure you're fully up to date with Ad-Aware SE and Spybot S&D and download and install SpywareBlaster 3.2, if you haven't already got it.

Download and run CWShredder 1.59.1 too, if you haven't already used that.

See the iDiOt walk
See the idiot TaLk

WaLk IdIoT WaLk

Logfile of HijackThis v1.98.2
Scan saved at 11:39:53, on 11/10/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\MESSENGER PLUS! 3\MSGPLUS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PQSC\PROGRAM\SCTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\HPZTSB05.EXE
C:\PROGRAM FILES\THOMSON\SPEEDTOUCH USB\DRAGDIAG.EXE
C:\WINDOWS\UPDATETC.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\SONY CORPORATION\IMAGE TRANSFER\SONYTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache.btinternet.com:8080
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 ieautosearch
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SecondChance] C:\PQSC\PROGRAM\SCTRAY.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb05.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [tpcupdater] C:\WINDOWS\UPDATETC.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

I'm currently in the progress of doing the other things you said. Please bare with me.

Thanks for your help.

Nick

Ok, boot into safe mode and open up HJT and stick a checkmark next to these ...

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache.btinternet.com:8080

O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 ieautosearch

and remove.

Reboot machine. Problem should be gone. Post new log file, specifying that the problem has, or has not, been resolved.

Make sure you have spywareblaster 3.2 installed from now on. Keep everything up to date.

See the iDiOt walk
See the idiot TaLk

WaLk IdIoT WaLk

Ok here's the new log..The problems seems to have gone but 888.com pop up keeps appearing.

Logfile of HijackThis v1.98.2
Scan saved at 13:50:51, on 11/10/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SecondChance] C:\PQSC\PROGRAM\SCTRAY.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb05.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

Thanks a lot.
Nick

Ok, quickly boot back into safe mode and open HJT up save a log file, save it to the desktop.

Boot back into Windows and post that log file.

See the iDiOt walk
See the idiot TaLk

WaLk IdIoT WaLk

Ok here it is. By the way...problem number (1) and (2) still exist :( but the 888.com one has gone:)

Logfile of HijackThis v1.98.2
Scan saved at 22:54:24, on 11/10/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SecondChance] C:\PQSC\PROGRAM\SCTRAY.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb05.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

Thanks a lot:)

Nick

Then I suggest you do a full system online virus scan along with a Trojan scan. Because your log is clean and there's nothing left to remove ;)

I would seriously look at what you have installed on your computer too and fine tooth comb it using google. If you can't account for everything installed in add and remove programs and everything in your program files. Then you need to be asking questions about it.

Do all that first before you turn in one last log file.

See the iDiOt walk
See the idiot TaLk

WaLk IdIoT WaLk

One more thing you can try, let us know
if it helped.

VX2 Cleaner
an Ad-Aware add on

http://www.lavasoftusa.com/software/addons/vx2cleaner.shtml

:) LOL. D'ya know what ? I deliberatley left the VX2 Cleaner out of it because I just couldn't see any VX2 connection.

But Abnormals right. It's last chance saloon, so you might as well download and install it, but get it from the Lavasoft support forums, I know it's the latest and works properly with Ad-Aware SE 1.05.

There have been (were) reported problems between two versions of the VX2 plugins that were available from either site. The old plugin didn't play nice with the new Ad-Aware SE, consequently didn't work at all or failed to work correctly sommetimes.

Read the page too, tells you how to use.

Like I said, I know this one works properly from this link ...

Lavasoft support forums -- Add Ons -- VX2 Cleaner

See the iDiOt walk
See the idiot TaLk

WaLk IdIoT WaLk

Actually Nick, I can't remember if I made you install it the last time we went through this. So check you don't already have it. Look in the "Add-Ons" bit of the program.

See the iDiOt walk
See the idiot TaLk

WaLk IdIoT WaLk

Sorry, confession time. I did use it last time, but removed it :(( Sorry. I'll install it again. Do I need to keep it?

One small thing, when using ad-aware, it brings up this VX2 program as a problem? Why's this?

I ran VX2, rebooted, scanned computer, rebooted, scanned computer again and it found 71 critical objects (all except one - a hijacker - were VX2). Why is this. Should I just ignore the VX2 problems or are they not actually problems.

I've saved a log of the scan if you're interested. Here it is:

Ad-Aware SE Build 1.05
Logfile Created on:12 October 2004 11:21:55
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R11 07.10.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
180Solutions(TAC index:8):2 total references
Alexa(TAC index:5):1 total references
Hijacker.TopConverting(TAC index:5):9 total references
MRU List(TAC index:0):28 total references
NavExcel(TAC index:5):3 total references
Tracking Cookie(TAC index:3):4 total references
WinAD(TAC index:7):1 total references
VX2(TAC index:10):54 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

12-10-2004 11:21:55 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\10.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\10.0\common\open find\microsoft word\settings\new from existing document\file name mru
Description : list of "new from existing document" files used by microsoft word

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer

MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\10.0\common\general
Description : list of recently used symbols in microsoft office

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer

MRU List Object Recognized!
Location: : .DEFAULT\software\smartftp\connection data
Description : list of recently accessed servers using smartftp

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\10.0\clip organizer\search\last query
Description : last query in microsoft clip organizer

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : C:\WINDOWS\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [KERNEL32.DLL]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4291781175
Threads : 4
Priority : High
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright (C) Microsoft Corp. 1991-2000
OriginalFilename : KERNEL32.DLL

#:2 [MSGSRV32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294943959
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright (C) Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE

#:3 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294952155
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-2000
OriginalFilename : mmtask.tsk

#:4 [MPREXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294954727
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright (C) Microsoft Corp. 1993-2000
OriginalFilename : MPREXE.EXE

#:5 [MSTASK.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294852491
Threads : 2
Priority : Normal
FileVersion : 4.71.2721.1
ProductVersion : 4.71.2721.1
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 2000
OriginalFilename : mstask.exe

#:6 [MSGPLUS.EXE]
FilePath : C:\PROGRAM FILES\MESSENGER PLUS! 3\
ProcessID : 4294860767
Threads : 1
Priority : Normal

#:7 [SSDPSRV.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294840587
Threads : 5
Priority : Normal
FileVersion : 4.90.3003.0
ProductVersion : 4.90.3003.0
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : SSDP Service on Windows Millennium
InternalName : ssdpsrv.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : ssdpsrv.exe

#:8 [EXPLORER.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294840971
Threads : 18
Priority : Normal
FileVersion : 5.50.4134.100
ProductVersion : 5.50.4134.100
ProductName : Microsoft(R) Windows (R) 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : EXPLORER.EXE

#:9 [TASKMON.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294772371
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
LegalCopyright : Copyright (C) Microsoft Corp. 1998
OriginalFilename : TASKMON.EXE

#:10 [SYSTRAY.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294810391
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright (C) Microsoft Corp. 1993-2000
OriginalFilename : SYSTRAY.EXE

#:11 [SCTRAY.EXE]
FilePath : C:\PQSC\PROGRAM\
ProcessID : 4294719411
Threads : 2
Priority : Normal

#:12 [LOADQM.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294706819
Threads : 3
Priority : Normal
FileVersion : 5.4.1103.3
ProductVersion : 5.4.1103.3
ProductName : QMgr Loader
CompanyName : Microsoft Corporation
FileDescription : Microsoft QMgr
InternalName : LOADQM.EXE
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : LOADQM.EXE

#:13 [HPZTSB05.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294713851
Threads : 1
Priority : Normal
FileVersion : 2,121,0,0
ProductVersion : 2,121,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2002

#:14 [DRAGDIAG.EXE]
FilePath : C:\PROGRAM FILES\THOMSON\SPEEDTOUCH USB\
ProcessID : 4294717103
Threads : 2
Priority : Normal
FileVersion : 301.0.0.12
ProductVersion : 301.0.0.12
ProductName : SpeedTouch USB
CompanyName : THOMSON Telecom Belgium
FileDescription : SpeedTouch Statistics
LegalCopyright : Copyright© THOMSON Telecom Belgium 1999-2004
LegalTrademarks : SpeedTouch

#:15 [SPOOL32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294722623
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright (C) Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe

#:16 [WMIEXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294753143
Threads : 3
Priority : Normal
FileVersion : 4.90.2452.1
ProductVersion : 4.90.2452.1
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : wmiexe.exe

#:17 [SONYTRAY.EXE]
FilePath : C:\PROGRAM FILES\SONY CORPORATION\IMAGE TRANSFER\
ProcessID : 4294740647
Threads : 1
Priority : Normal

#:18 [MSNMSGR.EXE]
FilePath : C:\PROGRAM FILES\MSN MESSENGER\
ProcessID : 4294648623
Threads : 4
Priority : Normal
FileVersion : 6.2.0137
ProductVersion : Version 6.2
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:19 [STMGR.EXE]
FilePath : C:\WINDOWS\SYSTEM\RESTORE\
ProcessID : 4294692519
Threads : 4
Priority : Normal
FileVersion : 4.90.0.2533
ProductVersion : 4.90.0.2533
ProductName : Microsoft (r) PCHealth
CompanyName : Microsoft Corporation
FileDescription : Microsoft (R) PC State Manager
InternalName : StateMgr.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : StateMgr.exe

#:20 [AD-AWARE.EXE]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\
ProcessID : 4294780839
Threads : 2
Priority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hijacker.TopConverting Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting

Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : version

Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : partner

Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : id

Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : InstallDir

Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : updatetime

Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : tetris

NavExcel Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\navexcel

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 9
Objects found so far: 37

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@apmebf[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:default@apmebf.com/
Expires : 10-10-2009 22:46:38
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@versiontracker[1].txt
Category : Data Miner
Comment : Hits:29
Value : Cookie:default@versiontracker.com/
Expires : 12-10-2006 04:10:24
LastSync : Hits:29
UseCount : 0
Hits : 29

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 39

Deep scanning and examining files (c:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

VX2 Object Recognized!
Type : File
Data : HyTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : RvCLTS5.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IpSETUP.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : RiCLTC5.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : HwTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IyFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : UyBUI.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : CwDIAL32.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IiSETUP.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : Suntf16.dll
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IzFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : RjCLTC5.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : Stntf32.dll
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : Shntf32.dll
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IhFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IaFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : UvBUI.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IpFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IlSETUP.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : HkTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IdSETUP.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : HgTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : Srntf16.dll
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IxFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : HcTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IkSETUP.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : HpTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : Shntf16.dll
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : UbBUI.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IdFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

VX2 Object Recognized!
Type : File
Data : IlFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\

Object "mxTarget.dll" found in this archive.

VX2 Object Recognized!
Type : File
Data : mxTarget.cab
Category : Malware
Comment : Object "mxTarget.dll" found in this archive.
Object : c:\WINDOWS\TEMP\

VX2 Object Recognized!
Type : File
Data : mxTarget.dll
Category : Malware
Comment :
Object : c:\WINDOWS\TEMP\
FileVersion : 0, 2, 4, 39
ProductVersion : 0, 2, 4, 39
ProductName : mxtarget
CompanyName : MX-Targeting
FileDescription : www.mx-targeting.com
InternalName : mxtarget
LegalCopyright : Copyright © 2004
OriginalFilename : mxtarget.dll
Comments : www.mx-targeting.com

180Solutions Object Recognized!
Type : File
Data : Del5341.TMP
Category : Data Miner
Comment :
Object : c:\WINDOWS\TEMP\
FileVersion : 5, 12, 0, 13
ProductVersion : 5, 12, 0, 13
ProductName : Search Assistant
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
LegalCopyright : Copyright © 2004, 180solutions Inc.

Hijacker.TopConverting Object Recognized!
Type : File
Data : tcupdater[1].exe
Category : Malware
Comment :
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\CHKFIVST\
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : tpcupdater Application
FileDescription : tpcupdater MFC Application
InternalName : tpcupdater
LegalCopyright : Copyright (C) 2004
OriginalFilename : tpcupdater.EXE

180Solutions Object Recognized!
Type : File
Data : 180ax[1].exe
Category : Data Miner
Comment :
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\KBLBI6ZT\
FileVersion : 5, 12, 0, 13
ProductVersion : 5, 12, 0, 13
ProductName : Search Assistant
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
LegalCopyright : Copyright © 2004, 180solutions Inc.

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@apmebf[1].txt
Category : Data Miner
Comment :
Value : c:\WINDOWS\Cookies\default@apmebf[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@versiontracker[1].txt
Category : Data Miner
Comment :
Value : c:\WINDOWS\Cookies\default@versiontracker[1].txt

Hijacker.TopConverting Object Recognized!
Type : File
Data : updatetc.exe
Category : Malware
Comment :
Object : c:\WINDOWS\
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : tpcupdater Application
FileDescription : tpcupdater MFC Application
InternalName : tpcupdater
LegalCopyright : Copyright (C) 2004
OriginalFilename : tpcupdater.EXE

VX2 Object Recognized!
Type : File
Data : ROCLTS5.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : SXNTF32.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : IKSETUP.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : IMSETUP.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : SZNTF32.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : UGBUI.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : IEFRARED.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : RHCLTS5.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : RCCLTS5.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : IBSETUP.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : IFSETUP.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : HHTPLUG.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : RECLTS5.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : IGFRARED.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : UWBUI.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : IBFRARED.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : MFLOCUSR.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : UQBUI.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : HFTPLUG.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

VX2 Object Recognized!
Type : File
Data : MULOCUSR.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\

Object "W0107641.CPY" found in this archive.

WinAD Object Recognized!
Type : File
Data : FS261.CAB
Category : Data Miner
Comment : Object "W0107641.CPY" found in this archive.
Object : c:\_RESTORE\ARCHIVE\

VX2 Object Recognized!
Type : File
Data : 07AFA0.DAT
Category : Malware
Comment :
Object : c:\PQSC\CPS\000076\FILES\001\

Disk Scan Result for c:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 100

Scanning Hosts file......
Hosts file location:"C:\WINDOWS\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
13 entries scanned.
New critical objects:0
Objects found so far: 100

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

NavExcel Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\nhelper.dll

NavExcel Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\nhelper.dll
Value : AppID

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 102

11:24:49 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:02:54.10
Objects scanned:53613
Objects identified:74
Objects ignored:0
New critical objects:74

Thanks for your help :)
Nick

It also seems like the problems are gone..but it'll take a bit of time to confirm that of course. I'll keep you posted here.

Thanks for all your help.
Nick

Well that was the nature of the problem before wasn't it. Transient type problem. But that's the nature of spyware in general. Transient.

If you look back in this post. You resolved problems 1 & 2 but gained a pop up problem. next time you posted the orignal 1 & 2 were back and the pop up had gone.

It's very simple.

Disable system restore and run those online virus and trojan scans. Re-enable restore after.

Uninstall Ad-Aware SE Personal 1.05 reboot machine. Start again and re-install a new download.

Then, immediately after, install the VX2 Cleaner from that link I gave you in response # 9. Follow instructions for it.

When complete, and you see VX2 Cleaner installed in "Add-Ons" >> DON'T get CONFUSED by a RED CIRCLE with an X on it where it says >> VX2 Cleaner.

Highlight VX2 Cleaner by clicking on it and then click RUN TOOL.

Now UPDATE Ad-Aware SE 1.05. Now RUN the full Ad-Aware SE scan (not just running the VX2 Cleaner part of it, like I described).

**
DO NOT, I REPEAT, DO NOT post another Ad-Aware SE log file. >>>

At least till someone asks for one. :) :)

**

Your last HJT log file is clean, I'll be surprised if it doesn't stay that way. At least for the time being ;)

After you've done everything, run the machine and surf with it for 24 hours. Run Ad-Aware and Spybot again and all that should be there are cookies and minor s---.

Post back to this thread if you get anymore problems. Provided of course it hasn't dropped off to page 2.

See the iDiOt walk
See the idiot TaLk

WaLk IdIoT WaLk

Well it's definatly gone.

I haven't seen it....thank goodness.

Thanks for all your help people. It was the VX2 that eventually did it i think.

Many thanks!!

Nick

*whew* VERY GOOD gentlemen !! Had the same problems, and jumped right to the VX2 issue and things are back to normal. THANK YOU !!

VX2 Cleaner
an Ad-Aware add on

http://www.lavasoftusa.com/software/addons/vx2cleaner.shtml

Make sure you have the latest updated VX2 Cleaner along with ALL other updated Add-Ons for Ad-Aware SE that you install. ....

Lavasoft support forums >>> Lavasoft - Additional Tools, Add-ons and Language Files >>> Ad-Aware SE Add-ons.

You can get the direct downloads from there.

See the iDiOt walk
See the idiot TaLk

WaLk IdIoT WaLk

LMAO :)

The Lavasoft forums have been hijacked or they forgot to pay the bill by the looks of it !

I suggest you wait till normal service has been resumed. Or try the original Lavasoftusa link, if you can't wait.

I wouldn't bother clicking on the support forums link if I were you.

See the iDiOt walk
See the idiot TaLk

WaLk IdIoT WaLk

Lavasoft forums back up and running again. Add Ons available from the support forum.

All the Add ons from all the links are the current versions now.

So any VX2 Cleaner add on you get from Lavasoftusa, Lavasoft support forums, Majorgeeks or wherever should all carry the 1.03 version number.

See the iDiOt walk
See the idiot TaLk

WaLk IdIoT WaLk