Windows Support Forum

Ie And Ff Not Working, Traces Of Virtumonde And Ms Juan, Ms Tracker

Q: Ie And Ff Not Working, Traces Of Virtumonde And Ms Juan, Ms Tracker

Hi AllI have kaspersky IS installed with PC Tools Spyware doctor It reported quite many problems on latest scan alongwith one persistent problem of VirtuMonde trojan It has also added registry value MS Ff Ie Ms Juan, Not Working, Virtumonde Traces And And Tracker Of Ms JUAN and MS Track System under HKLM Software Microsoft I am unable to clean these registry problems whenever I manually delete them it reappears Following is the hijackthis log I shall also post combofix results once I am done with it TIAHIJACKTHISLogfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system csrss exeC WINDOWS system winlogon exeC Ie And Ff Not Working, Traces Of Virtumonde And Ms Juan, Ms Tracker WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files WIDCOMM Bluetooth Software bin btwdins exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS system spoolsv exeC Ie And Ff Not Working, Traces Of Virtumonde And Ms Juan, Ms Tracker Program Files Kaspersky Lab Kaspersky Internet Security avp exeC Program Files Spyware Doctor pctsAuxs exeC Program Files Spyware Doctor pctsSvc exeC Program Files Alcohol Soft Alcohol StarWind Ie And Ff Not Working, Traces Of Virtumonde And Ms Juan, Ms Tracker StarWindServiceAE exeC Program Files Hewlett-Packard Shared hpqwmiex exeC WINDOWS System alg exeC Program Files Spyware Doctor pctsTray exeC WINDOWS Explorer EXEC WINDOWS system ctfmon exeC Program Files Kaspersky Lab Kaspersky Internet Security avp exeC WINDOWS system Rundll exeC Program Files Microsoft ActiveSync wcescomm exeC Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeC PROGRA MICROS rapimgr exeC Program Files WIDCOMM Bluetooth Software BTTray exeC Program Files Hewlett-Packard Digital Imaging bin hpohmr exeC Program Files Hewlett-Packard Digital Imaging bin hpotdd exeC Program Files Synaptics SynTP SynTPEnh exeC WINDOWS System svchost exeC Documents and Settings Administrator Local Settings Application Data Google Chrome Application chrome exeC WINDOWS system wuauclt exeC Documents and Settings Administrator Local Settings Application Data Google Chrome Application chrome exeC Documents and Settings Administrator My Documents Software HijackThis HijackThis exeC WINDOWS system wbem wmiprvse exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL about blankR - HKCU Software Microsoft Internet Explorer Main Start Page about blankR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dllO - BHO no name - B D -CB - A - F A-AF ADA - no file O - BHO RealPlayer Download and Record Plugin for Internet Explorer - C E -B - BC - - C CA - C Program Files Real RealPlayer rpbrowserrecordplugin dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO no name - EA - F- A-A A- DF EB - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dllO - BHO no name - BCEFE B - C - DE -AA - CB C F D - no file O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dllO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - Toolbar Veoh Browser Plug-in - D - - -A B -AEFAF AB - C Program Files Veoh Networks Veoh Plugins reg VeohToolbar dllO - HKLM Run AVP quot C Program Files Kaspersky Lab Kaspersky Internet Security avp exe quot O - HKLM Run KernelFaultCheck systemroot system dumprep -kO - HKLM Run ISTray quot C Program Files Spyware Doctor pctsTray exe quot O - HKLM Run BMdfd Rundll exe quot C WINDOWS system wmlgqvnm dll quot sO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run H PC Connection Agent quot C Program Files Microsoft ActiveSync wcescomm exe quot O - HKCU Run swg C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeO - HKUS S- - - Run PcSync C Program Files Nokia Nokia PC Suite PcSync exe NoDialog User 'LOCAL SERVICE' O - HKUS S- - - RunOnce ShowDeskFix regsvr s n i u shell User 'LOCAL SERVICE' O - HKUS S- - - Run PcSync C Program Files Nokia Nokia PC Suite PcSync exe NoDialog User 'NETWORK SERVICE' O - HKUS S- - - RunOnce ShowDeskFix regsvr s n i u shell User 'NETWORK SERVICE' O - HKUS S- - - Run PcSync C Program Files Nokia Nokia PC Suite PcSync exe NoDialog User 'SYSTEM' O - HKUS S- - - RunOnce ShowDeskFix regsvr s n i u shell User 'SYSTEM' O - HKUS DEFAULT Run PcSync C Program Files Nokia Nokia PC Suite PcSync exe NoDialog User 'Default user' O - HKUS DEFAULT RunOnce ShowDeskFix regsvr s n i u shell User 'Default user' O - Startup SynTPEnh lnk C Program Files Synaptics SynTP SynTPEnh exeO - Global Startup Bluetooth lnk O - Global Startup hp psc series lnk O - Global Startup hpoddt exe lnk O - Extra context menu item amp Yahoo Search - file C Program Files Yahoo Common ycsrch htmO - Extra context menu item Add to Banner Ad Blocker - C Program Files Kaspersky Lab Kaspersky Internet Security ie banner deny htmO - Extra context menu item Convert link target to Adobe PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIECapture htmlO - Extra context menu item Convert link target to existing PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIEAppend htmlO - Extra context menu item Convert selected links to Adobe PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIECaptureSelLinks htmlO - Extra context menu item Convert selected links to existing PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIEAppendSelLinks htmlO - Extra context menu item Convert selection to Adobe PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIECapture htmlO - Extra context menu item Convert selection to existing PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIEAppend htmlO - Extra context menu item Convert to Adobe PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIECapture htmlO - Extra context menu item Convert to existing PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIEAppend htmlO - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra context menu item Send to amp Bluetooth Device - C Program Files WIDCOMM Bluetooth Software btsendto ie ctx htmO - Extra context menu item Yahoo amp Dictionary - file C Program Files Yahoo Common ycdict htmO - Extra context menu item Yahoo amp Maps - file C Program Files Yahoo Common ycmap htmO - Extra context menu item Yahoo amp SMS - file C Program Files Yahoo Common ycsms htmO - Extra button Web traffic protection statistics - F - A - D - CA -AA ACF ED E - C Program Files Kaspersky Lab Kaspersky Internet Security SCIEPlgn dllO - Extra button no name - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dllO - Extra 'Tools' menuitem Spybot - Search amp Destroy Configuration - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dllO - Extra button no name - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exeO - Extra 'Tools' menuitem xpsp res dll - - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exeO - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - Unknown file in Winsock LSP c windows system nwprovau dllO - Trusted Zone http mcafee comO - DPF CA FB - E E- B -BF - E A CAA CD Office Genuine Advantage Validation Tool - http go microsoft com fwlink linkid O - DPF - f - bb - d -fa d f a ab YInstStarter Class - C Program Files Yahoo Common yinsthelper dllO - DPF - E - C-A - B SysData Class - http ipgweb cce hp com rdqnbk downloads sysinfo cabO - DPF D F B - - D-A - D UnoCtrl Class - http messenger zone msn com EN-IN a-UNO GAME UNO cabO - DPF ED - B- DA -BF -BE C EC Windows Live Safety Center Base Module - http cdn scan onecare live com resource lscbase cabO - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http update microsoft com windowsupdate b O - DPF E A- D- EE - C-DC FA D FC MUWebControl Class - http update microsoft com microsoftupdat b O - DPF AB CE -AC F- F- -D ABCA EC Get ActiveX Control - https h www hp com ewfrf-JAVA Secur loadManager ocxO - DPF C F A B-B B - A -B - EE B MessengerStatsClient Class - http messenger zone msn com binary Messe nt cab cabO - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http fpdownload macromedia com get shoc ash swflash cabO - Protocol grooveLocalGWS - FED C-F CA- -A - CB B CD - C PROGRA MICROS Office GR D DLLO - AppInit DLLs C PROGRA KASPER KASPER mzvkbd dll C PROGRA KASPER KASPER mzvkbd dll C PROGRA KASPER KASPER adialhk dll C PROGRA KASPER KASPER kloehk dll ubntnt dll zpgzcn dllO - Winlogon Notify geBuVMcc - geBuVMcc dll file missing O - Winlogon Notify iifecaBT - iifecaBT dll file missing O - Service Kaspersky Internet Security AVP - Kaspersky Lab - C Program Files Kaspersky Lab Kaspersky Internet Security avp exeO - Service Symantec pcAnywhere Gateway Service AWGateway - Symantec Corporation - C Program Files Symantec pcAnywhere Gateway AWGateway exeO - Service Symantec pcAnywhere Host Service awhost - Symantec Corporation - C Program Files Symantec pcAnywhere awhost exeO - Service Bluetooth Service btwdins - Broadcom Corporation - C Program Files WIDCOMM Bluetooth Software bin btwdins exeO - Service Google Update Service gupdate c f d c gupdate c f d c - Google Inc - C Program Files Google Update GoogleUpdate exeO - Service Google Updater Service gusvc - Google - C Program Files Google Common Google Updater GoogleUpdaterService exeO - Service GVWJMUCTX - Unknown owner - C DOCUME ADMINI LOCALS Temp GVWJMUCTX exe file missing O - Service hpqwmiex - Hewlett-Packard Development Company L P - C Program Files Hewlett-Packard Shared hpqwmiex exeO - Service InstallDriver Table Manager IDriverT - Macrovision Corporation - C Program Files Common Files InstallShield Driver Intel IDriverT exeO - Service LiveUpdate - Symantec Corporation - C PROGRA Symantec LIVEUP LUCOMS EXEO - Service Pml Driver HPZ - HP - C WINDOWS system HPZipm exeO - Service Intuit QuickBooks FCS QBFCService - Intuit Inc - C Program Files Common Files Intuit QuickBooks FCS Intuit QuickBooks FCS exeO - Service PC Tools Auxiliary Service sdAuxService - PC Tools - C Program Files Spyware Doctor pctsAuxs exeO - Service PC Tools Security Service sdCoreService - PC Tools - C Program Files Spyware Doctor pctsSvc exeO - Service StarWind AE Service StarWindServiceAE - Rocket Division Software - C Program Files Alcohol Soft Alcohol StarWind StarWindServiceAE exe--End of file - bytes

Relevancy 100%
Preferred Solution: Ie And Ff Not Working, Traces Of Virtumonde And Ms Juan, Ms Tracker

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Ie And Ff Not Working, Traces Of Virtumonde And Ms Juan, Ms Tracker

HiFirst please uninstall KASPERSKY & see if the problems with IE & FF persist ?Post a new hijackthis log with KASPERSKY uninstalled ...THEN ...Please run a Kaspersky Online Scan Please do an online scan with Kaspersky WebScanner Click on Kaspersky Online Scanner Click AcceptYou will be promted to install an ActiveX component from Kaspersky, Click Yes. The program will launch and then begin downloading the latest definition files: Once the files have been downloaded click on NEXT Now click on Scan Settings In the scan settings make sure that the following are selected: Scan using the following Anti-Virus database: Extended (if available otherwise Standard)
Scan Options: Scan Archives Scan Mail BasesClick OK Now under select a target to scan: Select My ComputerThe program will start and scan your system. The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected. Now click on the Save as Text button:Once finished, save the log to your Desktop as filename KAV.txtTHEN ...Please Download Malwarebytes' Anti-Malware from Here :-http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.htmlor here :-http://www.besttechie.net/tools/mbam-setup.exeDouble Click mbam-setup.exe to install the application.* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.* If an update is found, it will download and install the latest version.* Once the program has loaded, select "Perform Quick Scan", then click Scan.* The scan may take some time to finish,so please be patient.* When the scan is complete, click OK, then Show Results to view the results.* Make sure that everything is checked, and click Remove Selected.* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.* Copy and Paste the entire report in your next reply.THEN ...Please follow these directions to run Combofix & post a log.http://www.bleepingcomputer.com/combofix/how-to-use-combofixsteam

http://www.bleepingcomputer.com/forums/t/169769/ie-and-ff-not-working-traces-of-virtumonde-and-ms-juan-ms-tracker/
Relevancy 82.99%

I seem to have the MS Juan and MS Tracker amongst other things going on with my machine since yesterday. I have since ran malwarebytes, ad aware and spybot. They all find and kill stuff but I am still getting trojan popups from Avast, as well as returning ms juan and tracker in malwarebytes.

This is the first time this has happened to me and I am unsure of what to do next to try to clean my machine up, any help would be greatly appreciated. I can post logs of my previous scans if you wish.

Thank you.

A:MS Juan, MS Tracker and more...

Here was my first scan last night
Malwarebytes' Anti-Malware 1.33
Database version: 1656
Windows 5.1.2600 Service Pack 3

1/15/2009 8:32:34 PM
mbam-log-2009-01-15 (20-32-34).txt

Scan type: Full Scan (C:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Objects scanned: 214716
Time elapsed: 1 hour(s), 3 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 13
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 10

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
E:\WINDOWS\system32\geBrOedb.dll (Trojan.Vundo.H) -> Delete on reboot.
E:\WINDOWS\system32\qvorpbdt.dll (Trojan.Vundo.H) -> Delete on reboot.
E:\WINDOWS\system32\khfCvUnO.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3eb56daa-bd88-46ee-80c8-0bca5d5d6455} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3eb56daa-bd88-46ee-80c8-0bca5d5d6455} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3eb56daa-bd88-46ee-80c8-0bca5d5d6455} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\khfcvuno (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: e:\windows\system32\gebroedb -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: e:\windows\system32\gebroedb -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
E:\WINDOWS\system32\geBrOedb.dll (Trojan.Vundo.H) -> Delete on reboot.
E:\WINDOWS\system32\bdeOrBeg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\bdeOrBeg.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\qvorpbdt.dll (Trojan.Vundo.H) -> Delete on reboot.
E:\WINDOWS\system32 ... Read more

http://www.bleepingcomputer.com/forums/t/195711/ms-juan-ms-tracker-and-more/
Relevancy 79.55%

Okay this is really really annoying I can't seem to track the root cause of the infection and it keeps coming back after restart or on invocation of IE even though MBAM reports successful removal Any help greatly appreciated Logs from HJT and MBAM attached Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS Juan/MS Tracker Vundo/MS resistant infection Highly System svchost exeC Program Files Lavasoft Highly resistant Vundo/MS Juan/MS Tracker infection Ad-Aware aawservice exeC WINDOWS system spoolsv exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Symantec LiveUpdate ALUSchedulerSvc exeC Program Files Kaspersky Lab Kaspersky Anti-Virus avp exeC Program Files Bonjour mDNSResponder exeC Program Files Google Common Google Highly resistant Vundo/MS Juan/MS Tracker infection Updater GoogleUpdaterService exeC Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PIFSvc exeC WINDOWS System svchost exeC Program Files Norton Highly resistant Vundo/MS Juan/MS Tracker infection Ghost Agent VProSvc exeC WINDOWS system nvsvc exeC WINDOWS System svchost exeC WINDOWS system PSIService exeC WINDOWS system svchost exeC WINDOWS system dllhost exeC WINDOWS system dllhost exeC Program Files Norton Ghost Shared Drivers SymSnapService exeC WINDOWS Explorer EXEC WINDOWS RTHDCPL EXEC Program Files ASUS EPU- Engine FourEngine exeC Program Files ASUS Ai Suite AiNap AiNap exeC Program Files Common Files Ulead Systems AutoDetector monitor exeC Program Files Norton Ghost Agent VProTray exeC Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PIFSvc exeC Program Files Microsoft Office Office GrooveMonitor exeC Program Files HP ToolBoxFX bin HPTLBXFX exeC WINDOWS System spool DRIVERS W X E S I H EXEC WINDOWS System spool DRIVERS W X E S I H EXEC Program Files Corel Corel MediaOne CorelIOMonitor exeC Program Files HP HP Software Update HPWuSchd exeC WINDOWS system RUNDLL EXEC Program Files iTunes iTunesHelper exeC Program Files Kaspersky Lab Kaspersky Anti-Virus avp exeC Program Files Zamaan's Software Browser Hijack Retaliator BHR exeC WINDOWS system ctfmon exeC Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeC Program Files Skype Phone Skype exeC Program Files Windows Live Messenger MsnMsgr ExeC Program Files Microsoft ActiveSync Wcescomm exeC Program Files SUPERAntiSpyware SUPERAntiSpyware exeC Program Files Spybot - Search amp Destroy TeaTimer exeC PROGRA MI AA rapimgr exeC Program Files WinTV Ir exeC Program Files WinZip WZQKPICK EXEC Program Files iPod bin iPodService exeC Program Files Yahoo Messenger ymsgr tray exeC Program Files Belkin Network USB Hub Control Center Connect exeC Program Files MagicDisc MagicDisc exeC Program Files Mozilla Firefox firefox exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www ulead com tw uleadAP push dopus amp TYPE R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO fbb f - d - b-ffd - c ac e - e ca - c - dff-b - d f bbf - C WINDOWS system nccmat dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dllO - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dllO - Toolbar amp Google - C B - - d - B - A CD F - c progr... Read more

A:Highly resistant Vundo/MS Juan/MS Tracker infection

I ran a full rather than quick scan using MBAM below is the log...

Malwarebytes' Anti-Malware 1.30
Database version: 1373
Windows 5.1.2600 Service Pack 3

08/11/2008 20:59:54
mbam-log-2008-11-08 (20-59-54).txt

Scan type: Full Scan (C:\|)
Objects scanned: 156629
Time elapsed: 36 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\System Volume Information\_restore{8D06E455-D60E-403F-A815-2D6313C268D7}\RP61\A0015442.dll (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.

http://www.bleepingcomputer.com/forums/t/178713/highly-resistant-vundoms-juanms-tracker-infection/
Relevancy 67.51%

I m very new to computer cleaning but with the help of forums and freeware I recently cleaned my friend s computer of a nasty Virtumonde Vundo virus The major mistake I made was using a flash drive to transfer the malware programs from my computer to his and then briefly plugging it back into mine While I do keep my protection up to date I am worried that my system may have been infected anyway because since I did the removal I ve noticed several new nuisances that have never happened before Ad-Aware has randomly began running at a high rate pushing my CPU usage up to - times in the past month I have been unable to delete some files causing the system to hang until I reboot Starting up the computer now takes - times longer than it did before And in a recent development I had several Google results redirect me to a quot System Scan quot which of course claimed to have found a ton of trojans viruses and malware on my computer I ve run AVG Ad-Aware Spybot and Malwarebytes without any real success and I also keep SpywareBlaster up to date It s very possible that the new problems I m having have nothing to do with my friend s virus but either way is there anything that sticks out in my HJT log I appreciate ANY and ALL advice help This forum is a godsend thank you all Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C Windows system Dwm exeC Windows system taskeng exeC Program Files Motorola SMSERIAL sm hlpr exeC Program Files Synaptics SynTP SynTPEnh exeC Windows RtHDVCpl exeC Program Files Intel Intel Matrix Storage Manager IAAnotif exeC Program Files HP QuickPlay QPService exeC Program Files Hewlett-Packard HP Quick Launch Buttons QLBCTRL exeC Program Files Hewlett-Packard HP Wireless Assistant HPWAMain exeC Program Files Hewlett-Packard HP Wireless Assistant WiFiMsg exeC Program Files HP HP Software Update hpwuSchd exeC Windows System rundll exeC Program Files AVG AVG avgtray exeC Program Files iTunes iTunesHelper exeC Program Files Java jre bin jusched exeC Windows ehome ehtray exeC Program Files Spybot - Search amp Destroy TeaTimer Virtumonde traces? exeC Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeC Program Files Windows Media Player wmpnscfg exeC Windows ehome ehmsas exeC Windows System rundll exeC Users PatAndNikki AppData Local Google Update GoogleCrashHandler exeC Program Files Hewlett-Packard Shared Virtumonde traces? HpqToaster exeC Windows system DllHost exeC Windows explorer exeC Program Files Lavasoft Ad-Aware AAWTray exeC Windows Explorer exeC Users PatAndNikki AppData Local Google Update GoogleUpdate exeC Users PatAndNikki AppData Local Google Chrome Application chrome exeC Users PatAndNikki AppData Local Google Chrome Application chrome exeC Users PatAndNikki AppData Local Google Chrome Application chrome exeC Windows Virtumonde traces? system SearchFilterHost exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Virtumonde traces? Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE a n amp pf laptopR - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TYPE a n amp pf laptopR - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localR - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhostO - BHO no name - D -C F - efb- B - ECA - no file O - BHO AcroI... Read more

A:Virtumonde traces?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREAndPlease download DeFogger to your desktop.Double click DeFogger to run the tool. The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OK DeFogger will now ask to reboot the machine - click OKIMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.ThenPlease download GMER from one of the following locations and save it to your desktop:Main MirrorThis version will download a randomly named file (Recommended)Zipped MirrorThis version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and re-enable all active protection when done.-- If you encounter any problems, try running GMER in Safe Mode.

http://www.bleepingcomputer.com/forums/t/298677/virtumonde-traces/
Relevancy 66.65%

Note I've ran Ad-aware spybot CCleaner Avast SuperANTISPyware Malwarebytes' Anti-maleware CompFix MGTools Juan / remove Virtumonde MS Help and Hijackthis First of all this is what I can't remove Adware Vundo Variant Rel HKLM SOFTWARE Microsoft MS Juan HKLM SOFTWARE Microsoft MS Juan DJZERO HKLM SOFTWARE Microsoft MS Juan JKWL HKLM SOFTWARE Microsoft MS Juan metajuan HKLM SOFTWARE Microsoft MS Juan meta mg HKLM SOFTWARE Microsoft MS Juan profiling HKLM SOFTWARE Microsoft MS Juan superjuan HKLM SOFTWARE Microsoft MS Juan TrackDJuanHere is the HiJacklog Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Safe mode with network supportRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS Help remove MS Juan / Virtumonde system services exeC WINDOWS system lsass exeC WINDOWS system Help remove MS Juan / Virtumonde svchost exeC WINDOWS System svchost exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS Explorer EXEC Program Files SUPERAntiSpyware f f d -fd - - - b c exeC WINDOWS system ctfmon exeC Program Files Malwarebytes' Anti-Malware mbam exeC windows-kb -v exez cb fcb f mrtstub exeC WINDOWS system MRT exeC HiJackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www hcmc netnam vn weblh andi ndc htmR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Connection Wizard ShellNext http google com O - BHO no name - D -C F - efb- B - ECA - no file O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dllO - Toolbar Veoh Browser Plug-in - D - - -A B -AEFAF AB - D Program Files Veoh Plugins reg VeohToolbar dllO - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dllO - Toolbar Contribute Toolbar - BDDE -E A - -B E- B B FC - C Program Files Adobe Adobe Contribute CS contributeieplugin dllO - HKLM Run MSConfig C WINDOWS PCHealth HelpCtr Binaries MSConfig exe autoO - HKLM Run WinVNC quot C Program Files UltraVNC winvnc exe quot -servicehelperO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartupO - HKLM Run avast C PROGRA ALWILS Avast ashDisp exeO - HKLM Run nwiz nwiz exe installO - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInitO - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottimeO - HKLM Run WinampAgent quot D Program Files Winamp winampa exe quot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run IndxStoreSvr E - C C- d f- C - D A B AA quot C Program Files Common Files Nero Lib NMIndexStoreSvr exe quot ASO- B - DAE- -A F- A E O - HKCU Run SUPERAntiSpyware C Program Files SUPERAntiSpyware SUPERAntiSpyware exeO - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dllO - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dllO - Extra button Send to OneNote - A- - f c- - EE C C - C PROGRA MICROS Office ONBttnIE dllO - Extra 'Tools' menuitem S amp end to OneNote - A- - f c- - EE C C - C PROGRA MICROS Office ONBttnIE dllO - Extra button PokerStars - AD F C-ED - e -B D - B F A EF - C Program Files PokerStars PokerStarsUpdate exeO - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS Office REFIEBAR DLLO - Extra button AIM - AC E - - d -BC D- B D A DE - C Program Files AIM aim exeO - Extra button no name - DFB A - F - C -A - CAB FD A - C Program Files Spybot - Search amp Destroy SDHelper dllO - Extra 'Tools' menuitem Spybot - Search amp amp ... Read more

A:Help remove MS Juan / Virtumonde

Wow this is a popular malware this week

http://www.bleepingcomputer.com/forums/t/187113/help-remove-ms-juan-virtumonde/
Relevancy 66.65%

Somehow picked up a lovely virtumonde virus yesterday, have tried everything to get rid of it but its just not going away!!
Malwarebytes scan picks up the same to infections everytime (MS Juan and MS Track in registry) but delete/quarantine won't get rid of them they just come back in the next scan. Any suggestions?? HJL ATTACHED

A:Virtumonde - MS Juan and MS Track

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERER,K

http://www.bleepingcomputer.com/forums/t/191459/virtumonde-ms-juan-and-ms-track/
Relevancy 66.65%

Keep getting popups and the viruses keep coming back no matter how many times I remove them using avg ad-aware DDS Ver - - - NTFSx Run by daveyjones at on Mon Internet Explorer Microsoft Windows XP Professional GMT - AV AVG On-access scanning enabled Updated Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA Grisoft AVG avgamsvr exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C PROGRA Grisoft AVG avgcc exe C Program Files iTunes iTunesHelper exe C PROGRA Grisoft AVG avgupsvc exe C PROGRA Grisoft AVG avgemc exe C WINDOWS / / juan fakealert ms Virtumonde system svchost exe -k imgsvc C Program Files Viewpoint Common ViewpointService exe C U S R TurboGWLAN USRWLANG exe C WINDOWS System wltrysvc exe C WINDOWS System bcmwltry exe C Program Files iPod bin iPodService exe C WINDOWS System svchost exe -k HTTPFilter C Program Files Viewpoint Viewpoint Manager ViewMgr exe C WINDOWS system rundll exe C Program Files Mozilla Firefox firefox exe C Documents and Settings daveyjones Desktop dds scr Pseudo HJT Report uStart Page hxxp www google com BHO b c-ec - c - -d ed aeb acb - c windows system nnnkJCTJ dll BHO SSVHelper Class bb-d f - c-b eb-d daf d d - c program files java jre bin ssv dll BHO Windows Virtumonde / ms juan / fakealert Live Sign-in Helper d - c - abf- ecc- c - c program files common files microsoft shared windows live WindowsLiveLogin dll BHO Windows Live Toolbar Helper bdbd dad-c - a -adc - b b ff d - c program files windows live toolbar msntb dll BHO NoExplorer - No File BHO b d c f - a - dbb-ce - c e e -c - ec-bbd - a f c d b - c windows system zdtfbj dll TB Adobe PDF -d c - - fa - e eaac - e progs adobe adobe acrobat acrobat AcroIEFavClient dll TB Windows Live Toolbar bdad dad-c - a -adc - b b ff d - c program files windows live toolbar msntb dll EB Adobe PDF ec be- - c -a -beb d a b - e progs adobe adobe acrobat acrobat AcroIEFavClient dll uRun STYLEXP c program files tgtsoft stylexp StyleXP exe -Hide mRun ATIModeChange Ati mdxx exe mRun ATIPTA c program files ati technologies ati control panel atiptaxx exe mRun SynTPLpr c program files synaptics syntp SynTPLpr exe mRun SynTPEnh c program files synaptics syntp SynTPEnh exe mRun AVG CC c progra grisoft avg avgcc exe STARTUP mRun QuickTime Task quot c program files quicktime QTTask exe quot -atboottime mRun iTunesHelper quot c program files itunes iTunesHelper exe quot dRun AVG Run c progra grisoft avg avgw exe RUNONCE StartupFolder c docume alluse startm programs startup usrobo lnk - c u s r turbogwlan USRWLANG exe IE Convert link target to Adobe PDF - e progs adobe adobe acrobat acrobat AcroIEFavClient dll AcroIECapture html IE Convert link target to existing PDF - e progs adobe adobe acrobat acrobat AcroIEFavClient dll AcroIEAppend html IE Convert selected links to Adobe PDF - e progs adobe adobe acrobat acrobat AcroIEFavClient dll AcroIECaptureSelLinks html IE Convert selected links to existing PDF - e progs adobe adobe acrobat acrobat AcroIEFavClient dll AcroIEAppendSelLinks html IE Convert selection to Adobe PDF - e progs adobe adobe acrobat acrobat AcroIEFavClient dll AcroIECapture html IE Convert selection to existing PDF - e progs adobe adobe acrobat acrobat AcroIEFavClient dll AcroIEAppend html IE Convert to Adobe PDF - e progs adobe adobe acrobat acrobat AcroIEFavClient dll AcroIECapture html IE Convert to existing PDF - e progs adobe adobe acrobat acrobat AcroIEFavClient dll AcroIEAppend html IE AC E - - d -BC D- B D A DE - c program files aim aim exe IE B FE D - AA - F - C B- A F E - e partygaming partypoker RunApp exe IE FB F -F - d -BB E- C F - c program files messenger ms... Read more

A:Virtumonde / ms juan / fakealert

Please download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.NEXTPlease download RSIT by random/random and save it to your Desktop.Double click on RSIT.exe to run RSITBefore you click "Continue", make sure you change the List files/folders created or modified in the last 3 monthsClick Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.NEXTPlease download GMER and unzip it to your Desktop.Open the program and click on the Rootkit tab.Make sure all the boxes on the right of the screen are checked, EXCEPT for ?Show All?.Click on Scan.When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.Post me these logs in your next reply.. Post each log in separate post..1. Malwarebytes'2. RSIT log.txt3. RSIT info.txt4. Attach GMER result..

http://www.bleepingcomputer.com/forums/t/194734/virtumonde-ms-juan-fakealert/
Relevancy 66.65%

For a couple of weeks my computer has been suffering from a bad case of adware that's been clogging up my memory I went through Virtumonde Be Gone trying remedy to remedy and I have followed the steps And I'm Trojan.juan.h, Virtumonde, More Sure. suggested and had to use the beta of Safari for Trojan.juan.h, Virtumonde, And More I'm Sure. Windows by Apple to escape the pop-ups Here's the HJT log Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS Explorer Trojan.juan.h, Virtumonde, And More I'm Sure. EXEC WINDOWS system LEXBCES EXEC WINDOWS system LEXPPS EXEC WINDOWS system spoolsv exeC Program Files Adaptec Easy CD Creator DirectCD DirectCD exeC Program Files Analog Devices Core smax pnp exeC Program Files Common Files Real Update OB realsched exeC Program Files Java jre bin jusched exeC Trojan.juan.h, Virtumonde, And More I'm Sure. Program Files iTunes iTunesHelper exeC PROGRA Softwin BITDEF bdmcon exeC Program Files Softwin BitDefender bdagent exeC WINDOWS system RUNDLL EXEC Program Files Messenger MSMSGS EXEC WINDOWS system ctfmon exeC Program Files Java jre bin jucheck exeC Program Files Palm Hotsync exeC Program Files Last fm LastFMHelper exeC Program Files Lavasoft Ad-Aware aawservice exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Bonjour mDNSResponder exeC WINDOWS system ubsrtovc exeC WINDOWS System nvsvc exeC PROGRA SPEEDB VideoAcceleratorEngine exeC Program Files Common Files Softwin BitDefender Communicator xcommsvr exeC Program Files Common Files Softwin BitDefender Scan Server bdss exeC Program Files Common Files Softwin BitDefender Update Service livesrv exeC PROGRA SPEEDB VideoAccelerator exeC Program Files Softwin BitDefender vsserv exeC Program Files iPod bin iPodService exeC Program Files Safari Safari exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no name - - - C- B-A F AB - C Program Files Online Services mexobakit dll file missing O - BHO no name - F D -AA - b -A F - C B F - C WINDOWS system qklbvmtq dllO - BHO no name - E D C - F - c -B - B F BC A F - C Program Files Outerinfo Outerinfo dll file missing O - BHO no name - CFF-B - EF -A -DB F CB - O - BHO no name - B F - D E- F -BA D-D DB C - C Program Files Online Services mexobakit dll file missing O - HKLM Run AdaptecDirectCD quot C Program Files Adaptec Easy CD Creator DirectCD DirectCD exe quot O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartupO - HKLM Run nwiz nwiz exe installO - HKLM Run AOLDialer C Program Files Common Files AOL ACS AOLDial exeO - HKLM Run SoundMAXPnP C Program Files Analog Devices Core smax pnp exeO - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osbootO - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exeO - HKLM Run wbofblcA C WINDOWS wbofblcA exeO - HKLM Run - - - F-ZN C windows system mkdsregj exe SKY O - HKLM Run icq com rundll exe quot C WINDOWS system kfxbvime dll quot forkonceO - HKLM Run Qui... Read more

A:Trojan.juan.h, Virtumonde, And More I'm Sure.

Hello tekken5guy,Open HijackThis, click Config, click Misc ToolsClick "Open Uninstall Manager"Click "Save List" (generates uninstall_list.txt)Click Save, copy and paste the results in your next post.Please download Combofix to your desktop.Doubleclick combo.exe to launch the application.Follow the prompts that will be displayed on the screen.Don't click on the window while the fix is running, because that will cause your system to hang.When finished, it should produce a log, combofix.txt.Post this log in your next reply together with a new hijackthislog.

http://www.bleepingcomputer.com/forums/t/100814/trojanjuanh-virtumonde-and-more-im-sure/
Relevancy 66.65%

I've been working on cleaning up my computer for at least the past four days and Spyware Doctor and other scanners still see traces Background Computer and especially IE was running very slowly and popups occured Many steps have been taken until now and I'll try to summarize Frustrated with Norton Anti-Virus which detected nothing I uninstalled it and installed AVG Free I also downloaded and ran both Ad-Aware and Spybot S amp D After multiple times scanning cleaning and rebooting Spybot would still detect Virtumonde dll From there I downloaded HijackThis and RegCleaner With those programs and by using Windows's Add Remove Programs I trimmed down as many unnecessary programs and startup files as I could recognize I googled HijackThis lines and removed missing files and lines that were found to be harmful by forums such as this one After that all scanning methods were run again and the computer seemed to become considerably more stable However when I scan with AVG it usually finds over warnings adware and I have observed quot MS Juan quot in Virtumonde, Juan, And Friends Ms certain lines I am pleased so far and now I am interested in Virtumonde, Ms Juan, And Friends really getting my computer to be as clean as possible and keeping it that way ie fewer startup processes and regular system scans and Virtumonde, Ms Juan, And Friends spyware checks I just looked over Buckeye Sam's response to someone else's MS Juan infection and will follow those same Virtumonde, Ms Juan, And Friends steps to finalize and clean the system ie OTMoveIt Disable Enable System Restore and installing Spyware Blaster I am currently running Kaspersky's Online Scanner and will shorty run the DSS Thank you in advance to all those who have helped others with their obviously frustrating problems they and I definitely appreciate all the knowledable advice time and dedication to being helpful computer dudes

A:Virtumonde, Ms Juan, And Friends

Since last post:Have run combofix two times (first time the computer restarted during the process).Will now provide Kaspersky log results as well as both DSS logs. HijackThis log is available on request, as well as ComboFix log.--------------------------------------------------------------------------------KASPERSKY ONLINE SCANNER 7 REPORT Tuesday, June 24, 2008 Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Wednesday, June 25, 2008 02:06:06 Records in database: 881648--------------------------------------------------------------------------------Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yesScan area - Critical Areas: C:\Documents and Settings\All Users\Start Menu\Programs\Startup C:\Documents and Settings\Owner\Start Menu\Programs\Startup C:\Program Files C:\WINDOWSScan statistics: Files scanned: 61271 Threat name: 3 Infected objects: 5 Suspicious objects: 0 Duration of the scan: 01:11:45File name / Threat name / Threats countC:\Program Files\HijackThis\backups\backup-20080621-230425-319.dll Infected: Trojan.Win32.Monder.zi 1C:\WINDOWS\system32\hxrmvxte.dll Infected: Trojan.Win32.Monder.zi 1C:\WINDOWS\system32\lmvylije.dll Infected: Trojan.Win32.Monder.zb 1C:\WINDOWS\system32\xsetfaqa.dll Infected: Trojan.Win32.Monder.zb 1C:\WINDOWS\system32\yrahehiq.dll Infected: Trojan.Win32.Monder.zg 1The selected area was scanned.Deckard's System Scanner v20071014.68Run by Owner on 2008-06-24 21:33:11Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --127: 2008-06-25 04:33:48 UTC - RP1049 - Deckard's System Scanner Restore Point126: 2008-06-25 02:37:51 UTC - RP1048 - Installed Java™ 6 Update 6125: 2008-06-25 00:05:09 UTC - RP1047 - ComboFix created restore point124: 2008-06-24 16:34:09 UTC - RP1046 - Spyware Doctor: Cleaning Threats123: 2008-06-24 07:24:37 UTC - RP1045 - Configured Quicken 2003 New User Edition-- First Restore Point -- 1: 2008-06-17 01:44:06 UTC - RP923 - System CheckpointBacked up registry hives.Performed disk cleanup.-- HijackThis (run as Owner.exe) -----------------------------------------------Unable to find log (file not found); running clone.-- HijackThis Clone ------------------------------------------------------------Emulating logfile of Trend Micro HijackThis v2.0.2Scan saved at 2008-06-24 21:35:31Platform: Windows XP Service Pack 2 (5.01.2600)MSIE: Internet Explorer (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\system32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Microsoft LifeCam\MSCamS32.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exeC:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exeC:\Program Files\Canon\CAL\CALMAIN.exeC:\WINDOWS\system\... Read more

http://www.bleepingcomputer.com/forums/t/154130/virtumonde-ms-juan-and-friends/
Relevancy 66.65%

I've tried all the program listed but it seems to reboot itself once firefox or ie is open Please help ThanksHere's my hijack log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning MS Trojan.Virtumonde Juan / processes C WINDOWS System smss exeC WINDOWS system csrss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Intel Wireless Bin EvtEng exeC Program Files Intel Wireless Bin S EvMon exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS system spoolsv exeC WINDOWS Explorer EXEC Program Files Bonjour mDNSResponder exeC Program Files WIDCOMM Bluetooth Software bin btwdins Trojan.Virtumonde / MS Juan exeC Program Files Microsoft SQL Server MSSQL VAIO VEDB Binn sqlservr exeC Program Files Intel Wireless Bin RegSrvc exeC Program Files Spyware Doctor pctsAuxs exeC Program Files Spyware Doctor pctsSvc exeC Program Files Sony VAIO Power Management SPMgr exeC Program Files Sony ISB Utility ISBMgr exeC Program Files Sony VAIO Zone Remote Commander AvRmtCtr exeC Program Files Microsoft IntelliPoint point exeC Program Files Spybot - Search amp Destroy TeaTimer exeC Program Files Spyware Doctor pctsTray exeC WINDOWS system svchost exeC WINDOWS system wdfmgr exeC Program Files Sony VAIO Event Service VESMgr exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VCSW VCSW exeC Program Files Viewpoint Common ViewpointService exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzCdbSvc exeC WINDOWS system igfxext exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzFw exeC WINDOWS system igfxsrvc exeC WINDOWS system wscntfy exeC Program Files Common Files Sony Shared VAIO Entertainment VzRs VzRs exeC WINDOWS System alg exeC Program Files Viewpoint Viewpoint Manager ViewMgr exeC Program Files Spyware Doctor pctsGui exeC WINDOWS System svchost exeC Program Files Mozilla Firefox firefox exeC Program Files Trend Micro HijackThis HijackThis exeC WINDOWS system wbem wmiprvse exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www sony com vaiopeopleR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - URLSearchHook no name - EB EA-E BE- CFD- F F-C A C EAFA - no file O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dllO - HKLM Run VAIO Recovery C WINDOWS Sonysys VAIO Recovery PartSeal exeO - HKLM Run TVTunerLib C Program Files Common Files Sony Shared TVTunerLib TVTLInstTool exeO - HKLM Run SonyPowerCfg C Program Files Sony VAIO Power Management SPMgr exeO - HKLM Run ISBMgr exe C Program Files Sony ISB Utility ISBMgr exeO - HKLM Run VAIO Update quot C Program Files Sony VAIO Update VAIOUpdt exe quot StationaryO - HKLM Run VZRemoteCommander C Program Files Sony VAIO Zone Remote Commander AvRmtCtr exeO - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottimeO - HKLM Run IntelliPoint quot C Program Files Microsoft IntelliPoint point exe quot O - HKLM Run AdobeCS ServiceManager quot C Program Files Common Files Adobe CS ServiceManager CS ServiceManager exe quot -launchedbyloginO - HKLM Run ISTray quot C Program Files Spyware Doctor pctsTray exe quot O - HKCU Run SpybotSD TeaTimer C Program Files Spybot - Search amp Destroy TeaTimer exeO - Startup Adobe Gamma lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exeO - ... Read more

A:Trojan.Virtumonde / MS Juan

please help, thanks.

http://www.bleepingcomputer.com/forums/t/174265/trojanvirtumonde-ms-juan/
Relevancy 66.65%

Somehow picked up a lovely virtumonde virus yesterday, have tried everything to get rid of it but its just not going away!!
Malwarebytes scan picks up the same to infections everytime (MS Juan and MS Track in registry) but delete/quarantine won't get rid of them they just come back in the next scan. Any suggestions?? HJL ATTACHED
 

A:Virtumonde - MS Juan and MS Track

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:15:05, on 02/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {b21df6f3-e91e-e85a-c174-472fdcccd895} - {598dcccd-f274-471c-a58e-e19e3f6fd12b} - C:\WINDOWS\system32\uihgod.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [\\DAVE\EPSON Stylus DX7400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\DOCUME~1\user\LOCALS~1\Temp\E_S13.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic... Read more

https://forums.techguy.org/threads/virtumonde-ms-juan-and-ms-track.785926/
Relevancy 66.65%

Any Help Ms Vundo, Juan Virtumonde, Computer is Freaking Out ogfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system csrss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS system spoolsv exeC WINDOWS system Ati evxx exeC WINDOWS Explorer EXEC WINDOWS System SCardSvr exeC WINDOWS Mixer exeC Program Files CyberLink PowerDVD PDVDServ exeC Program Files Roxio Easy Media Creator Drag to Disc DrgToDsc exeC Program Files Common Files Roxio Shared SharedCOM RoxWatchTray exeC Program Files PowerISO PWRISOVM EXEC Program Files Virtumonde, Vundo, Ms Juan Grisoft AVG Anti-Spyware avgas exeC Program Files Common Files Real Update OB realsched exeC Program Files Common Files ArcSoft Connection Service Bin ACDaemon exeC Program Files iTunes iTunesHelper exeC Program Files Java jre bin jusched exeC Program Files Spyware Doctor pctsTray exeC Program Virtumonde, Vundo, Ms Juan Files Spybot - Search amp Destroy TeaTimer exeC WINDOWS system ctfmon exeC Program Files Virtumonde, Vundo, Ms Juan Common Files ArcSoft Connection Service Bin ACService exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Symantec LiveUpdate ALUSchedulerSvc exeC Program Files Grisoft AVG Anti-Spyware guard exeC Program Files Bonjour mDNSResponder exeC Program Files Java jre bin jqs exeC Program Files Common Files Roxio Shared SharedCOM RoxMediaDB exeC Program Files Spyware Doctor pctsAuxs exeC Program Files Spyware Doctor pctsSvc exeC WINDOWS system wscntfy exeC Program Files iPod bin iPodService exeC Program Files Common Files Roxio Shared SharedCOM CPSHelpRunner exeC WINDOWS System alg exeC WINDOWS System svchost exeC Program Files Mozilla Firefox firefox exeC Documents and Settings MOTZ ROCK Desktop HijackThis exeC WINDOWS System wbem wmiprvse exeC Program Files Symantec LiveUpdate AUpdate exeC PROGRA Symantec LIVEUP LUCOMS EXER - HKCU Software Microsoft Internet Explorer Main Start Page http google com igR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO RealPlayer Download and Record Plugin for Internet Explorer - C E -B - BC - - C CA - C Program Files Real RealPlayer rpbrowserrecordplugin dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO no name - DB C - - A B-BE D- D E E C C - C WINDOWS system geBtUlJd dll file missing O - BHO no name - D CB -C CD- c f-BFDC- B AFBDC C - no file O - BHO no name - BB-D F - C-B EB-D DAF D D - no file O - BHO no name - D EAA - D - FFD-B - A F E - no file O - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - BHO no name - F BC E-D D- B F- -C D FE - no file O - HKLM Run C-Media Mixer Mixer exe startupO - HKLM Run ATICCC quot C Program Files ATI Technologies ATI ACE cli exe quot runtime -DelayO - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run RoxioDragToDisc quot C Program Files Roxio Easy Media Creator Drag to Disc DrgToDsc exe quot O - HKLM Run RoxWatchTray quot C Program Files Common Files Roxio Shared SharedCOM RoxWatchTray exe quot O - HKLM Run PWRISOVM EXE C Program Files PowerISO PWRISOVM EXEO - HKLM Run AVG Anti-Spyware quot C Program Files Grisoft AVG Anti-Spyware avgas exe quot minimizedO - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osbootO - HKLM Run ArcSoft Connection Service C Progra... Read more

A:Virtumonde, Vundo, Ms Juan

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

http://www.bleepingcomputer.com/forums/t/259684/virtumonde-vundo-ms-juan/
Relevancy 66.65%

I have a PC running McAfee and a few days ago the computer slowed right down and the internet was And Virtumonde Removal Juan Ms virtually useless I scanned the computer and it showed the Ms Juan and Virtumonde I have used MBAM and I think I got rid of the Virtumonde however the Ms Ms Juan And Virtumonde Removal Juan still persists Can anyone help me remove any remaining viruses As instructed here are the kaspersky and dss logs KasperskyCan post if Ms Juan And Virtumonde Removal needed but apparently made this post too long DSS and HijackthisDeckard's System Scanner v Run by Rob amp Esther on - - Computer is in Normal Mode ---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point -- Last Restore Point s -- Ms Juan And Virtumonde Removal - - UTC - RP - Deckard's System Scanner Restore Point - - UTC - RP - Removed Google Toolbar for Internet Explorer - - UTC - RP - ComboFix created restore point - - UTC - RP - System Checkpoint - - UTC - RP - System Checkpoint-- First Restore Point -- - - UTC - RP - System CheckpointBacked up registry hives Performed disk cleanup -- HijackThis run as exe ----------------------------------------Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC WINDOWS system Ati evxx exeC WINDOWS Explorer EXEC PROGRA McAfee MSC mcmscsvc exec program files common files mcafee mna mcnasvc exec PROGRA COMMON mcafee mcproxy mcproxy exeC WINDOWS system RunDll exeC Program Files Mcafee MWL MWLGui exeC Program Files SiteAdvisor SiteAdv exeC Program Files ATI Technologies ATI ACE cli exeC Program Files QuickTime qttask exeC Program Files Java jre bin jusched exeC Program Files McAfee com Agent mcagent exeC Program Files McAfee MPF MPFSrv exeC Program Files dvd dvd tray exeC Program Files Messenger msmsgs exeC WINDOWS system ctfmon exeC Program Files OLYMPUS OLYMPUS Master MMonitor exeC Program Files McAfee MSK MskSrver exeC Program Files SiteAdvisor SAService exeC WINDOWS System svchost exeC Program Files Mcafee MWL MwlSvc exeC Program Files ATI Technologies ATI ACE cli exeC Program Files ATI Technologies ATI ACE cli exeC Program Files Google Common Google Updater GoogleUpdaterService exeC PROGRA McAfee VIRUSS mcsysmon exeC Program Files Google Google Updater GoogleUpdater exec PROGRA mcafee msc mcuimgr exeC Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeC PROGRA McAfee VIRUSS mcshield exeC Documents and Settings Rob amp Esther Desktop dss exeC PROGRA TRENDM HIJACK Rob amp Esther exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www google ca R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dllO - BHO no name - FD D- B- FC- - AE - C Program Files SiteAdvisor SiteAdv dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dllO - Toolbar McAfee SiteAdvisor - BF - F - - - FE E AA - C Program Files Si... Read more

A:Ms Juan And Virtumonde Removal

Hello, and welcome to the forum

I'm sorry for the delay, the forums are very busy. If you still need help, please post a new Deckard's System Scanner log and give a description of how your computer is currently running.

http://www.bleepingcomputer.com/forums/t/148796/ms-juan-and-virtumonde-removal/
Relevancy 66.65%

Well, I removed most problems using Malware Byte's Anti-malware tool. Things are almost fine. But about once a day, I start getting those random Internet Explorer Pop-ups again. I run the program again, and two things are found, labeled as traces, in my registry. I'm not sure how to got about permanently removing these. It's more a nuisance than anything, but still, assistance?

A:Traces Of Virtumonde And Xp Antivirus

Please download ATF Cleaner by Atribune & save it to your desktop. alternate download link DO NOT use yet.Please download and install SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here and unzip into the program's folder.)Under the "Configuration and Preferences", click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browser click Firefox at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser click Opera at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".Scan with SUPERAntiSpyware as follows:Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.On the left, make sure you check C:\Fixed Drive.On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".Make sure everything has a checkmark next to it and click "Next".A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.If asked if you want to reboot, click "Yes" and reboot normally.To retrieve the removal information after reboot, launch SUPERAntispyware again.Click Preferences, then click the Statistics/Logs tab.Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.Please copy and paste the Scan Log results in your next reply.Click Close to exit the program.

http://www.bleepingcomputer.com/forums/t/168438/traces-of-virtumonde-and-xp-antivirus/
Relevancy 65.79%

Hi Ive been trying to get around this thing on my own for a while now but Im having no luck I have tried MANY types of scans including ComboFix VundoFix SpyBot SUPERAntiSpyware Kaspersky Online and my McAfee No luck with anything Ive tried doing similar routines that other people tried in their topics but had no luck as the files werent exactly the same Here is my HJT log Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Juan Inside, New And Log Help! Virtumonde, Please Downloader. Hjt Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC Program Files Windows Defender MsMpEng exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system LEXBCES EXEC WINDOWS system spoolsv exeC WINDOWS system LEXPPS EXEC WINDOWS Explorer EXEI Software Pro Tools Digidesign Drivers MMERefresh exeC Program Files Intel Intel Matrix Storage Manager iaantmon exeC Program Files Maxtor Sync SyncServices exeC Program Files McAfee MBK MBackMonitor exeC Virtumonde, And New Juan Downloader. Hjt Log Inside, Help! Please Program Files Common Files McAfee HackerWatch Virtumonde, And New Juan Downloader. Hjt Log Inside, Help! Please HWAPI exeC PROGRA McAfee MSC mcmscsvc exec PROGRA COMMON mcafee mna mcnasvc exeC PROGRA McAfee VIRUSS mcods exeC PROGRA McAfee MSC mcpromgr exec PROGRA COMMON mcafee mcproxy mcproxy exeC Program Files Intel Virtumonde, And New Juan Downloader. Hjt Log Inside, Help! Please Intel Matrix Storage Manager iaanotif exeC PROGRA McAfee VIRUSS mcshield exeC Program Files Maxtor OneTouch Status maxmenumgr exeC WINDOWS system DeltaIITray exeC WINDOWS System M-AudioTaskBarIcon exeC Program Files Windows Defender MSASCui exeC PROGRA McAfee VIRUSS mcsysmon exeC Program Files Winamp winampa exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEc PROGRA mcafee com agent mcagent exeC Program Files Autodesk ds Max mentalray satellite raysat dsmax server exeC Program Files McAfee MPF MPFSrv exeC PROGRA McAfee MPS mps exeC Program Files SUPERAntiSpyware SUPERAntiSpyware exeC Program Files NVIDIA Corporation nTune nTuneService exeC WINDOWS system nvsvc exeC Program Files McAfee MPS mpsevh exeC Program Files M-Audio Ozone Install ozinst exec Program Files Microsoft SQL Server Shared sqlwriter exeC WINDOWS system svchost exeC Program Files Viewpoint Common ViewpointService exeC WINDOWS system wuauclt exeC WINDOWS System svchost exec PROGRA COMMON mcafee redirsvc redirsvc exeC Program Files Spybot - Search amp Destroy SDShred exeC Program Files Internet Explorer IEXPLORE EXEC WINDOWS system NOTEPAD EXEC Hijackthis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Main First Home Page http go microsoft com fwlink LinkId O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run IAAnotif C Program Files Intel Intel Matrix Storage Manager iaanotif exeO - HKLM Run mxomssmenu quot C Program Files Maxtor OneTouch Status maxmenumgr exe quot O - HKLM Run DeltTray DeltTray exeO - HKLM Run DeltaIITaskbarApp C WINDOWS system DeltaIITray exeO - HKLM Run M-Audio Taskbar Icon C WINDOWS Syste... Read more

A:Virtumonde, And New Juan Downloader. Hjt Log Inside, Help! Please

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please go to this page and scroll down to step 6.http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/Follow the directions there to run DSS and then post those logs back here in your next reply.

http://www.bleepingcomputer.com/forums/t/146944/virtumonde-and-new-juan-downloader-hjt-log-inside-help-please/
Relevancy 65.79%

Hi there First I want to say thank you to this website for the clear step by step instructions that it provided for attempting to get rid of the Virtumondo virus I have spent all day following them and I think I have been able to get rid of most of it although I would really appreciate some help in tracking down the Virtumonde Infection- Traces Still Left? problems that still remain Here is a summary of my computer's problems and the steps I took to try and fix them Computer was very slow lots of popups pictures in websites were replaced with strange ads couldn't do Google searches couldn't turn Windows Update on without computer crashing freezing Before coming to this site I ran Spybot which found a whole slew of things that I deleted Then I downloaded SuperAntiSpyware which found the following which I also asked it to fix Adware EbatesMoeMoneyMakerAdware TrackingCookieAdware Vundo Variant RelAdware WebRebatesTrojan Unknown OriginTrojan Vundo-Variant NextGenTrojan Vundo-Variant NextGen-SixTrojan Virtumonde Infection- Still Traces Left? Vundo-Variant Small-GENStill having problems then tried Microsoft's scan but it wouldn't run Tried Symantec's virus scan- caused an IE error wouldn't run Then found this website and did the following Vundo FixVirtumondoBegoneCleaned Temp internet filesDownloaded updated and scanned wih Ad-Aware fixed results until cleanDid another Spybot scan which found Virtumonde prx instances and Virtumonde instances Tried to run Trend Micro Housecall but it kept freezing after mutiple attemptsStinger- found nothingDownloaded personal firewallWindows updatesComputer restarted and Spybot ran automatically at restart and found DoubleClick MediaPlex and WebTrends Live which I asked it to fixMcAfee window popped up and said that a potentially unwanted program was discovered- quot PrcViewer quot - clicked to delete itWhen the Spybot scan was finished I got a pop up box that read quot Error loading c windows system xtrmxtc dll The specified module could not be found quot I said ok and then things seemed to be better than before My home page is Comcast and I did notice that where there is usually an ad there was a portion of the IE error message page I'm pasting the results of my HijackThis scan which I just ran I'm guessing that there still may be remnants of this nasty thing lurking on my computer Thank you so much in advance for any help you might be able to offer Best regards FabienneLogfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC Program Files Sygate SPF smc exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system LEXBCES EXEC WINDOWS system LEXPPS EXEC WINDOWS system spoolsv exeC WINDOWS Explorer EXEC Program Files Java j re bin jusched exeC Program Files Common Files InstallShield UpdateService issch exeC WINDOWS ehome ehtray exeC WINDOWS system hkcmd exeC WINDOWS system igfxpers exeC Program Files Common Files AOL ee AOLSoftware exeC Program Files iTunes iTunesHelper exeC Program Files Real RealPlayer RealPlay exeC Program Files McAfee com Agent mcagent exeC WINDOWS system rundll exeC Program Files CyberLink PowerDVD DVDLauncher exeC WINDOWS system ctfmon exeC Program Files SUPERAntiSpyware SUPERAntiSpyware exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC WINDOWS eHome ehRecvr exeC WINDOWS eHome ehSched exeC PROGRA McAfee MSC mcmscsvc exec PROGRA COMMON mcafee mna mcnasvc exeC Program Files Digital Line Detect DLG exec PROGRA COMMON mcafee mcproxy mcproxy exeC PROGRA McAfee VIRUSS mcshield exeC Program Files McAfee MPF MPFSrv exeC WINDOWS system svchost exeC WINDOWS system dllhost exeC WINDOWS eHome ehmsas exeC Program Files iPod bin iPodService exeC WINDOWS system w... Read more

A:Virtumonde Infection- Still Traces Left?

Hello fabienneWelcome to BleepingComputer ========================Before running a new scan let's clean out the temporary folders. Download ATF Cleaner to your Desktop.Double-click ATF-Cleaner.exe to run the program.Click Select All found at the bottom of the list.Click the Empty Selected button.If you use Firefox browser, do this also:Click Firefox at the top and choose Select All from the list.Click the Empty Selected button.NOTE : If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser, do this also:Click Opera at the top and choose Select All from the list.Close ALL Internet browsers (very important).Click the Empty Selected button.NOTE : If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.===========================================Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.Note: You must be logged on to the system with an account that has Administrator privileges to run this program.Close ALL OTHER PROGRAMS.Open the OTScanIt folder and double-click on OTScanIt.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).In the Drivers section click on Non-Microsoft.Under Additional Scans click the checkboxes in front of the following items to select them:Reg - BotCheck
File - Additional Folder Scans
FIle - Lop check
File - Purity Scan
Rootkit Search -Yes
Drivers -Non Microsoft
Do not change any other settings.Now click the Run Scan button on the toolbar.Let it run unhindered until it finishes.When the scan is complete Notepad will open with the report file loaded in it.Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. Make sure that the first line is code with brackets around it [] and that the last line is /code with brackets around it [].If, after posting, the last line is not <End of Report> then the log is too big to fit into a single post and you will need to split it into multiple posts or attach it as a file.

http://www.bleepingcomputer.com/forums/t/167899/virtumonde-infection-still-traces-left/
Relevancy 65.36%

I've been having problems with viruses recently so this seemed like the logical place to go I had MS track MS and or system(virtumonde Juan smitfraud?) two major infections of smitfraud and virtumonde I think smitfraud is gone but I'm pretty sure virtumonde is still there because when i run malwarebytes' anti malware i MS Juan and MS track system(virtumonde or smitfraud?) still get Registry Keys Infected HKEY LOCAL MACHINE SOFTWARE Microsoft MS Juan Malware Trace - gt Quarantined MS Juan and MS track system(virtumonde or smitfraud?) and deleted successfully HKEY LOCAL MACHINE SOFTWARE Microsoft MS Track System Trojan Vundo - gt Quarantined and deleted successfully for my registry key infections I've seen ALOT of people have this exact problem but I am not sure if the methods I saw them fix it with will work for me the problem on the computer is pop-ups every so often usually only when i switch websites If I stay at a site for a while the pop-ups stop anyway here is the DDS log--- DDS Version - NTFSx Run by ERIC at on Fri Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV AVG Anti-Virus Free On-access scanning enabled Updated FW Norton AntiVirus enabled FW ZoneAlarm Firewall enabled Running Processes C WINDOWS system Ati evxx exe C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C WINDOWS arservice exe C Program Files Symantec LiveUpdate AluSchedulerSvc exe C PROGRA AVG AVG avgwdsvc exe C Program Files Bonjour mDNSResponder exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Common Files LightScribe LSSrvc exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE svchost exe C WINDOWS system svchost exe -k imgsvc C Program Files Linksys Wireless-G PCI Wireless Network Monitor WLService exe C Program Files Linksys Wireless-G PCI Wireless Network Monitor WMP Gv exe C PROGRA AVG AVG avgrsx exe C PROGRA AVG AVG avgemc exe C WINDOWS system dllhost exe C WINDOWS system Ati evxx exe C WINDOWS system wscntfy exe C WINDOWS Explorer EXE C WINDOWS ehome ehtray exe C HP KBD KBD EXE C Program Files Common Files InstallShield UpdateService issch exe C Program Files Java jre bin jusched exe C Documents and Settings ERIC Desktop iTunes iTunesHelper exe C PROGRA AVG AVG avgtray exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system ctfmon exe C Program Files Spybot - Search amp Destroy TeaTimer exe C WINDOWS eHome ehmsas exe C Program Files iPod bin iPodService exe C WINDOWS System svchost exe -k HTTPFilter C Program Files Mozilla Firefox firefox exe C Program Files Malwarebytes' Anti-Malware mbam exe C WINDOWS system NOTEPAD EXE C Documents and Settings ERIC Desktop dds scr Pseudo HJT Report uStart Page hxxp www google com uSearch Page hxxp www google com uDefault Search URL hxxp ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c amp bd PRESARIO amp pf desktop uSearch Bar hxxp www google com ie mStart Page hxxp ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN US amp c amp bd PRESARIO amp pf desktop mSearch Bar hxxp ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c amp bd PRESARIO amp pf desktop uInternet Connection Wizard ShellNext hxxp ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN US amp c amp bd PRESARIO amp pf desktop uInternet Settings ProxyOverride local uSearchAssistant hxxp www google com ie uSearchURL Default hxxp www google com search q s mSearchAssistant hxxp www google com ie BHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files common files adobe acrobat activex AcroIEHelper dll BHO Spybot-S amp D IE Protection - f - d - - d f - c progra spybot SDHelper dll BHO ce -e ab- a- - c fd b - c windows system pmnlLefC dll BHO... Read more

A:MS Juan and MS track system(virtumonde or smitfraud?)

Hi, ericgarfinkle Welcome. Please download Malwarebytes' Anti-Malware from Here or HereDouble Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.Please download ComboFix from Here or Here to your Desktop.**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**Please, never rename Combofix unless instructed.Close any open browsers.Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
-----------------------------------------------------------Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
-----------------------------------------------------------Close any open browsers. WARNING: Combofix will disconnect your machine from the Internet as soon as it startsPlease do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.If there is no internet connection after running Combofix, then restart your computer to restore back your connection.-----------------------------------------------------------Double click on combofix.exe & follow the prompts.Install the Recovery Console upon request.When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

http://www.bleepingcomputer.com/forums/t/189486/ms-juan-and-ms-track-systemvirtumonde-or-smitfraud/
Relevancy 65.36%

Hello All I have been infected and cannot get rid of it Whenever I run Spybot it will find Virtumonde I fix the problem but it immediately respawns Now when I start up I get a variety of missing dll errors including quot Entry MS Juan Error in C Windows system hfstqcok dll quot quot Microsoft Visual C Runtime Library Buffer Overrun quot errors pop up when Windows Explorer is open and random web pages will open I really appreciate any help Here is my HijackThis log Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows MS Virtumonde Juan, dll, Buffer Missing Overrun, XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe MS Juan, Missing dll, Buffer Overrun, Virtumonde C Program MS Juan, Missing dll, Buffer Overrun, Virtumonde Files Intel MS Juan, Missing dll, Buffer Overrun, Virtumonde Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C Program Files Intel Wireless Bin WLKeeper exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared SNDSrvc exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files Symantec AntiVirus DefWatch exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system nvsvc exe C WINDOWS system HPZipm exe C Program Files Intel Wireless Bin RegSrvc exe C Program Files Symantec AntiVirus SavRoam exe C WINDOWS system svchost exe C Program Files Symantec AntiVirus Rtvscan exe C WINDOWS system CCM CLICOMP RemCtrl Wuser exe C WINDOWS system CCM CcmExec exe C Program Files Intel Wireless Bin ZcfgSvc exe C PROGRA Intel Wireless Bin XConfig exe C Program Files Google ggviewer - exe C WINDOWS system rundll exe C Program Files Intel Wireless Bin ifrmewrk exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Apoint Apoint exe C Program Files Common Files Symantec Shared ccApp exe C PROGRA SYMANT VPTray exe C Program Files Java jre bin jusched exe C Program Files Apoint Apntex exe C Program Files Picasa PicasaMediaDetector exe C Program Files iTunes iTunesHelper exe C WINDOWS system Rundll exe C WINDOWS system ctfmon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system rundll exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Microsoft SQL Server Tools Binn sqlmangr exe C Program Files Google Web Accelerator GoogleWebAccWarden exe C Program Files iPod bin iPodService exe C Program Files Google Web Accelerator googlewebaccclient exe C Program Files Internet Explorer iexplore exe C WINDOWS explorer exe C WINDOWS system wuauclt exe C Documents and Settings rm GJRA Desktop HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http maps google com maps hl en amp tab wl R - HKLM Software Microsoft Internet Explorer Main Default Page URL http cosaweb R - HKCU Software Microsoft Windows CurrentVersion Internet Settings AutoConfigURL http localhost proxy pac O - Toolbar Google Web Accelerator - DB BFA -A E - E- E A-C D CBF - C Program Files Google Web Accelerator GoogleWebAccToolbar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run BluetoothAuthenticationAgent rundll exe bthprops cpl BluetoothAuthenticationAgent O - HKLM Run IntelWireless C Program Files Intel Wireless Bin ifrmewrk exe tf Intel PROSet Wireless O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe installquiet O - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run Apoint C Program Files Apoint Apoint exe O - HKLM Run ccApp quot C Program Files Co... Read more

Relevancy 64.5%

Hi I am a new forum user I had recently been getting a lot of problems with pop-ups and discovered that Virtumonde was the cause it also came partnered with SmitFraud C both of which were very hard to get rid of cant effects - remove of of spyware traces Virtumonde After all removing I believe I have now cured the main part of that virus as all my scans come up clean from virtumonde and Smitfraud C This took a long After effects of removing Virtumonde - cant remove all traces of spyware time and the programs I currently use are - AVG internet security Spybot S amp D Ad-Aware Se and Malware Bytes AM I also ran VundoFix which did not help Running these several times in safe mode seems to have done the trick but I am still left with a reccuring minor spyware Adware problem every time I boot The specific spyware found seems to change upon every scan aswel so i cant narrow it down So i know there must still be a problem and something is acting as a gateway for the spyware Any help on this matter and in analyzing my log file would be muchly appreciated Thanks in advance One last thing I thought I should mention - My computer never came with installation disks and it autoran upon first boot so if anything major happens i am not sure how to reinstall the operating system below is my DDS- DDS Ver - - - NTFSx After effects of removing Virtumonde - cant remove all traces of spyware Run by HP Administrator at on Internet Explorer Microsoft Windows XP Professional GMT AV After effects of removing Virtumonde - cant remove all traces of spyware AVG On-access scanning enabled Updated FW AVG Firewall enabled Running Processes C WINDOWS system Ati evxx exe C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C PROGRA Grisoft AVG avgrssvc exe C WINDOWS system spoolsv exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C PROGRA Grisoft AVG avgrssvc exe C PROGRA Grisoft AVG avgemc exe C WINDOWS ehome ehtray exe C windows system hpsysdrv exe C WINDOWS system CTHELPER EXE C WINDOWS system CTSvcCDA EXE C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe c Program Files Common Files LightScribe LSSrvc exe C WINDOWS system svchost exe -k imgsvc C WINDOWS system MsPMSPSv exe C PROGRA Grisoft AVG avgfwsrv exe C WINDOWS system hphmon exe C HP KBD KBD EXE C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files Creative SBAudigy ZS DVDAudio CTDVDDet EXE C hp drivers hplsbwatcher lsburnwatcher exe C PROGRA Grisoft AVG avgcc exe C Program Files QuickTime qttask exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system ctfmon exe C Program Files Sony CONNECTAutoUpdate CONNECTAUTrayApp exe C PROGRA Grisoft AVG avgw exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Sony CONNECTAutoUpdate CONNECTAutoUpdate exe C WINDOWS system dllhost exe C WINDOWS eHome ehmsas exe C WINDOWS system rundll exe C Program Files Trend Micro HijackThis HijackThis exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Program Files Windows Live Messenger msnmsgr exe C Program Files Windows Live Messenger usnsvc exe C Documents and Settings HP Administrator YOUR-A EE Local Settings Temporary Internet Files Content IE JG HIAPM dds scr Pseudo HJT Report uStart Page hxxp www google com uSearch Page hxxp www google com uDefault Search URL hxxp ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN GB amp c Q amp bd pavilion amp pf desktop uSearchMigratedDefaultURL hxxp www google com search q searchTerms amp sourceid ie amp rls com microsoft en-US amp ie utf amp oe utf mDefault Page URL hxxp www google com mStart Page hxxp www google com mSearch Bar hxxp ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN GB amp c Q amp bd pavilion amp pf desktop mSearchAssistant hxxp www google com ie BH... Read more

A:After effects of removing Virtumonde - cant remove all traces of spyware

Hello lds120Welcome to BleepingComputer ========================If you are still in need of assistance please post a new dds log.

http://www.bleepingcomputer.com/forums/t/196418/after-effects-of-removing-virtumonde-cant-remove-all-traces-of-spyware/
Relevancy 58.05%

Greetings I have been struggling for over a week to remove a bad infection of what seems to be multiple viruses including Virtumonde Vundo H Rootkit TDSServ MS Juan and MS Track System I had Super Super Anti Spyware at one point as well I have read numerous forums and have followed instructions to run the latest versions of SpyBoy S amp D Adaware / Vundo.H / TDSServ / Vundo MS Virtumonde / MS Track Juan Rootkit Variants: System SuperAntiSpyware MalwareBytes Anti-Spyware and VundoFix While I seemed to get the infection s against the ropes it continues to persist and re-populate itself and others on my PC The PC runs slow I get Firefox pop up windows and my Internet Explorer settings have been dropped to accept all cookies Vundo Variants: MS Juan / MS Track System / Vundo.H / Virtumonde / Rootkit TDSServ even when I change them back to default I was running an older version of Java which I have since uninstalled I have Vundo Variants: MS Juan / MS Track System / Vundo.H / Virtumonde / Rootkit TDSServ downloaded and installed the latest version RSIT HJT Data Report follows Please help me Logfile of random's system information tool written by random random Run by Robert at - - Microsoft Windows XP Home Edition Service Pack System drive C has GB free of GBTotal RAM MB free Logfile of Trend Micro HijackThis v Scan saved at Vundo Variants: MS Juan / MS Track System / Vundo.H / Virtumonde / Rootkit TDSServ PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS Explorer EXEC Program Files Google Google Desktop Search GoogleDesktop exeC Program Files Windows Media Player WMPNSCFG exeC WINDOWS system spoolsv exeC Program Files Webshots WebshotsTray exeC WINDOWS system cisvc exeC WINDOWS System svchost exeC WINDOWS System svchost exeC WINDOWS System MsPMSPSv exeC Program Files Raxco PerfectDisk PDSched exeC Program Files McAfee MPF MPFSrv exeC WINDOWS system cidaemon exeC Program Files Java jre bin jusched exeC Program Files Java jre bin jqs exeC Program Files Trend Micro HijackThis HijackThis exeC WINDOWS system NOTEPAD EXEC Program Files Internet Explorer iexplore exeC WINDOWS system rundll exeC PROGRA McAfee MSC mcmscsvc exeC PROGRA McAfee VIRUSS mcshield exec PROGRA COMMON mcafee mcproxy mcproxy exeC Program Files McAfee SiteAdvisor McSACore exeC Program Files Java jre bin java exec PROGRA mcafee com agent mcagent exec program files common files mcafee mna mcnasvc exec PROGRA mcafee msc mcshell exeC PROGRA McAfee VIRUSS mcsysmon exeC Documents and Settings Robert Desktop RSIT exeC Program Files Trend Micro HijackThis Robert exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet comR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO no name - CDD A-C F - DA - ED - E A C - C WINDOWS system byXNgeFX dll file missing O - BHO no name - A B - D - F-BDF - FA B D C - C WINDOWS system efcCuTnN dll file missing O - BHO de f a-ee - fa- ad - df b - b -fd - da -af - eea f ed - C WINDOWS system okriov dllO - BHO Java Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - BHO AcroIEToolbarHelper Class - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dllO - BHO McAfee SiteAdvisor BHO - B E -A B - A -B - CD E A FF - c PROGRA mcafee SITEAD mcieplg dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavCli... Read more

A:Vundo Variants: MS Juan / MS Track System / Vundo.H / Virtumonde / Rootkit TDSServ

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREOrange Blossom

http://www.bleepingcomputer.com/forums/t/188393/vundo-variants-ms-juan-ms-track-system-vundoh-virtumonde-rootkit-tdsserv/
Relevancy 43.86%

Hi I ve got the infamous Virtumonde deeply entrenched in my machine and all of the types of RKill in the removal guide posted on this website are being blocked By blocked I mean the program immediately closes followed by an error message saying quot Installation failed quot then it re-opens and kills all other processes instead of killing the processes it s supposed to kill giving another error message against RKill Virtumonde working not for each thing that was killed What can I do I followed the guide and tried all the downloads for RKill but none are working RKill not working against Virtumonde Additional info about the problem RKill not working against Virtumonde Spybot and MSE both don t work MSE won t update scans really really slowly and doesn t remove anything Spybot will scan normally but it won t remove anything When running Spybot I noticed tens of thousands of Virtumonde sci files and more files of a different file type as well as many thousands of keylogger malware and spyware files It s a miracle my machine even RKill not working against Virtumonde runs Few times over the past few weeks the date in the corner of the screen has changed to be a day behind twice now and a few times there have been random freezes Also about a month ago some guy from Egypt accessed my gmail I m not sure if that s a separate thing or if it s from Virtumonde I know very little about computers so apologies in advance if my ignorance or lack of useful info provided above is frustrating OS is Windows bit UPDATE Tried uninstalling Spybot to get the malware remover featured on this site and it said the program was never installed to begin with UPDATE Attempted to install DDS but it wouldn t download even when I clicked on the quot click here quot html I d get GMER but my OS is bit I had the same problem with downloading RKill scr Also I cannot connect to wikihow com at all so I think it s messing with my ability to navigate the web

A:RKill not working against Virtumonde

If you can please run MBAM.Please Download Malwarebytes AKA MBAMUpdate Malwarebytes via the update tab.Run a full scanPlease post the resultsThe log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.If you have trouble getting MBAM to run see post #2 here.http://www.bleepingcomputer.com/forums/topic267354.htmlAlso if you haven't already you should change your email password.

http://www.bleepingcomputer.com/forums/t/460959/rkill-not-working-against-virtumonde/
Relevancy 43.86%

Hi Guys, i need assistance with the HiJack This Log please.
It start out with me finding magicantispy on my PC, i removed it with Vundofix and now i cannot use IE, i however do use Firefox but want the option to use IE when needed.
I can supply a combofix log if required.
Im sure it is some proxy avoidance because it throws up a dns error and dns is working fine.
Thanks in advance for all assistance, have been monitoring this forum and love the work you do.

A:Virtumonde, Magicantispy And Now Ie Not Working?

Welcome to the BleepingComputer HijackThis Logs and Analysis forum cdit My name is Richie and i'll be helping you to fix your problems.Please download Combofix and save to your desktop:Note: It is important that it is saved directly to your desktop Close any open browsers. Double click on combofix.exe and follow the prompts. When it's finished it will produce a log. Post the entire contents of C:\ComboFix.txt into your next reply. Note: Do not mouseclick combofix's window while it's running. That may cause the program to freeze/hang. Also post a new Hijackthis log please.Post all replies directly into this topic,not as attachments,thanks.

http://www.bleepingcomputer.com/forums/t/102254/virtumonde-magicantispy-and-now-ie-not-working/
Relevancy 43.43%

Hi and thanks,
I recently started having to use my boyfriends computer and immediately noticed there's some virus's and whatnot on here. Then in the past several days the internet has been acting up, web pages aren't loading, videos arent playing, then they will.

I used Symantec AntiVirus and scanned the computer and found a number of things which it "Quarantined" but I don't think that did much since the internet is still on and off.

The scan found 7 Adware.VirtuMonde files with jibberish exe files in the system32 folder. Symantic windows pop up at random showing these files and says it cannot do anything about them.

Two things: There isn't a 'legitimate' version of WindowsXP so that prevents him from installating security updates; he had and frequently used Soulseek to download music on this computer, but I uninstalled it.

Please help.
 

https://forums.techguy.org/threads/help-with-adware-virtumonde-internet-not-working.825556/
Relevancy 43%

I think someone is tracking me using my IP address. How can I block them or what can I do to stop them if anything?
 

A:Ip Tracker?

Bumping this thread again!
 

https://forums.techguy.org/threads/ip-tracker.573968/
Relevancy 43%

I have an hp mini 5103- how do I turn off the gps tracking thingie?
 

Relevancy 42.14%

I am running windows vista. I have ran multiple different virus scans and spyware/malware scans and still have this "piece of paper image" that shadows my cursor every so often. (picture attached). It happens mainly on facebook. I do not play any games, etc and I keep my virus scanner up to date etc. I am thinking it is some kind of tracker????? but I ran rootkit scanners and it didnt solve my problem. Please help. Thanks.

A:Tracker? Virus?

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.Click OK to either and let MBAM proceed with the disinfection process.If asked to restart the computer, please do so immediately.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Download the correct version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.===Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.To attach a file select the "More Reply Option" and follow the instructions.Let me know what problem persists.

http://www.bleepingcomputer.com/forums/t/540477/tracker-virus/
Relevancy 42.14%

something called pest trap installed on my Tracker Pest computer without my consent and i can't uninstall it adaware finds something but locks up when i try to delete it here is my log thanksLogfile of HijackThis v Scan saved at PM on Platform Windows SE Win x Pest Tracker A MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLLC WINDOWS SYSTEM MSGSRV EXEC WINDOWS SYSTEM MPREXE EXEC WINDOWS SYSTEM MSTASK EXEC WINDOWS SYSTEM mmtask tskC WINDOWS EXPLORER EXEC WINDOWS TASKMON EXEC WINDOWS SYSTEM SYSTRAY EXEC WINDOWS SYSTEM PRPCUI EXEC WINDOWS SYSTEM ATI PLAB EXEC WINDOWS SYSTEM ATIPTAAB EXEC WINDOWS Pest Tracker SYSTEM ATI CWXX EXEC PROGRAM FILES SYNAPTICS SYNTP SYNTPLPR EXEC PROGRAM FILES SYNAPTICS SYNTP SYNTPENH EXEC WINSTALL EXEC PROGRAM FILES SMC SMCWCB-G WLAN CARDBUS MONITOR EXEC WINDOWS SYSTEM WMIEXE EXEC MY DOCUMENTS HIJACKTHIS EXER - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCXO - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCXO - HKLM Run ScanRegistry C WINDOWS scanregw exe autorunO - HKLM Run TaskMonitor C WINDOWS taskmon exeO - HKLM Run SystemTray SysTray ExeO - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrSchemeO - HKLM Run PRPCMonitor PRPCUI exeO - HKLM Run ATIPOLAB ati plab exeO - HKLM Run AtiPTA Atiptaab exeO - HKLM Run Ati cwxx Ati cwxx exeO - HKLM Run AtiGart c Ati Gart AtiGart exeO - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exeO - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exeO - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrSchemeO - HKLM RunServices SchedulingAgent mstask exeO - HKCU Run Windows installer C winstall exeO - Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXEO - Startup SMCWCB-G WLAN Cardbus lnk C Program Files SMC SMCWCB-G WLAN Cardbus Monitor exeO - Extra button Related - c fe - f d- d -a b- aa c a - C WINDOWS web related htmO - Extra 'Tools' menuitem Show amp Related Links - c fe - f d- d -a b- aa c a - C WINDOWS web related htmO - Plugin for spop C PROGRA INTERN Plugins NPDocBox dll

A:Pest Tracker

Hi,The forums are really busy, that explains why logs get behind. If you still need some help, please start with posting a new hijackthislog in this thread. Don't start with a new thread.Then I'll take a look. Also, please start with installing an antivirus and firewall as well, because it doesn't make any sense that we try to clean this up if nothing is preventing malware getting reinstalled again.AVG, Avira OR Avast are good FREE antivirus.Never install more than one antivirusscanner or firewall on your system! Several together can give problems and decrease the reliability of it seriously!Zonealarm, Agnitum Outpost Free OR Kerio are FREE firewalls. Understanding and using firewallsPerform a full scan with your antivirus and let it delete everything it is finding.Then post a new hijackthislog.

http://www.bleepingcomputer.com/forums/t/55514/pest-tracker/
Relevancy 42.14%

Hi,sorry for multi-posting,i did not realise that messages cannot be deleted, this is the actual post for my problem(ignore other posts by me). I received a few friend requests from an official well known chat group. These requests are being send through by its official site to my hotmail.However there are notices that pop ups when i clik accept the friend requests.These notices seek for my permission to allow access to my DNS,keyboard and mouse. I do not know whether my computer is infected. I need help in removing these tracking programs juz to make sure the information in my computer is safe.Thanks

http://www.techsupportforum.com/forums/f284/help-in-removing-dns-tracker-496721.html
Relevancy 42.14%

There are lots of Fitness Band or you can Say Fitness tracker in the market but Can you plz tell me the best Fitness Band ?
1. Fitbit Surge
2. Apple
3. Microsoft Band
4. Epson Runsense / Pulsense
5. Basis Peak
6. Mio
7. Jawbone up3
8. Asus Vivowatch
9. Misfit
10. Actofit
11. Other

A:Which is the best Fitness Tracker?

This thread has been moved to an appropriate forum...
As per this advice: Who Should Post in Ask a Question? WC members are free to post in all areas of the board. Please use Ask a Question only for time critical help issues that affect the immediate functionality of your device.

http://forums.windowscentral.com/smartwatches/445588-best-fitness-tracker.html
Relevancy 42.14%

ok im constantly getting pop up and they are all coresponding to whatever im typing at the time say me help please odd ups tracker pop and things, other im looking for a car on craigslist car insurance or mantanace cites pop up and again tracker pop ups and other odd things, help me please i typed in mountain dew and tracker pop ups and other odd things, help me please a mountain dew pop up came up i also get a c WINDOWS tracker pop ups and other odd things, help me please Holmes exe message message once in a while it s driving me crazy please someone help me included is my hijack this scan Logfile of Trend Micro HijackThis v BETA Scan saved at PM on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C WINDOWS system spoolsv exe C Program Files M-Audio Fast Track USB MAUSBFTInst exe C Program Files Softex OmniPass Omniserv exe C WINDOWS system HPZipm exe C Program Files Softex OmniPass OPXPApp exe C WINDOWS System svchost exe C Program Files Alwil Software Avast ashMaiSv exe C Program Files Alwil Software Avast ashWebSv exe C WINDOWS Explorer EXE C WINDOWS System igfxtray exe C WINDOWS System hkcmd exe C WINDOWS System igfxtray exe C WINDOWS System hkcmd exe C WINDOWS system sol exe C WINDOWS System hphmon exe C WINDOWS System hphmon exe C WINDOWS LTMSG exe C WINDOWS ALCXMNTR EXE C WINDOWS System M-AudioTaskBarIcon exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C Program Files Logitech SetPoint KEM exe C Program Files Logitech SetPoint KHALMNPR EXE C Program Files SBC Self Support Tool bin mpbtn exe C WINDOWS system wuauclt exe C Program Files Mozilla Firefox firefox exe C Program Files HP Digital Imaging bin hpqgalry exe C Documents and Settings Kim Desktop HiJackThis v exe R - HKCU Software Microsoft Internet Explorer Main Start Page http att yahoo com O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - EEE E - - E - - CC E - C WINDOWS system cdmdownld eyornvfqrw dll file missing O - BHO no name - CD - EFE- E -AECA- A EAFEFFBC - C WINDOWS system ddlwm dll file missing O - BHO no name - B CA - A - D -A DF- BB - no file O - BHO no name - E B -D C- BE - -DEB FF - C Program Files Internet Explorer metocodoqC WINDOWS system vt tycodllz exe dll file missing O - BHO no name - E A -E - - - DF C C - C WINDOWS system ddcddcc dll O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - Toolbar HP View - B E - D D- DEB- B - D BCF F - C Program Files HP Digital Imaging bin HPDTLK dll O - HKLM Run hpsysdrv c windows system hpsysdrv exe O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run CamMonitor c Program Files HP Digital Imaging Unload hpqcmon exe O - HKLM Run HPHUPD c Program Files HP B B-DCAB- - EE - F hphupd exe O - HKLM Run HPHmon C WINDOWS System hphmon exe O - HKLM Run UpdateManager quot C Program Files Common Files Sonic Update Manager sgtray exe quot r O - HKLM Run AutoTKit C hp bin AUTOTKIT EXE O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run VTTimer VTTimer exe O - HKLM Run LTMSG LTMSG exe O - HKLM Run AlcxMonitor ALCXMNTR EXE O - HKLM Run avast C PROGRA ALWILS Avast ashDisp exe O - HKLM Run Netscape C Program Files Common Files ISPCOMP InstallService exe O - HKLM Run HP Software Update quot C Program Files HP HP Software Update HPWuSchd exe quot O - HKLM Run nwiz nwiz exe installquiet keeploaded nodetect O - HKLM Run Logitech Hardware Abstraction Layer KHALMNPR EXE O - HKL... Read more

A:tracker pop ups and other odd things, help me please

i just ran spybot search and destroy and it solved half the problem, i still get pop ups, but they're blank, it just opens a blank browser window with no addy, it also said i had wild tangent, which i had a problem with on my last computer, but i think it fixed it.
here is my new hijack this log

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:53:06 PM, on 1/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\M-Audio\Fast Track USB\MAUSBFTInst.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxtray .exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\System32\hkcmd .exe
C:\WINDOWS\System32\hphmon05 .exe
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Kim\Desktop\hijack this and other spyware stuff\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0EEE9E78-5204-0E18-0778-4CC620930E82} - C:\WINDOWS\system32\cdmdownld\eyornvfqrw.dll (file missing)
O2 - BHO: (no name) - {124CD448-4EFE-6E08-AECA-61A3EAFEFFBC} - C:\WINDOWS\system32\ddlwm.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {E1136B38-D27C-4BE5-9339-DEB3861841FF} - C:\Program Files\Internet Explorer\metocodoqC:\WINDOWS\system32\vt8\tycodllz83122.exe.dll (file missing)
O2 - BHO: (no name) - {E1759A31-E627-4758-9562-6899DF36C9C2} - C:\WINDOWS\system32\ddcddcc.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 ... Read more

https://forums.techguy.org/threads/tracker-pop-ups-and-other-odd-things-help-me-please.671575/
Relevancy 42.14%

Hi there,
Does anyone know how to remove this dam things I seem to get more and more when I scan and they dont go when I press fix on Norton Internet 2007

Many Thanks
 

https://forums.techguy.org/threads/tracker-cookie.691543/
Relevancy 42.14%

NEED E-MAIL TRACKERI'm looking for a FREE site that can track e-mail activity . I don't mean tracking it's ip location in header
or what not , but tracking it's activity as to what sites it's registered , to apart from face book.
I need a FREE site that can give me a list of all or most sites , that the e-mail is registered on .

A:NEED E-MAIL TRACKER

I do not believe this possible...

http://www.bleepingcomputer.com/forums/t/543041/need-e-mail-tracker/
Relevancy 42.14%

I am looking for a Laptop Tracker. there has been many breakin's recently in my area, so I want to get some sort of Tracker for my Laptop, be it hardware or Sodtware. Its strange that they've never put these in Laptops. Could wipe out 90% of Laptop thefts. So I seen a few software, not convinced they any use, because they need to get past windows Security first, so is there any software that will work on load up or is there any Hardware you can get that you can hardware that can be clipped to or hidden in a Laptop that could give out a GPRS signal or Location of a Laptop?

http://h30434.www3.hp.com/t5/Notebook-Software-and-How-To-Questions/Laptop-Tracker/td-p/5791919
Relevancy 42.14%

When I'm searching for something on Google and i try to go to the link, it always redirect to search tracker.net Done a search and read to download Malwarebytes, so I downloaded it and change the name from mbam-setup.exe but still wont run. Have no idea what I am doing.
Thanks Eric

A:search-tracker.net

Please download SmitfraudFixDouble-click SmitfraudFix.exeSelect option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).Please copy/paste the content of that report into your next reply.Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.http://www.beyondlogic.org/consulting/proc...processutil.htm

http://www.bleepingcomputer.com/forums/t/238477/search-trackernet/
Relevancy 42.14%

I feel that someone is monitoring me I have a couple of emails address that I can not log into from yahoo I was wondering if there is some type of software that can track someone tracking tracker monitioring my computer For example win-spy is a monitoring spyware that allows the remote tracking tracker user into your computer when you are online It has keylogging snapshots email tracking and other things for a person to track you For now I have keylogg hunter and spy cop installed on my computer But win-spy states it can stop anti-spyware What can I do I am just average user HIJACJTHIS LOG Logfile of HijackThis v Scan saved at tracking tracker AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C tracking tracker WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS system winlogon exe C WINDOWS Explorer EXE C WINDOWS system rundll exe C Program Files CA eTrust Internet Security Suite caissdt exe C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVTray exe C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVRID exe C WINDOWS System spool DRIVERS W X LMPDPSRV EXE C Program Files Common Files AOL ee AOLSoftware exe C Program Files Messenger msmsgs exe C Program Files Adobe Acrobat Distillr acrotray exe C Program Files Lexmark X LEX SU exe C Program Files Keylogger Hunter KeyloggerHunter exe C DOCUME David LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Acrobat ActiveX AcroIEHelper dll O - BHO AcroIEToolbarHelper Class - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - HKLM Run BluetoothAuthenticationAgent rundll exe bthprops cpl BluetoothAuthenticationAgent O - HKLM Run CaISSDT quot C Program Files CA eTrust Internet Security Suite caissdt exe quot O - HKLM Run CaAvTray quot C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVTray exe quot O - HKLM Run CAVRID quot C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVRID exe quot O - HKLM Run LMPDPSRV C WINDOWS System spool DRIVERS W X LMPDPSRV EXE O - HKLM Run HostManager C Program Files Common Files AOL ee AOLSoftware exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - Startup Keylogger Hunter lnk C Program Files Keylogger Hunter KeyloggerHunter exe O - Global Startup Acrobat Assistant lnk C Program Files Adobe Acrobat Distillr acrotray exe O - Global Startup Lexmark X Settings Utility lnk C Program Files Lexmark X LEX SU exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - DPF A E - F C- DD -ADE - FAB ctlProductChecker ProductChecker - http bcontractors safeguardpropert uctChecker cab O - DPF AB CE -AC F- F- -D ABCA EC Get ActiveX Control - https h www hp com ewfrf-JAV oadManager ocx O - Service CAISafe - Computer Associates International Inc - C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus ISafe exe O - Service InstallDriver Table Manager IDriverT - Macrovision Corporation - C Program Files Common Files InstallShield Driver Intel IDriverT exe O - Service VET Message Service VETMSGNT - Computer Associates International Inc - C Program Files CA eTrust Internet Security Suite eTrus... Read more

A:tracking tracker

Download WinPFInd http://www.bleepingcomputer.com/file...r/WinPFind.zip and extract it to your C:\ folder. This will create a folder called WinPFind in the C:\ folder.

Download Track qoo http://www.geekstogo.com/downloads/Trackqoo.zip
Save it somewhere you will remember like the Desktop. Unzip the Track qoo.vbs inside to your desktop. DO NOT run it yet!

Reboot into Safe Mode
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.!


Inside C:\WinPFind is a file called WinPFind.exe. Double-click on this file to launch the program. Once it is launched, click on the Start Scan button and wait for it to finish. This program will scan large amounts of files on your computer for known patterns so please be patient while it works as it can take a while, upwards to 30 minutes or more.! Once the Scan is Complete it will make a txt file (log) of what was found.

1. Go to the WinPFind folder
2. Locate WinPFind.txt
3. Please post those results in your next post!

REBOOT to normal mode.

Double Click on "Track qoo.vbs"

Note - If you Antivirus has Script Blocking, you will get a Pop Up Windows asking you what to do. Allow this Entire Script to Run, its harmless!

Wait a few seconds and a notepad page will pop up, Copy & Paste those results and place them in the next post along with the results of WinPFind!

So I need the following tool logs..

WinPFind.txt log
Track qoo.vbs log

http://www.techsupportforum.com/forums/f284/tracking-tracker-89396.html
Relevancy 42.14%

Need a software which can record files and folders accessed recently....
(other than the windows recently accessed programs/documents)..

A:Need an activity tracker

This might work:

Recent Files Shell Extension

A Guy

http://www.sevenforums.com/software/147383-need-activity-tracker.html
Relevancy 42.14%

This seems liek a useful app, but i've never heard of it.. so i thought i would come over here and see if it is legit.

http://www.versiontracker.com/subsc...nt=leftnavlink&utm_campaign=windows+vt+pro+lp
 

https://forums.techguy.org/threads/version-tracker-pro-has-anyone-used-this-before.410117/
Relevancy 42.14%

I have a very bad time trying to keep track of my clothes, and I have lost several brand new jackets in the past couple weeks. I looked online and couldn't find anything, so I was woundering if anybody knows any good small fairly cheap gps tracker I could attach to my jackets.

I know this probably isn't the right forum for this,

A:GPS Tracker for Clothes

Just get a Tile - https://www.thetileapp.com/

http://www.techist.com/forums/f78/gps-tracker-clothes-277636/
Relevancy 42.14%

Hello everyone VERY IMPORTANT NOTE DO NOT CLICK ON THE LINK WITHIN THE QUOTED AREA I have an ongoing problem with emails coming in that look like this in the body lt html gt lt font size gt Hello dear lt p gt I feel bad about forgetting to reply in regard to the question lt p gt regarding no-charge infos lt p gt since your address was -or so they tell me- mis-spelled lt p gt Please go to the following web page of the no-charge info ops lt p gt Don t doubt it lt p gt lt font size color quot red quot gt go to this site lt p gt Spyware What??????? Or Tracker Or lt html gt http rd yahoo com tufwflsnbyjfjab wpbbqrxjxequcnfksonkxpwcsaosyuqdgugyhovtfabyp lt html gt lt font gt lt font size color quot black quot gt lt p gt Regards lt p gt Sara Gonzales lt font color quot white quot gt grinder with his wheel two guardsmen who were flirting with a nurse-girl and severalcomme un foret perce un tonneau Le musee de la Faculte de pull She was there in an instant and I caught a glimpse of it as she half-drew it out Mais sa science s arretait la Classer weapon which will always secure me from any steps which he might take in the future Iet s eloigner des continents ou des ilesClick to expand The sender and subject is ALWAYS DIFFERENT each time but the body of the message is ALWAYS garbled and makes no sense a collection of unrelated words actually this one makes more sense than most of them they do seem to have XXX related matter in them alot of times How can I get rid of them or what I mean I am all protected up I have Adaware and Spybot Search and Destroy SpywareBlaster amp Spywareguard Noton Antivirus and all that good stuff and these always keep coming in even after I do scans and nothing is found Anyone else know anything about these or have any idea about them Stumped nbsp

A:Spyware Or Tracker Or What???????

None of your programs(Adaware; and Spybot Search and Destroy; SpywareBlaster & Spywareguard) will have any effect on you recievingthese e-mails.
Are they all coming from the same source?....I mean the same mail sever?
Mailwasher should help....you get the option to bounce the e-mails back to the source as if it has hit a non existant e-mail addy so theoretically should not be sent again.
http://www.mailwasher.net/

 

https://forums.techguy.org/threads/spyware-or-tracker-or-what.178727/
Relevancy 42.14%

Besides these two I also seem to have Elite toolbar and Sasser last nite as well I have done spybot Adaware Adaware is coming up clean Spybot cannot seem to finish quarantining the files found above I am on different machine currently Sex Adaware and A Tracker as my IE cannot work I'm not even running IE and I'm getting popups sounds like Elite is back ARRRRGHHHH Please review HJT Sex Tracker and A Adaware Log and give me some help pleeeeaaase I'm in China on business and Laptop is my only link to work etc Logfile of Sex Tracker and A Adaware HijackThis v Scan saved at AM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes Sex Tracker and A Adaware C WINNT System smss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system svchost exe C WINNT system spoolsv exe C WINNT System Ati evxx exe C PROGRA SYMANT SYMANT DefWatch exe C WINNT System svchost exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C PROGRA SYMANT SYMANT Rtvscan exe C WINNT system regsvc exe C WINNT system MSTask exe C WINNT System WBEM WinMgmt exe C WINNT system svchost exe C WINNT system userinit exe C WINNT system Atiptaxx exe C PROGRA SYMANT SYMANT vptray exe C WINNT system ctfmon exe C Program Files EarthLink TotalAccess TaskPanl exe C WINNT DvzCommon DvzMsgr exe C Program Files WinZip WZQKPICK EXE C Program Files Linksys Wireless-B Notebook Adapter WPC Cfg exe C Program Files Palm HOTSYNC EXE C WINNT explorer exe C Program Files Microsoft Office Office WINWORD EXE C WINNT system cmd exe C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer SearchURL http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Default Page URL http start earthlink net R - HKCU Software Microsoft Internet Explorer Main Default Search URL http www earthlink net partner mor on search html R - HKCU Software Microsoft Internet Explorer Main Search Bar http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Search Page http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www earthlink net partner mor on search html F - REG system ini UserInit userinit exe userinit exe O - HKLM Run Synchronization Manager mobsync exe logon O - HKLM Run AtiPTA Atiptaxx exe O - HKLM Run vptray C PROGRA SYMANT SYMANT vptray exe O - HKCU Run ctfmon exe ctfmon exe O - HKCU Run E TaskPanel quot C Program Files EarthLink TotalAccess TaskPanl exe quot -winstart O - Startup HotSync Manager lnk C Program Files Palm HOTSYNC EXE O - Global Startup Dataviz Messenger lnk C WINNT DvzCommon DvzMsgr exe O - Global Startup WinZip Quick Pick lnk C Program Files WinZip WZQKPICK EXE O - Global Startup Wireless-B Notebook Adapter Utility lnk C Program Files Linksys Wireless-B Notebook Adapter WPC Cfg exe O - HKCU Software Policies Microsoft Internet Explorer Control Panel present O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - DPF BAC - DD- - D- A E D A Yahoo Photos Easy Upload Tool Class - http us dl yimg com download yaho opper us cab O - DPF E E E - AA - D -ABA - AA C GpcContainer Class - https partminer webex com client v ex ieatgpc cab O - Service Ati HotKey Poller - Unknown owner - C WINNT System Ati evxx exe O - Service CWShredder Service - Unknown owner - D CWShredder exe file missing O - Service DefWatch - Symantec Corporation - C PROGRA SYMANT SYMANT DefWatch exe O - Service Logical Disk Manager Administrative Service dmadmin - VERITAS Software Corp - C WINNT System dmadmin exe O - Service Symantec AntiVirus Client Norton AntiVirus Server - Symantec Corporation - C PROGRA SYMANT SYMANT Rtvscan exe O - Service Remote Administrator Service r server - Unknown owner - C WINNT system r server exe qu... Read more

A:Sex Tracker and A Adaware

Welcome to TSF.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

If you have a fast internet connection (broadband), run an online virus scan at TrendMicro http://uk.trendmicro-europe.com/ente...all_launch.php. Just follow the instructions on the site to run the online scan. If any viruses/trojans are detected, try to delete or clean them in that site. Otherwise, make sure your antivirus program has the latest definitions and run a full system scan.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers.

Go to Start->Run and type in services.msc and hit OK. Then look for Remote Administrator Service (r_server) and double click on it. Click on the Stop button and under Startup type, choose Disabled.

Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn't be - but double check it):

C:\WINNT\system32\userinit32.exe

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
F2 - REG:system.ini: UserInit=userinit.exe,userinit32.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\system32\r_server.exe" /service (file missing)

Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\WINNT\system32\userinit32.exe - delete the file exactly as shown here
C:\WINNT\system32\r_server.exe

Reboot into Normal Mode and run new HijackThis scan. If there were some entries that didn't show up in Safe Mode, you may check and fix those that appear now in normal mode (if you do that, make sure to run a new scan again). Save the log file and run KRC HijackThis Analyzer in the same folder to get the result.txt log. Just post the contents of the result.txt file in the forum.

http://www.techsupportforum.com/forums/f100/sex-tracker-and-a-adaware-49119.html
Relevancy 42.14%

There are lots of Fitness Band or you can Say Fitness tracker in the market but Can you plz tell me the best Fitness Band ?
1. Fitbit Surge
2. Apple
3. Microsoft Band
4. Epson Runsense / Pulsense
5. Basis Peak
6. Mio
7. Jawbone up3
8. Asus Vivowatch
9. Misfit
10. Actofit
11. Other

http://forums.windowscentral.com/ask-question/445588-best-fitness-tracker.html
Relevancy 42.14%

how can i find a tracker for a torrent ? i really don't understand this,
 

A:how to find tracker ??

We don't help with P2P or torrenting stuff since it's primary use is illegal.
 

https://forums.techguy.org/threads/how-to-find-tracker.640276/
Relevancy 42.14%

I think my wife may be cheating on me and I want to record her aol messenger conversations without her knowing. Also, is there any software that would record any of the sites she has logged in, while showing the password she used and username/email account?

thanks. need help please.
 

A:aim logger/ tracker

Hi, Sorry, TechGuy.org does not assist with using keyloggers, or AIM loggers, we have no way to verify the situation, hope you understand.

Nine times out of ten you will make the situation worse- logging software can be detected. Things can get out of hand, and we cannot be part of something like this.

Closing thread.
 

https://forums.techguy.org/threads/aim-logger-tracker.649948/
Relevancy 42.14%

I use Firefox as my web browser. It updated itself to version 3.0.4 the other day. Having done so it warned me that my version of sotfone tracker was not compatible with the latest version of Firefox. I contacted Firefox and they pointed me in the direction of bleepingcomputer.com. I did a full scan using my KIS 2009 AV suite and nothing was reported as a problem. Then I contacted Kaspersky and they just want me to send them a screen dump of the Firefox message which I can't do until the next update (according to Firefox). Having Googled sotfone tracker I suspect that it is a Trojan of some kind.

How do I get rid of it? I am very much a novice at this so if you can help me please lead me gently through the maze.

A:Sotfone Tracker

Welcome to BC.Please download Malwarebytes Anti-Malware and save it to your desktop.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.

http://www.bleepingcomputer.com/forums/t/180676/sotfone-tracker/
Relevancy 42.14%

Help!

I don't know if anyone can help me but I am trying to locate a supplier in the UK for a Logitech Trackman Marble+ mouse.

I have found loads of US sites selling it but none in the UK.

Any help would be appreciated

Thanks
jampot.
 

Relevancy 42.14%

I have a law office and think my system may have been hacked by a competor or Im just psychotic. Either way thought I'd look into the above question and see what the smart folks thoughts were and at worst maybe kick this old dog of a computer back in gear and make it worth using again. SO assuming I was hacked I tried first to rid the eval bug but evil malware instead - cheap bastard that I am - then I figured hey I'll just learn programing cause I got such a good grade when I took BASIC in 1983 should be no sweat. Fools rush in they say. ANyway had the benefit of at least taking my brain off idle and getting me intrested in something again. Therefore, if theres a Guru out there willing to put me through the paces it'd be appreciated.

Mike

http://www.bleepingcomputer.com/forums/t/300217/hacker-tracker/
Relevancy 42.14%

I had "pest tracker" appear on my computer and has been acting strange ever since. I have deleted the program, run AVG rootkit, spyware and virus check several times since and am still not right, the spyware will only run in safe mode. I am running Windows XP and the users show having administraor rights but when I go to do any administrative tasks I am blocked. I have noticed that all of my 'KB....' files in windows were created about 2 weeks ago in the middle of the night and there are matching hidden '$KB...uninstall' folders created at the same time.

A:Pest Tracker

Please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may have performed some of these steps already. If you can't perform a step, then skip and continue with the next. In step #9 there are instructions for downloading HijackThis and creating a log. (This is a self-extracting version which will automatically install HJT in the proper location.) If HijackThis will not run, try renaming it. Open the HijackThis Folder, right-click on the HijackThis.exe file and rename it Scanner.exe. Double-click on Scanner.exe (which is still HijackThis) and then run your scan. If needed, change the .exe to something else such as .bat, .com, .pif, or .scr. Example: Scanner.bat or Scanner.comWhen you have done that, post your log in the HijackThis Logs and Malware Removal forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day. Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and reply with instructions advising you what to fix. After doing this, we would appreciate if you post a link to your log back here so we know that your getting help from the HJT Team.Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?".

http://www.bleepingcomputer.com/forums/t/111669/pest-tracker/
Relevancy 42.14%

Hello Hope You guys can help I have ran Malwarebyte Spybot McAfee and still having passwords changed Also made the Attach and the DDS files but could not run RootRepeal keeps locking up the computer Its a Alienware Keylogger/tracker Possible computer running Possible Keylogger/tracker windows XP Any help would be greatly appericated Thanks John TendaDDS Ver - - - NTFSx Run by Owner at on Tue Internet Explorer Microsoft Windows XP Professional GMT - AV McAfee VirusScan On-access scanning enabled Updated B EE - - CDE-A A-DD BA FAD FW McAfee Personal Firewall enabled B - C F- -BDA - CA DA E Running Processes C WINDOWS system svchost -k DcomLaunchsvchost exeC WINDOWS System svchost exe -k netsvcssvchost exesvchost exeC Program Files Lavasoft Ad-Aware AAWService exeC WINDOWS system spoolsv exesvchost exeC Program Files Possible Keylogger/tracker Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Bonjour mDNSResponder exeC WINDOWS eHome ehRecvr exeC WINDOWS eHome ehSched exeC Program Files Bigfoot Networks Killer Driver PortManager exeC PROGRA McAfee MSC mcmscsvc exec PROGRA COMMON mcafee mna mcnasvc exec PROGRA COMMON mcafee mcproxy mcproxy exeC Program Files McAfee MPF MPFSrv exeC WINDOWS Explorer EXEc PROGRA mcafee com agent mcagent exeC Program Files NVIDIA Corporation nTune nTuneService exeC WINDOWS system nvsvc exec Program Files Microsoft SQL Server Shared sqlwriter exesvchost exeC WINDOWS system svchost exe -k imgsvcC WINDOWS ehome ehtray exeC WINDOWS RTHDCPL EXEC Program Files CyberLink PowerDVD PDVDServ exeC WINDOWS system RUNDLL EXEC WINDOWS system ctfmon exeC Program Files Bigfoot Networks Killer Driver KillerTray exeC Program Files Logitech SetPoint SetPoint exeC Program Files Logitech SetPoint II SetpointII exeC Program Files Common Files Logishrd KHAL KHALMNPR EXEC WINDOWS system dllhost exeC WINDOWS System svchost exe -k HTTPFilterC WINDOWS eHome ehmsas exeC Program Files Lavasoft Ad-Aware AAWTray exeC PROGRA McAfee VIRUSS mcsysmon exeC PROGRA McAfee VIRUSS mcshield exeC Program Files McAfee MBK McAfeeDataBackup exeC Program Files Trend Micro HijackThis HijackThis exeC Program Files Mozilla Firefox firefox exeC Documents and Settings Owner My Documents Downloads dds scr Pseudo HJT Report mSearchAssistant hxxp www google com iemURLSearchHooks H - No FileBHO AcroIEHlprObj Class e f-c d - d -b d- b d be b - c program files adobe acrobat activex AcroIEHelper dllBHO AVG Safe Search ca f - f e- b -a e- e e c c - c program files avg avg avgssie dllBHO Spybot-S amp D IE Protection - f - d - - d f - c program files spybot - search amp destroy SDHelper dllBHO scriptproxy db d a - - e -b d- f c - c program files mcafee virusscan scriptsn dllBHO Windows Live Toolbar Helper bdbd dad-c - a -adc - b b ff d - c program files windows live toolbar msntb dllBHO x - No FileTB CCC A -B CA- -B A - F DD - No FileTB Windows Live Toolbar bdad dad-c - a -adc - b b ff d - c program files windows live toolbar msntb dllTB A A -BACC- D - - A E E - No FileTB D C F- A- -A AD- D - No FileuRun NVIDIA nTune quot c program files nvidia corporation ntune nTuneCmd exe quot clearuRun ctfmon exe c windows system ctfmon exemRun ehTray c windows ehome ehtray exemRun RTHDCPL RTHDCPL EXEmRun Alcmtr ALCMTR EXEmRun NvCplDaemon RUNDLL EXE c windows system NvCpl dll NvStartupmRun nwiz nwiz exe installmRun RemoteControl quot c program files cyberlink powerdvd PDVDServ exe quot mRun LanguageShortcut quot c program files cyberlink powerdvd language Language exe quot mRun NvMediaCenter RUNDLL EXE c windows system NvMcTray dll NvTaskbarInitmRun Kernel and Hardware Abstraction Layer KHALMNPR EXEmRun mcagent exe quot c program files mcafee com agent mcagent exe quot runkeymRun McAfee Backup quot c program files mcafee mbk McAfeeDataBackup exe quot mRun Malwarebytes Anti-Malware reboot quot c program files malwarebytes' anti-malware mbam exe quot runcleanupscriptStartupFolder c docume alluse startm programs startup launch lnk - c prog... Read more

A:Possible Keylogger/tracker

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREElle

http://www.bleepingcomputer.com/forums/t/280790/possible-keyloggertracker/
Relevancy 42.14%

Hi, I was wondering if any has heard of a facebook tracker that allows you to see what people have viewed your profile, and if it is out there what are the steps to get it? thanks.

Keith

A:Facebook Tracker

im almost 100% sure there is no such thing. you might be able to see the ips of the people but i dont htink so.

http://www.techsupportforum.com/forums/f10/facebook-tracker-137791.html
Relevancy 42.14%

Hi All

I had a very good working Gmail tracker that I had used for several weeks, and I had to do a recover and it deleted the program on me. I remember it's title was a very short one, and it worked great and it was a freebie. I think I picked up on it through Cnet or one of the other newsletters I get.

I have looked all through my program files, downloads, etc and It is gone. I can find plenty of notifiers out there but I am wanting a program theat lets you know when the person you are sending an e-mail to receives it.

So if anyone knows of one, either a freebie or a pay one let me know about it. I appreciate it.

Thanx......Gunny

A:Gmail tracker

Does GMail have an option for a return receipt?

http://www.bleepingcomputer.com/forums/t/450781/gmail-tracker/
Relevancy 41.71%

I had quot pest tracker quot appear on my computer and has been acting strange ever since I have deleted the program and am still not right I am running Windows XP and screen saver and desktops are not acting like they are set I have noticed that all of my 'KB ' files in windows were created about weeks ago in the middle of the night and there Infection Pest Tracker are matching hidden ' KB uninstall' folders created at the same time Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Sygate SPF smc exeC WINDOWS system spoolsv exeC Program Files Grisoft AVG Anti-Spyware guard exeC PROGRA Grisoft AVG avgamsvr exeC PROGRA Grisoft AVG avgupsvc exeC PROGRA Grisoft AVG avgemc exeC WINDOWS system HPZipm exeC WINDOWS system svchost exeC WINDOWS Explorer EXEC WINDOWS SYSTEM USRmlnkA exeC Program Files Common Files Real Update OB realsched Pest Tracker Infection exeC PROGRA Grisoft AVG avgcc exeC WINDOWS Pest Tracker Infection SYSTEM USRshutA exeC WINDOWS SYSTEM USRmlnkA exeC Program Files Grisoft AVG Anti-Spyware avgas exeC Program Files Java jre bin jusched exeC Program Files Messenger msmsgs exeC Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeC Program Files Pest Tracker Infection Spybot - Search amp Destroy TeaTimer exeC Program Files Common Files Microsoft Shared Works Shared wkcalrem exeC Program Files BackWeb BackWeb Program backweb exeC Program Files Greetings Workshop Gwremind exeC Program Files HP Digital Imaging bin hpqtra exeC WINDOWS system ntvdm exeC Program Files TrueSwitchAT amp TYahoo TrueWizard exeC PROGRAM FILES BACKWEB BACKWEB PROGRAM FREXT EXEC Program Files HP Digital Imaging bin hpqgalry exeC Program Files Internet Explorer IEXPLORE EXEC Program Files Internet Explorer IEXPLORE EXEC Program Files Common Files Real Update OB rnathchk exeC Program Files Internet Explorer iexplore exeC Program Files Internet Explorer iexplore exeC WINDOWS system wuauclt exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www att net R - HKLM Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com customize rch search htmlR - HKLM Software Microsoft Internet Explorer Main Local Page c windows SYSTEM blank htmO - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLLO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER DLLO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dllO - Toolbar amp Yahoo Companion - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLLO - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS system msdxm ocxO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run USRpdA C WINDOWS SYSTEM USRmlnkA exe RunServices Device cpipe-USRpdAO - HKLM Run SystemTray SysTray ExeO - HKLM Run McAfeeWebScanX C PROGRAM FILES NETWORK ASSOCIATES MCAFEE VIRUSSCAN WebScanX ExeO - HKLM Run TkBellExe C Program Files Common Files Real Update OB realsched exe -osbootO - HKLM Run PRISMSVR EXE quot C WINDOWS system PRISMSVR EXE quot APPLYO - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUPO - HKLM Run AVG Anti-Spyware quot C Program Files Grisoft AVG Anti-Spyware avgas exe quot minimizedO - HKLM Run SmcService C PROGRA Sygate SPF smc exe -startguiO - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exeO - H... Read more

A:Pest Tracker Infection

Print out these instructions and then close all windows including Internet Explorer.Then I want you to fix some of those entries. Please do the following:Please make sure that you can view all hidden files. Instructions on how to do this can be found here:How to see hidden files in WindowsRun Hijackthis again, click scan, and Put a checkmark next to each of these. Then click the Fix button:O16 - DPF: {10000000-1000-0000-1000-000000000000} - mhtml:file://C:\ARCHIVE.MHT!http://64.124.210.159//alla/server.exeO16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cabO16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cabO16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cabO16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exeO21 - SSODL: systemp - {FB2CD720-F640-11D9-A2DD-444553540000} - systemp.dll (file missing)Reboot your computer into Safe ModeThen delete these files or directories (Do not be concerned if they do not exist)C:\ARCHIVE.MHTc:\eied_s7.cabc:\ex.cabc:\ex.cabC:\Windows\System32\systemp.dll Reboot your computer to go back to normal mode.Then do the following:Download Combofix to your desktop.

Doubleclick combofix.exe

Follow the prompts.Don't click on the window while the fix is running, because that will cause your system to hang.When finished, and after reboot if it asks for one, combofix will open again to gather the necessary information for the log. This may take a while so please be patient. When done, Combofix will close and a log should open called combofix.txt. Post the contents of this log in your next reply along with a new hijackthislog.Please do not post the ComboFix-quarantined-files.txt unless I ask you to.

http://www.bleepingcomputer.com/forums/t/112308/pest-tracker-infection/
Relevancy 41.71%

Hi,

Need help on this. I'm trying to somewhat automate this report using macro (hopefully). The attached file has 2 sheets.

- 1st sheet Input shows the data extracted from sharepoint2003. BTW, I'm using Excel2007. As you may see, Columns B, C, D and E are combined in one cell.
- 2nd sheet Output is what I need the outcome to be.
Thanks,
 

https://forums.techguy.org/threads/need-macro-for-a-tracker-report.1031926/
Relevancy 41.71%

I've downloaded and run HijackThis Here is my log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v search-tracker.net virus help! -- Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC Program Files Windows Defender MsMpEng exeC WINDOWS System svchost exeC Program Files Intel Wireless Bin EvtEng exeC WINDOWS Explorer EXEC Program Files Intel Wireless Bin S EvMon exeC Program Files Intel Wireless Bin WLKeeper exeC WINDOWS System wltrysvc exeC WINDOWS System bcmwltry exeC WINDOWS system spoolsv exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC WINDOWS system IFXSPMGT exeC Program Files Java jre bin jqs exeC Program Files McAfee SiteAdvisor Enterprise McSACore exeC Program Files McAfee Common Framework FrameworkService exeC Program Files McAfee VirusScan Enterprise Mcshield exeC Program Files McAfee VirusScan Enterprise VsTskMgr exeC Program Files OpenCASE OpenCASE Media Agent MediaAgent exeC Program Files Broadcom Security Platform Software PSDsrvc EXEC Program Files Intel Wireless Bin RegSrvc exeC WINDOWS system svchost exeC Program Files Viewpoint Common ViewpointService exeC Program Files RegCure RegCure exeC Program Files Intel Wireless bin ZCfgSvc exeC Program Files Intel Wireless Bin ifrmewrk exeC Program Files McAfee VirusScan Enterprise SHSTAT EXEC Program Files Java jre bin jusched exeC Program Files AutorunRemover AutorunRemover search-tracker.net virus -- help! exeC WINDOWS system ctfmon exeC Program Files Intel Wireless Bin Dot XCfg exeC Program Files Mozilla search-tracker.net virus -- help! Firefox firefox exeC WINDOWS system wuauclt exeC Program Files McAfee Common Framework UdaterUI exeC search-tracker.net virus -- help! Program Files McAfee Common Framework McTray exeC Documents and Settings Forrest Lee Harris FORRESTDELL Desktop avira antivir personal en exeC DOCUME FORRES FOR LOCALS Temp RarSFX basic presetup exeC WINDOWS system msiexec exeC DOCUME FORRES FOR LOCALS Temp RarSFX basic setup exeC Program Files Avira AntiVir Desktop avguard exeC Program Files Avira AntiVir Desktop sched exeC Program Files Avira AntiVir Desktop avgnt exeC Program Files Trend Micro HijackThis HijackThiiiiiis exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer actsvr comcastonline com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride cdn localO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Acrobat ActiveX AcroIEHelper ocxO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dllO - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dllO - BHO scriptproxy - DB D A - - E -B D- F C - C Program Files McAfee VirusScan Enterprise scriptcl dllO - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - HKLM Run IntelZeroConfig quot C Program Files Intel W... Read more

A:search-tracker.net virus -- help!

Hello fharris1984,Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt.Please post the contents of that document.*****************We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make. Open Windows Defender. Click on Tools, General Settings. Scroll down and uncheck Turn on real-time protection (recommended). After you uncheck this, click on the Save button and close Windows Defender.After all of the fixes are complete it is very important that you enable Real-time Protection again.Please download Malwarebytes' Anti-Malware from one of these places:http://download.cnet.com/Malwarebytes-Anti...&tag=buttonhttp://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.htmlhttp://www.besttechie.net/mbam/mbam-setup.exeDouble Click mbam-setup.exe to install the application. * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select "Perform Full Scan", then click Scan. * The scan may take some time to finish,so please be patient. * When the scan is complete, click OK, then Show Results to view the results. * Make sure that everything is checked, and click Remove Selected. * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. * Copy&Paste the entire MBAM report (even if it does not find anything) in your next reply along with a fresh HijackThis log.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

http://www.bleepingcomputer.com/forums/t/236262/search-trackernet-virus-help/
Relevancy 41.71%

What is Tracker.Marinsm.com?  Everytime I search for something everything slows down and I see that in the Address Bar.
 
Malware doesn't get rid of it.
 
Help!

A:http://tracker.marinsm.com?

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

http://www.bleepingcomputer.com/forums/t/589703/httptrackermarinsmcom/
Relevancy 41.71%

good more maybe Solved: and sotfone-tracker day working on a friend s pc that had dealio and other adware slowing it WAY down ran ad-aware and spybot S amp D but pretty sure those didn t catch all the bad stuff I removed dealio via add and remove programs but I can still see it the HJT log and pc is still pretty slow online thanks for any and all help with this issue HJT log is attached Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system ZoneLabs vsmon Solved: sotfone-tracker and maybe more exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C Program Files Lavasoft Ad-Aware aawservice exe C Program Files CheckPoint ZAForceField IswSvc exe C WINDOWS system spoolsv exe C Program Files Google Common Google Updater GoogleUpdaterService exe C WINDOWS system lxbmcoms exe C Program Files PC Tools AntiVirus PCTAVSvc exe C WINDOWS system svchost exe C WINDOWS system wscntfy exe C Program Files Java Solved: sotfone-tracker and maybe more jre bin jusched exe C Program Files PC Tools AntiVirus PCTAV exe C WINDOWS System svchost exe C Program Files Lexmark Series lxbmmon exe C Program Files Common Files Real Update OB realsched exe C Program Files Zone Labs ZoneAlarm zlclient exe C WINDOWS RTHDCPL EXE C Program Files Windows Live Messenger MsnMsgr Exe C WINDOWS system ctfmon exe C Program Files DNA btdna exe C Program Files Mozilla Firefox firefox exe C Program Files IObit IObit SmartDefrag IObit SmartDefrag exe C WINDOWS system SNDVOL EXE C Program Files XoftSpySE xoftspy exe C Program Files Trend Micro HijackThis HijackThis exe O - BHO HP Print Enhancer - C E- - -BF - C - C Program Files HP Smart Web Printing hpswp printenhancer dll O - BHO HP Print Clips - F -DC - -A C- F D C - C Program Files HP Smart Web Printing hpswp framework dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO no name - A B -A F- -AE - D C BF - no file O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO ForceField Toolbar Registrar - A A C - - D C-BD D- CB EED E - C Program Files CheckPoint ZAForceField TrustChecker Components TrustCheckerIEPlugin dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - BHO OToolbarHelper Class - EAD A - A - - -C E - C Program Files PayPal PayPal Plug-In PayPalHelper dll O - Toolbar ForceField Toolbar - EE AC E -B B - EC - A -BCA A AB - C Program Files CheckPoint ZAForceField TrustChecker Components TrustCheckerIEPlugin dll O - Toolbar PayPal Plug-In - DC F F - FA- f -ACAA- F B - C Program Files PayPal PayPal Plug-In OToolbar dll O - Toolbar no name - E C F -A A- F C- FEC-FD DC A F - no file O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run PCTAVApp quot C Program Files PC Tools AntiVirus PCTAV exe quot MONITORSCAN O - HKLM Run AtiPTA atiptaxx exe O - HKLM Run REGSHAVE C Program Files REGSHAVE REGSHAVE EXE AUTORUN O - HKLM Run lxbmmon exe quot C Program Files Lexmark Series lxbmmon exe quot O - HKLM Run Lexmark Series Fax Server quot C Program Files Lexmark Series fm exe quot s O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run ZoneAlarm Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKLM Run RTHDCPL RTHDCPL E... Read more

Relevancy 41.71%

Hey Team I am not to sure if this would be the right place to seek help for my issue neways GUYS i am time Idle tracker having a hard time in my organization there is a new application installed on every employees system which is Idle time tracker known as the quot time tracker quot NOw the concern is that if you do not touch the keyboard or the mouse for min it counters a idle time and then adds up to my break time i do not have admin rights to research on it and also my tried effort went in vain I created autorefresh java html script it did not work it refreshed but did not help in idle time Tried website redirect again disappointment it redirects but again did not help in idle time i would be GLAD can you guys can help me find a solution to over come the idle time OS- winxp sp i have restrictions as i am on domain group policy

A:Idle time tracker

Hi and welcome to TSF

I guess, in this day in age, be thankful you have job. I guess the "boss" expects you work since he/they are paying you.

What you are asking we can't help. You basically asking for a work around a
restriction that has been placed on you PC or a requirment of the employer.

Please take the time to review our rules again, they can be found here in case you missed it:

http://www.techsupportforum.com/rules.php

Closing this post.

BG

http://www.techsupportforum.com/forums/f10/idle-time-tracker-471292.html
Relevancy 41.71%

I went through the instructions (very easy) to UNINSTALL the mousetracker software.  When that process was finished, I was asked to restart the laptop.  I did.  Guess what.  Mousetracker was still there, and I was asked AGAIN to restart the laptop.  Tracker still there.  Looked in Device Manager.  Uninstalled again.  Restarted again.  The O&&(^^T&TGR#@^ mousetracker is still there.  Why doesn't it uninstall??  My last laptop had a toggle switch below the spacebar that actually turned off the tracker.  Maybe I should have gotten that brand again instead of an HP.

http://h30434.www3.hp.com/t5/Notebook-Video-Display-and-Touch/disable-mouse-tracker/td-p/5724993
Relevancy 41.71%

Hello all, new member here.
 
I need to track changes to a particular webpage. Here's the catch: the webpage requires a log-in (i.e. you must log in to ever reach the page). The webpage trackers I've tried (like Versionista) return the same nonsense you'd get from typing in the URL into any unauthorized computer. Is there anyway around this? Perhaps a program that can authenticate me when necessary or some other workaround? Or even a particular tracker that bypasses this problem all together?
 
Thanks!

A:Webpage Tracker Workaround

Anyone? I just need to be alerted when a certain webpage that requires a log-in is updated. I'm sure others have solved this problem.

http://www.bleepingcomputer.com/forums/t/542068/webpage-tracker-workaround/
Relevancy 41.71%

Hey, I'm having the same problem described here http://www.bleepingcomputer.com/forums/t/236262/search-trackernet-virus-help/However, when I try to run antivirus programs, nothing happens. I attempted to use the Malwarebytes program suggested but it won't run. When the installation is finished, it says that the program encountered an error and must close. When I try to run the program, nothing happens.I am running 32-bit vista in case that is pertinent information.

A:Search Tracker Net Virus

Moved from hjt to a more appropriate forum. Tw

http://www.bleepingcomputer.com/forums/t/237136/search-tracker-net-virus/
Relevancy 41.71%

I have this installed as the rewards appear good & have read the privacy agreement so it sounds OK to me. I just realised earlier that I logged into my bank account when I was on it. Should I worry? 

A:Is nuargo web tracker safe

From what I've read it's a safe plugin. The only negative things I could find were that it may slow down your pc's performance, and people are not getting paid like they are supposed to be.

http://www.bleepingcomputer.com/forums/t/497161/is-nuargo-web-tracker-safe/
Relevancy 41.71%

Hello all, new member here.

I need to track changes to a particular webpage. Here's the catch: the webpage requires a log-in (i.e. you must log in to ever reach the page). The webpage trackers I've tried (like Versionista) return the same nonsense you'd get from typing in the URL into any unauthorized computer. Is there anyway around this? Perhaps a program that can authenticate me when necessary or some other workaround? Or even a particular tracker that bypasses this problem all together?

Thanks!

A:Webpage Tracker Workaround

Anyone? I just need to be alerted when a certain webpage that requires a log-in undergoes a change. I'm sure others have encountered and solved this problem.

http://www.techist.com/forums/f50/webpage-tracker-workaround-271906/
Relevancy 41.71%

I am looking foir a free software program that will let me know when someone has opened an e-mail I sent to them.

I was using Mstag but they are moving to a paid product and it is no longer working on my XP/Outlook 2003 software.

I have looked at some but finding anything at this time. With so much freeware out there you would think it would be available. Anyone out there know of something like this.
 

A:Email notifier or tracker

Hi,
Have you looked at SpyPig (free)? Not used it myself.

http://spypig.com/

Recommended here as Best Free Email Tracking:

http://www.techsupportalert.com/content/best-free-online-applications-and-services.htm#Office-Suite

Richard
 

https://forums.techguy.org/threads/email-notifier-or-tracker.925659/
Relevancy 41.71%

Hi everone Since about weeks back I have had some kind of keylogger cookie tracker maybe they re the same thing I dunno on my computer I play world of warcraft and the problems started about weeks ago when I was trying to log on and saw to my surprise that my account had been banned for selling gold for real cash I checked my emails and since I knew I hadn t done anything I replied to blizzard explaining the situation and got everything back help with tracker! Need keylogger/cookie But Yesterday it happened again and I m not sure it s a keylogger since I didn t give my password to anyone and someone had changed my password To do this you have to confirm a link sent to the account owners e-mail mine which means someone knew my password there too I was redirected to a forum thread on the wow-europe com site quot http forums wow-europe com thread html Need help with keylogger/cookie tracker! topicId amp sid quot and followed the instructions I have now done scans with ATF cleaner Ad-aware spybot search amp destroy MBAM norton anti-virus and now HijackThis even though the last one isn t a scan but more like a report Some of the programs found several tracking cookies and removed everything they found I would be really happy if anyone could help me and see if anything s still wrong I m using windows XP if that helps in any way Well anyway here s my HijackThis logfile Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Delade filer Symantec Shared ccSvcHst exe C Program Delade filer Symantec Shared AppCore AppSvc exe C Program Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C Program acer Acer eConsole MediaServerService exe C Program Delade filer Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Symantec LiveUpdate ALUSchedulerSvc exe C Program Bonjour mDNSResponder exe C Program Delade filer Symantec Shared ccSvcHst exe C WINDOWS system nvsvc exe C WINDOWS Explorer EXE C Program Java jre bin jusched exe C Program CyberLink PowerDVD PDVDServ exe C Program NVIDIA Corporation NvMixer NVMixerTray exe C WINDOWS system RUNDLL EXE C Program Acer Acer eConsole MediaSync exe C Program Acer eRecovery Monitor exe C WINDOWS system wuauclt exe C Program D-Link AirPlus XtremeG AirPlusCFG exe C Program Acer Acer eMode Management AspireService exe C Program ANI ANIWZCS Service WZCSLDR exe C WINDOWS AGRSMMSG exe C Program Delade filer Symantec Shared ccApp exe C Program iTunes iTunesHelper exe C Program Windows Live Messenger msnmsgr exe C WINDOWS system ctfmon exe C Program Skype Phone Skype exe C Program Lavasoft Ad-Aware AAWTray exe C Program Skype Plugin Manager skypePM exe C Program iPod bin iPodService exe C Program Mozilla Firefox firefox exe C Program Delade filer Symantec Shared CCPD-LC symlcsvc exe C Program Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http runonce msn com v msgrv R - HKLM Software Microsoft Internet Explorer Main Default Page URL http global acer com R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - Default URLSearchHook is missing O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - E A - - D F-BEAE-D A C - C Program Delade filer Symantec Shared coShared Browser NppBho dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Java jre bin ssv dll O - BHO Windows Live inloggningshj lpen - D - C - ABF- ECC- C - C Program Delade filer Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar ... Read more

https://forums.techguy.org/threads/need-help-with-keylogger-cookie-tracker.880328/
Relevancy 41.71%

I have a customer who wants GPS tracking on an employee's (company owned) laptop.

I told her that I know of theft recovery apps for laptops, but not any real-time GPS trackers
like she is looking for.

Anybody know of anything that would work for her?

Needs to work while laptop is off, moving in vehicle, etc.

.
 

A:Customer wants laptop GPS tracker

Most laptops, unlike phones and tablets, don't have GPS radios in them, so the first thing you would have to do is install one.

Second, she may be violating privacy laws by doing this without the employee's consent. To cover your own ass, I would refuse to even consider helping with something like this without getting sign off from a local legal expert.
 

https://hardforum.com/threads/customer-wants-laptop-gps-tracker.1901154/
Relevancy 41.71%

i was wondering if they made a program that keeps track of how much you download per day/month/week whichever and if so what and where do i get it.
Kyle
 

A:good download tracker

are you looking for the amount in Hours or Bytes? There are quite a few internet counters out there that record the hours, minutes and seconds you have ben online. Google "online timer" and you will find a ton of these

However if you want to find a program to recoard how many bytes your computer receves in a week, I have never heard of one. May I ask why you need to keep track of it and I may be able to suggest differnt ways to go about retreving that kind of information without added programs
 

https://forums.techguy.org/threads/good-download-tracker.166533/
Relevancy 41.71%

Does anyone know of a program that can track where data is going that leaves the modem. The reason that I ask is that my modem is sending and recieving data even when I'm not doing anything and it's only started doing this just yesterday and I'm a bit worried.

Thanks in advance,
Dayne.
 

https://forums.techguy.org/threads/data-tracker-program.36578/
Relevancy 41.71%

What is the best free tracker stopper?

I want to stop such trackers as Google, Meebo, etc

Thanks

http://www.bleepingcomputer.com/forums/t/450098/anti-tracker-software/
Relevancy 41.71%

Connection-specific DNS Suffix . : domain.invalid

Windows IP Configuration

Host Name . . . . . . . . . . . . : home
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.invalid

Connection-specific DNS Suffix . : domain.invalid
Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-19-D1-F7-1E-18
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.254.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.254.254
DHCP Server . . . . . . . . . . . : 192.168.254.254
DNS Servers . . . . . . . . . . . : 192.168.254.254
Lease Obtained. . . . . . . . . . : Friday, December 19, 2008 7:58:45 PM

Lease Expires . . . . . . . . . . : Tuesday, January 19, 2038 7:14:07 AM


 

Relevancy 41.71%

Hello -- my brand new XPS with Windows and McAfee is infected with malware The symptom is a browser window will Redirector or with Infected Tracker automatically open randomly Infected with Tracker or Redirector and redirect me to some strange site like quot s histats com quot quot v a com quot quot forex-brokers com quot etc I ve put each in my hosts file to prevent this but I still would like to remove the malware I ve already downloaded or run many antivirus software packages including Kaspersky Eset Ad-Aware Spybot Malwarebytes and some of the custom-written apps from this site Each one either does not detect anything or reports a different name or type of malware virus MBAM calls it quot Trojan Agent quot and quot Malware Trace quot and can t remove it upon numerous reboots Kaspersky calls it quot Trojan Spy HTML Fraud quot Eset calls it quot Variant of Worm Ainslot aa quot and can t remove it Nothing seems to work In each case I can run a bunch of tools and things appear better in Safe Infected with Tracker or Redirector Mode but after restarting into quot regular quot mode I see the random browser window try to open and new scans with MBAM show the malware is back The worst part is my paid installation of McAfee doesn t report a thing During one scan I think Kaspersky found a trojan in my inbox so I deleted my inbox and uninstalled Thunderbird and even that didn t work so here I am Saying you guys are busy is probably the understatement of the year but I am stuck I wanted to fix this on my own and I still have one bullet in the gun where I can wipe the disk and start over but I d rather not as I would need to back up several gigs of personal stuff first then of course put all that stuff back -- and those files may be infected too If you can help me out I would sincerely appreciate it

A:Infected with Tracker or Redirector

I ended up wiping my disk and starting all over.For those interested, I had what I believe to be two infections. One was a Trojan that somehow arrived from an "Amazon 20% off" coupon or offer in my Thunderbird inbox; Kaspersky seemed to get rid of that one.The other one was a spyware tracker that was logging my keystrokes and putting them in various files named "nnn" or "o". It was also attached to an executable named, "svhost.exe" which lived in a few places, at least two were "C:\Users\<user_name>\AppData\Roaming\microft" and "C:\Users\<user_name>\AppData\Roaming\sohft". There was also a process that would run which was linked to this tracker. I don't remember the name exactly but it was something like "nc1rtrc1.exe" with no additional info and a couple of keys that lived in my registry in a folder named "VB and VBA ..." something and a couple of other places.This piece of crap could not be removed by any software tool but was reliably detected by Malwarebytes as "Malware.Trace", but only when MBAM was run from standard mode (Safe Mode did not produce reliable scan results). Eset could also detect it but could not remove it either. This is all for Windows 7 on a PC, too. XP and other systems may be different.I was hoping the team at MBAM would have an update to get rid of it. I'm sure after a short time they will but anyway I chose the extreme option. I did lose some data but that's okay. It was disappointing not to see this elevated to a "current threat" on some of the more popular A/V websites but I suppose since it's not "destructive" per se it won't be given a lot of attention. Also, I uninstalled McAfee because I found it virtually useless, annoying with its reappearing desktop icon and pop-up messages, restricted configuration scanning and updating options and buggy interface when operating in Safe Mode -- and I paid for it. I will be buying MBAM and Avast; hopefully that combo will keep the system protected.Hope this helps anyone needing more info.

http://www.bleepingcomputer.com/forums/t/438540/infected-with-tracker-or-redirector/
Relevancy 41.71%

Good day guys,

I need your help/advice about what the best battery tracker for windows 7. Im using a HP G42-476TX and I used to use HP assistant downloaded from HP. But yesterday, after 2 and a half years, my battery died on me, last I checked the cycle count was about 721/300. So as you can see i've used my laptop quite a lot. So today, I just bought a replacement battery (not original HP) for half the price of the real thing, and for some reason, HP assistant cannot detect the battery, so here I am asking for an alternative software. Hope you guys can help (i know you can ) Thanks in advance!

A:Best battery tracker for Windows 7.

Hiyya synth I think this is free mate BatteryCare

http://www.sevenforums.com/software/296237-best-battery-tracker-windows-7-a.html
Relevancy 41.71%

Hello,
I was wondering if there is any free software out there that I could use to monitor what applications are being used on my Computer. Like if Solitaire was launched, it would log that unlike Windows would. This is W2K box. Any help is greatly appreciated.

Thank You
Scott
 

https://forums.techguy.org/threads/application-launch-tracker.341094/
Relevancy 41.71%

Hi there A Few days ago i contracted the nasty cool web search adware malware program from a pop-up from the imageavenue website I was using Avast virus scanner of which i am no longer using because it seemed to be letting various trojans in so i ran a scan with AVG and it detected it and removed it However i have began having trouble with tracker cookies Whenever i am browsing online my AVG will pop up on resident shield telling me a tracker cookie attempted to run Such as Adrevolver amp Tacoda I ran a scan with Search Cookies Tracker / Web ad-aware and found an infection in my registry which has now been removed and several infections in my cookies I followed the program and removed them I then ran a search with Spybot which came up clean a virus malware check with AVG and ran a scan with McAfee Stinger as instructed on this site and came up clean I restarted my pc thinking everything was now fine However when i started browsing again the Tracker Cookie warnings were once again poping up I ran a scan with ad-aware and the infections which i had removed were now back I cannot seem to get rid of them and have me really worried Everytime i change my security settings to Web Search / Tracker Cookies block all cookies once a tracker cookie warning pops up it re-sets it to accept all cookies and occasionally i am still receiving pops up which leads me to beleive the adware malware may have not been totally removed from my system Can Anyone please please help i am really loosing sleep over this have never had anything like this happen before Thankyou for Web Search / Tracker Cookies reading Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS Explorer EXEC WINDOWS system spoolsv exeC WINDOWS RTHDCPL EXEC WINDOWS system CmUCReye exeC Program Files Medion Info Display MdionLCM exeC WINDOWS mHotkey exeC PROGRA COMMON aol ACS AOLacsd exeC WINDOWS CNYHKey exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC PROGRA AVG AVG avgwdsvc exeC Program Files Common Files AOL ACS AOLDial exeC PROGRA COMMON aol AOLSPY AOLSP Scheduler exeC PROGRA AVG AVG avgfws exeC Program Files Common Files Real Update OB realsched exeC Program Files Bonjour mDNSResponder exeC Program Files Home Cinema PowerCinema Kernel TV CLCapSvc exeC Program Files Home Cinema PowerCinema Kernel CLML NTService CLMLServer exeC Program Files Common Files LightScribe LSSrvc exeC Program Files MySecurityCenter Programs service exeC Program Files Home Cinema PowerDVD PDVDServ exeC WINDOWS system nvsvc exeC Program Files Home Cinema PowerCinema PCMService exeC Program Files CyberLink Shared Files RichVideo exeC WINDOWS system svchost exeC Program Files BroadJump Client Foundation CFD exeC PROGRA ntl BROADB SMARTB MotiveSB exeC Program Files Java jre bin jusched exeC Program Files Sony CONNECTAutoUpdate CONNECTScheduler exeC WINDOWS System spool DRIVERS W X E S I H EXEC Program Files iTunes iTunesHelper exeC Program Files Home Cinema PowerCinema Kernel TV CLSched exeC PROGRA AVG AVG avgtray exeC Program Files Messenger msmsgs exeC WINDOWS system ctfmon exeC PROGRA AVG AVG avgam exeC Program Files Sony CONNECTAutoUpdate CONNECTAUTrayApp exeC PROGRA AVG AVG avgrsx exeC PROGRA AVG AVG avgnsx exeC Program Files Common Files Sony Shared GMR GMRMan exeC Program Files ntl broadband medic bin mpbtn exeC PROGRA AVG AVG avgemc exeC PROGRA COMMON X Common x nets exeC Program Files iPod bin iPodService exeC WINDOWS system wuauclt exeC PROGRA FREEDO fdm exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www ebay co uk R - HKLM Software Microsoft Internet Explorer Main Default Page... Read more

A:Web Search / Tracker Cookies

Update:

The Exact Programs found by my AVG Were

ADWARE: Generic.IIJ
ADWARE: CoolWebSearch

They are both in my virus vault but still having problems

I have also found NvCPL in my Sytem Configuration Utility

http://www.bleepingcomputer.com/forums/t/178061/web-search-tracker-cookies/
Relevancy 41.71%

This forum was extremely helpful to me in Tracker? Think-adz Cookie Z-start, ridding my computer of a nasty virus last year Thanks to that process we have ZoneAlarm installed - but missed an update and apparently that was when something slipped through Over the past couple of months we have been experiencing more pop-up ads though nothing as egregious as the assault a year ago but even more frustrating is the common occurrence of the browser locking up or freezing presumably because it's off searching for some ad URL We also have Ad-Aware and SpyBot installed though thanks to ZoneAlarm we haven't felt the need to use them Cookie Tracker? Z-start, Think-adz as frequently But before running HJT I did run them both plus BitDefender and Stinger per the instructions It may be worth noting that I get a Windows error message when running HJT HJT has generated errors and must be closed that kind of thing Here's the log Logfile of HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes C WINNT System smss exeC WINNT system winlogon exeC WINNT system services exeC WINNT system lsass exeC WINNT system Ati evxx exeC WINNT system svchost exeC WINNT system spoolsv exeC WINNT system CTsvcCDA EXEC WINNT System svchost exeC Program Files Network Associates Common Framework FrameworkService exeC Program Files Network Associates VirusScan mcshield exeC Program Files Network Associates VirusScan vstskmgr exeC WINNT system regsvc exeC WINNT system mscp exeC WINNT system MSTask exeC WINNT system stisvc exeC WINNT system ZONELABS vsmon exeC WINNT System WBEM WinMgmt exeC WINNT System mspmspsv exeC WINNT system svchost exeC WINNT Explorer EXEC Program Files Java jre bin jusched exeC Program Files iTunes iTunesHelper exeC Program Files QuickTime qttask exeC Program Files Common Files Real Update OB realsched exeC Program Files Viewpoint Viewpoint Manager ViewMgr exeC Program Files Zone Labs ZoneAlarm zlclient exeC WINNT system qwinsoeh exeC Program Files AIM aim exeC QUICKENW QAGENT EXEC Program Files Creative MediaSource Detector CTDetect exeC Program Files iPod bin iPodService exeC QUICKENW QWDLLS EXEC Program Files Nikon PictureProject NkbMonitor exeC lotus wordpro ltsstart exeC Palm hotsync exeC Program Files Microsoft Office Office msoffice exeC Program Files Yahoo Yahoo Music Engine ymetray exeC Program Files Internet Explorer IEXPLORE EXEC Documents and Settings administrator Desktop HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - HKLM Run Tweak UI RUNDLL EXE TWEAKUI CPL TweakMeUpO - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run Synchronization Manager mobsync exe logonO - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottimeO - HKLM Run ymetray quot C Program Files Yahoo Yahoo Music Engine YahooMusicEngine exe quot -preloadO - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osbootO - HKLM Run ViewMgr C Program Files Viewpoint Viewpoint Manager ViewMgr exeO - HKLM Run Zone Labs Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKLM Run D-D - F-F -ZN C WINNT system dwdsregt exe FI O - HKLM Run ExploreUpdSched C WINNT system qwinsoeh exe FI O - HKLM Run DllRunning rundll exe quot C WINNT system klexhlsc dll quot setvmO - HKCU Run AIM C Program Files AIM aim exe -cnetwait odlO - HKCU Run QAGENT C QUICKENW QAGENT EXEO - HKCU Run Creative Detector C Program Files Creative MediaSource Detector CTDetect exe RO - Startup Lotus QuickStart lnk C lotus wordpro ltsstart exeO - Startup HotSync Manager lnk C Palm hotsync exeO - Startup Z Start lnk C WINNT system dwdsregt exeO - Startup Think-Adz lnk C WINNT system qwinsoeh exeO - Global Startup Microsoft Office Shortcut Bar lnk C Prog... Read more

A:Cookie Tracker? Z-start, Think-adz

Hello,* Go to start > controlpanel > software > Add or Remove Programs and uninstall next if present:Think-Adz Search AssistantEnhanced Ads by Think-AdzBrowserUpdateSchedI see you have Viewpoint installed...Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.ViewpointViewpoint ManagerViewpoint Media PlayerReboot afterwards!After reboot,* Download Brute Force Uninstaller.Unzip it to a folder of it?s own (c:\BFU).Read here how to unzip/extract properly:http://metallica.geekstogo.com/xpcompressedexplanation.htmlStart the Brute Force Uninstaller by doubleclicking BFU.exeNext to the 'scriptfile to execute'-window you'll see a little icon as shown in next picture: When you click that icon, a little window will open that says: 'Please enter the full URL to the sript you want to execute'In the field, copy and paste next URL:http://metallica.geekstogo.com/alcanshorty.bfuClick Ok. Then click execute in Brute Force Uninstaller.Extra note:If nothing happens after pressing the Execute button, this means that the script didn't download. In that case, download the script ( alcanshorty.bfu ) manually from above url ( rightclick on it and choose 'save as' and save it in your BFU-folder). Then start BFU.exe again and click the browse button next to the 'scriptfile to execute'-windowBrowse to the script you downloaded and Click Ok and Execute in Brute Force Uninstaller.Wait for the complete script execution box to popup and press OK.Press exit to terminate the BFU program.* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:O4 - HKLM\..\Run: [{2D-D1-1F-F0-ZN}] C:\WINNT\system32\dwdsregt.exe FI002O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINNT\system32\qwinsoeh.exe FI002O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINNT\system32\klexhlsc.dll",setvmO4 - Startup: Z_Start.lnk = C:\WINNT\system32\dwdsregt.exeO4 - Startup: Think-Adz.lnk = C:\WINNT\system32\qwinsoeh.exeO4 - Global Startup: Microsoft Office Shortcut Bar.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\WINNT\system32\shdocvw.dllO16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...tup1.0.0.15.cab* Click on Fix Checked when finished and exit HijackThis.Make sure your Internet Explorer is closed when you click Fix Checked!Please download, install, and update AVG Anti-SpywareLoad AVG Anti-Spyware and then click the Update tab at the top. Under Manual Update click Start update.After the update finishes (the status bar at the bottom will display "Update successful")
Then click on the Scanner tab at the top. Click the "Settings" tab and then change the recommended action to Quarantine and click Automatically generate report after every scan. Click back to the "Scan" tab and then click on Complete System Scan. This scan can take quite a while to run, so be prepared.AVG Anti-Spyware will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. AVG Anti-Spyware will display "All actions have been applied" on the right hand side.Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).Cl... Read more

http://www.bleepingcomputer.com/forums/t/76470/cookie-tracker-z-start-think-adz/
Relevancy 41.28%

The company on Tuesday said it has begun installing a Web browser add-on that sends some Morpheus users on an invisible Web detour aimed at capturing data about file swappers' surfing habits. Click to expand...

http://zdnet.com.com/2100-1106-864300.html

Stream Cast claims that it is not gathering personal data.

Fair enough, but I would not want an extra step in my browsing process. This has the potential of causing problems both with IE itself and with the fact that if the redirectors site experiences problems, it could cause page not found errors or slow down your browsing to a site. This in turn could make a person think that something might be wrong with thier computer when it is something from outside.
 

Relevancy 41.28%

I am running Windows XP-Home. All of a sudden when I want to shut down my computer I get a box that comes up and it's for "shutdown event tracker". I never had that before and I would like to just be able to select either shutdown/restart/etc. not having to put in why I am shutting down.

What I read is that this was originally for Windows 2000 but in Windows XP this was shut-off. If that is so - why do I get that pop-up?

In the help area this is what I found:
"On Windows 2000 Server products, you will be prompted to supply information regarding why you are shutting down or restarting the computer. This feature is turned off in Windows XP."

How can I get this turned OFF?
 

A:Shutdown Event Tracker Question

How to enable and disable Shutdown Event Tracker
1.To open Registry Editor, click Start, click Run, type regedit, and then click OK.

2.In Registry Editor, navigate to the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Reliability

3.Name:ShutdownReasonUI
Type:REG_DWORD
Value:1=enable;0=disable
 

https://forums.techguy.org/threads/shutdown-event-tracker-question.589566/
Relevancy 41.28%

Hi Its come from some where. (Internet Speed Tracker)
I tried the latest Win10 and it just didnt seem to work.
Reverted back to Win7.
I have looked for it in Tools, Add ons. Its not there.
Looked in Control Panel Program and Features its not there.
Ran Revo uninstaller its not there.
Looked in programs on C drive not there either.
My PC is just not running correctly in fact just as bad as Win 10Upgrade.
Could be coincidence but seem to be after this tool bar appeared.
Stumped?

Relevancy 41.28%

I have been having problems with my laptop for a few days it began with popups about fake virus-scan programmes then wouldn t allow me open any files or tracker cookie ATDMT virus programmes and it can t connect to the server for the internet although the connection is strong It has also reverted back to old-school Windows design with grey toolbars etc Having run scans I found that it is being caused by three atdmt cookie trackers that are detected by AVG The first time they were ATDMT cookie tracker virus moved to the vault and I emtied it but when I ran the scan again they still appeared ad the next time it said that they were moved to the virus vault but they didn t appear in the vault At the moment I am able to run programmes and open files again but they re slow The internet won t ATDMT cookie tracker virus work so I am unable to download any of the programmes to get the log you require Any help or advice would be very much appreciated Thank you

http://www.bleepingcomputer.com/forums/t/320269/atdmt-cookie-tracker-virus/
Relevancy 41.28%

Hello Everyone! I've been having a GREAT deal of trouble removing a virus from my computer. All of my google searches seem to be redirected by something called search-tracker.net
This has been frustrating the hell out of me for weeks now. I found that some other people have been helped here at bleeping computer with the same problem, so I figured I'd register and see if I can't fix this thing cone and for all. I can't install Spybot without getting the blue screen of death, and combofix won't even open the installer. PLEASE HELP! This is really getting old.
-Quinn

A:NASTY Virus. Search-tracker.net help

Hello and welcome.. First I am Moving this to Am I Infected from Vista for scans.Now don't worry about SpyBot and do NOT run ComboFix on your own..Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Exit MBAM when done.Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

http://www.bleepingcomputer.com/forums/t/241222/nasty-virus-search-trackernet-help/
Relevancy 41.28%

Hi,

I'm looking for a simple Windows Vista desktop software that runs in the background that just keeps a log of the time that my laptop is on and running. I just want something to track the number of hours I work each day. I don't need to keep track of the tasks. And I don't want to have to turn on and turn off the program -- I want it to be completely automatic (but not a memory hog).

I've searched download.com. But all the software there seems quite complicated (ie, it requires me to enter in tasks, etc). Perhaps I searched the wrong thing (I searched "desktop time tracker").

Does anyone know of anything like this?

Thanks for the advice.

A:Looking for simple time tracker software

Hi, in XP it used to tell you "system uptime" now it records only "system boot time" still you can easily work out how long you have been on. Go to start accessories and right click on command prompt select "run as administrator" at the prompt type:- systeminfo press enter

http://www.techsupportforum.com/forums/f217/looking-for-simple-time-tracker-software-334151.html
Relevancy 41.28%

I've used Excite.com for years but with in the last few days I have noticed that a feature of theirs Stock Tracked is missing! Anyone happen to know if this is permanent?
 

http://www.techspot.com/community/topics/excite-com-stock-tracker-missing.147085/
Relevancy 41.28%

Hello and thanks to whoever takes this topic I use Firefox and I am running Windows XP with Service Pack My problem is that when Google search-tracker.net Redirect - I click Google Redirect - search-tracker.net on a link on a Google search page Google Redirect - search-tracker.net the link is redirected to various ad sites If I go back to the original Google search page and re-click the same link it will usually go through to the proper site although it sometimes requires a third click before I get to where I want to go When it is redirecting to an advertising site I can - briefly - see the address quot search-tracker net quot displayed at the bottom of the Firefox page in that area where you can see the address of a link if you hover over it with your mouse What I've done so far to try to fix this problem banned cookies from search-tracker net tried to run anti-malware software including Advanced Spywear Remover which removed about instances of malware or spyware but not the one I am trying to fix PCcillian which would not run at all and Malware Bytes again would not run after installation What I've done to prepare for your help Gone through the steps to ensure my XP firewall is engaged it is Run DDS see report below and attached zip file I will be away from my computer from Thursday June to Sunday June Please be assured that if you write during that time I will respond on Monday morning unless I am called to attend a birth which is possible in which case I'll get back to you as soon as I am able Please be aware that a birth can take up to three days Any replies that I receive before Thursday morning I will respond to right away Thanks for your understanding --------------------------------------------------------------------------------------------- DDS Ver - - - NTFSx Run by aim e at on Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Shaw Secure On-access scanning enabled Updated E ED - - B D-AF A- D F F FW Shaw Secure enabled D - - EB- - F BF Running Processes C WINDOWS system Ati evxx exe C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C WINDOWS System WLTRYSVC EXE C WINDOWS System bcmwltry exe C WINDOWS system spoolsv exe svchost exe C WINDOWS system Ati evxx exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files Common Files Creative Labs Shared Service CreativeLicensing exe C WINDOWS system CTsvcCDA exe C Program Files Common Files Authentium AntiVirus dvpapi exe C WINDOWS Explorer EXE C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Shaw Secure Anti-Virus fsgk st exe C Program Files Flip Video FlipShare FlipShareService exe C Program Files Shaw Secure Anti-Virus FSGK EXE C Program Files Shaw Secure Common FSMA EXE C Program Files Shaw Secure Common FSMB EXE C Program Files Java jre bin jqs exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Dell QuickSet NICCONFIGSVC exe C Program Files Shaw Secure Common FCH EXE svchost exe C Program Files Shaw Secure Common FAMEH EXE C Program Files Shaw Secure Anti-Virus fsqh exe C WINDOWS system svchost exe -k imgsvc C WINDOWS system SearchIndexer exe C WINDOWS ehome ehtray exe C WINDOWS system WLTRAY exe C WINDOWS stsystra exe C Program Files Dell QuickSet quickset exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Creative SBAudigy Surround Mixer CTSysVol exe C WINDOWS eHome ehmsas exe C Program Files Shaw Secure Common FSM EXE C Program Files Common Files Real Update OB realsched exe C Program Files Shaw Secure FSGUI fsguidll exe C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C WINDOWS system ctfmon exe C Program Files Microsoft ActiveSync wcescomm exe C PROGRA MI AA rapimgr exe C WINDOWS system dllhost exe C Program Files Shaw Secure Anti-Virus fssm exe C Program Files Shaw Secure FSA... Read more

A:Google Redirect - search-tracker.net

Hello Doulatron,Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.Please do this:1. Download HijackThis? here:http://www.trendsecure.com/portal/en-US/th.../hijackthis.php2. Click 'Do a System Scan and Save log'.The HJT log will open in notepad.Thanks,tea

http://www.bleepingcomputer.com/forums/t/236102/google-redirect-search-trackernet/
Relevancy 41.28%

Hi, recently i came across a few notices on asking me for permission to access my mouse and screen when i accept buddy request from an online chatgroup web. I'm not sure whether my computer is affected by it but i would like to know how to remove these so as to make sure that my computer is safe. Thanks.

A:Help in removing mouse and screen tracker sent by others

Hello and welcome to TSF.


Quote:




recently i came across a few notices on asking me for permission to access my mouse and screen when i accept buddy request from an online chatgroup web.




You should not allow anybody to access your computer remotely unless you know and trust the person 100%.

If you suspect that they may have infected your computer , we want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

http://www.techsupportforum.com/forums/f100/help-in-removing-mouse-and-screen-tracker-sent-by-others-510807.html
Relevancy 41.28%

Hey is there a program out there that can track my bandwidth? I sure would love to see how much i download and upload over a period of time. It would be cool if it gave stats and such. anyone know anything like that? Free is good.
 

A:Solved: bandwidth tracker program?

A google turned up this. Is there something here that will be useful to you?
 

https://forums.techguy.org/threads/solved-bandwidth-tracker-program.329016/
Relevancy 41.28%

Need help! I have a advantage database program called Manheim tracker 3.097..been working fine until restart on 1/27. Program wouldn"t start up . A ( COMPANY ADT) file error.What is this?Where did it go? Any one fimiliar with this program.?
 

A:Manheim tracker data problem

Does this link help?
Recovery Toolbox
 

http://www.techspot.com/community/topics/manheim-tracker-data-problem.142147/
Relevancy 41.28%

Mods, guys, think this would be really useful to keep track of Se7en development in both x86 and x64 flavours. What is out there now, whats comming up and changelogs for each version????

A:Se7en version tracker sticky

Pre-Milestone 1 // 41 builds

6.1.5025.winmain.050111-2030
6.1.5041.winmain.050302-2030
6.1.5048.winmain.050401-0536
6.1.5071.winmain.050605-2010
6.1.5086.winmain.050625-1730
6.1.5112.winmain.050720-1600
6.1.5219.winmain.050830-2010
6.1.5729.0.winmain.060914-1613
6.1.6410.0.fbl_refactor_dev(jschwart).070409-1035
6.1.6415.0.debuggers(dbg).070404-1234
6.1.6418.0.debuggers(dbg).070404-1255
6.1.6429.?.fbl_multimedia_media.070514-1730
6.1.6435.1.winmain.070524-1820
6.1.6440.1.debuggers(dbg).070525-1751
6.1.6441.1.winmain.070606-2215
6.1.6442.1.winmain.070608-1835
6.1.6443.1.winmain.070611-1855
6.1.6444.1.winmain.070612-1905
6.1.6445.1.winmain.070709-1410
6.1.6446.1.winmain.070719-0642
6.1.6447.1.winmain.070719-2115
6.1.6448.1.winmain.070723-1704
6.1.6459.1.fbl_shell_dex.070826-1730
6.1.6469.1.fbl_find_dev.
6.1.6475.1.fbl_wlk_dtmse_11000.071008-1226
6.1.6477.1.winmain.071010-1835
6.1.6480.1.fbl_srv_powershell_ctp(srvbld).071017-1751
6.1.6481.1.winmain.071018-1917
6.1.6482.1.winmain.071019-2033
6.1.6483.1.winmain.071022-1900
6.1.6484.1.winmain.071023-1954
6.1.6486.1.winmain.071025-2058
6.1.6487.1.winmain.071026-2206
6.1.6487.1.winmain.071027-1600
6.1.6488.1.winmain.071029-2152
6.1.6490.1.winmain.071031-1918
6.1.6491.1.winmain.071102-2244
6.1.6492.1.winmain.071105-1715
6.1.6493.1.winmain.071106-1743
6.1.6499.1.fbl_security_bugfix(sepbld-s).071120-0135
6.1.6507.1.winmain_longhorn(wmbla).071113-1716

Milestone 1 // 24 builds - 1 leak

6.1.6516.1.fbl_dox_dev_ihvs.080109-1848
6.1.6516.1.fbl_dox_dev_ihvs.080109-1928
6.1.6518.1
6.1.6519.1.winmain.071220-1525 // Leaked June 10, 2008 (x86)
6.1.6521.1.fbl_kernel_platarch.080107-1800
6.1.6522.0.winmain.071223-1309
6.1.6526.1.winmain.080110-1645
6.1.6531.1.winmain.080118-1730
6.1.6534.1.winmain.080128-1953
6.1.6535.1.winmain.080129-1830
6.1.6536.?.fbl_tools_phoenix(corevc).080215-1330-LDDM
6.1.6547.1.winmain.080213-1740
6.1.6550.1.winmain.080218-1737
6.1.6551.1.winmain.080219-1748
6.1.6558.1.winmain.080228-1838
6.1.6566.1.winmain.080310-1902
6.1.6568.1.fbl_wdk_build(dasmit).080318-1440
6.1.6568.1.winmain.080312-1858
6.1.6570.1.winmain.080314-1850
6.1.6574.1.winmain.080???-????
6.1.6577.1.winmain.080326-1841
6.1.6581.1.winmain.080401-1900
6.1.6585.?.winmain.080407-1714
6.1.6585.1.fbl_srv_powershell_ctp.080411-1634

Milestone 2 // 2 builds

6.1.6589.1.winmain_win7m2.080420-1634 // demonstrated on D6
6.1.6608.0.winmain_win7m2.080511-1400

Milestone 3 // 49 builds - 2 leaks

6.1.6720.1.fbl_dox_dev_ihvs.080603-2145
6.1.6720.1.fbl_dox_dev_ihvs.080603-2149
6.1.6721.1.debuggers(dbg).080908-1333
6.1.6723.1.winmain.080603-1835
6.1.6724.1.winmain.080604-1840
6.1.6725.1.winmain.080605-1945
6.1.6726.1.winmain.080606-1843
6.1.6726.1.fbl_dox_dev_ihvs.080609-2026
6.1.6726.1.fbl_dox_dev_ihvs.080609-2033
6.1.6727.1.winmain.080609-1820
6.1.6727.1.fbl_dox_dev_ihvs.080611-0004
6.1.6727.1.fbl_dox_dev_ihvs.080611-0008
6.1.6727.1.fbl_dox_dev_ihvs.080611-0027
6.1.6727.1.fbl_dox_dev_ihvs.080611-0032
6.1.6730.1.winmain.080612-1840
6.1.6730.1.fbl_dox_dev_ihvs.080614-0511
6.1.6730.1.fbl_dox_dev_ihvs.080614-0543
6.1.6731.1.winmain.080613-2011
6.1.6733.1.winmain.080617-1830
6.1.6734.1.winmain.080618-2101
6.1.6735.1.winmain.080619-2114
6.1.6736.1.winmain.080620-2200
6.1.6738.1.winmain.080623-1620
6.1.6738.1.fbl_security_bugfix(marcbar).070702-1455
6.1.6739.1.winmain.080624-1820
6.1.6740.1.winmain.080625-1813
6.1.6746.1.winmain.080707-1854
6.1.6754.0.winmain.080718-1839
6.1.6756.0
6.1.6759.0.FBL_FUN_DIAG_DEV(josesua).080807-0822
6.1.6761.0.fbl_wexpartners_mc(dcohen).080731-1456
6.1.6762.1803.winmain_wtr_act60(jayanr).090323-1915
6.1.6762.0.winmain.080730-1747
6.1.6764.0.winmain.080801-0505
6.1.6764.0.fbl_wexpartners_mc(shyams).080805-1551
6.1.6765.0.winmain.080804-1845
6.1.6768.0.fbl_security_bugfix(nide).080811-1231
6.1.6768.0.FBL_SECURITY_BUGFIX(nide).080811-1458
6.1.6769.0.winmain.080811-1810
6.1.6769.0.fbl_security_bugfix(dlisley).080814-1553
6.1.6769.0.fbl_security_bugfix(dlinsley).080814-1555
6.1.6771.0.winmain.080817... Read more

http://www.sevenforums.com/general-discussion/955-se7en-version-tracker-sticky.html
Relevancy 41.28%

having similar google hijackthis search-tracker.net LOG problems as others i see try to click on links i google only to be redirected here is my log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system csrss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS system LEXBCES EXEC WINDOWS system spoolsv exeC WINDOWS system svchost exeC PROGRA AVG AVG avgwdsvc exec program files mcafee com agent mcdetect exec PROGRA mcafee com agent mctskshd exeC WINDOWS system HPZipm exeC WINDOWS system sdpasvc exeC WINDOWS system svchost exeC WINDOWS system wdfmgr exeC Program Files Linksys WUSB GSCv WLService exeC Program Files Linksys WUSB GSCv WUSB GSC exeC PROGRA AVG AVG avgemc exeC PROGRA AVG AVG avgrsx exeC Program Files AVG AVG avgcsrvx exeC WINDOWS Explorer EXEC WINDOWS System alg exeC WINDOWS system ICO EXEC Program Files Common Files Real Update OB realsched exeC PROGRA AVG AVG avgtray exeC WINDOWS google search-tracker.net hijackthis LOG system ctfmon exeC Program Files SmartPCTools Registry Repair Wizard google search-tracker.net hijackthis LOG RCHelper exeC WINDOWS system FSRremoS EXEC Program Files Mozilla Firefox firefox exeC PROGRA AVG AVG avgnsx exeC Program Files Spyware Doctor pctsAuxs exeC Program Files Spyware Doctor pctsSvc exeC Program Files Spyware Doctor pctsTray exeC Program Files AVG AVG avgui exeC WINDOWS system wuauclt exeC Program Files Trend Micro HijackThis analyze exeC WINDOWS system wbem wmiprvse exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com mywayR google search-tracker.net hijackthis LOG - HKCU Software Microsoft Internet Explorer Main Search Bar http home peoplepc com searchR - HKCU Software Microsoft Internet Explorer Main Start Page http home peoplepc com websearchR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http home peoplepc com searchR - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page R - URLSearchHook isoHunt Toolbar - a e a eb-d - e - - fcbafe - C Program Files isoHunt tbisoH dllO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dllO - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dllO - BHO AVG Security Toolbar - A A -BACC- D - - A E E - C PROGRA AVG AVG AVGTOO DLLO - BHO isoHunt Toolbar - a e a eb-d - e - - fcbafe - C Program Files isoHunt tbisoH dllO - Toolbar isoHunt Toolbar - a e a eb-d - e - - fcbafe - C Program Files isoHunt tbisoH dllO - Toolbar AVG Security Toolbar - A A -BACC- D - - A E E - C PROGRA AVG AVG AVGTOO DLLO - HKLM Run Mouse Suite Daemon ICO EXEO - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osbootO - HKLM Run AVG TRAY C PROGRA AVG AVG avgtray exeO - HKLM Run MCUpdateExe c PROGRA mcafee com agent mcupdate exeO - HKLM Run ISTray quot C Program Files Spyware Doctor pctsTray exe quot O - HKCU Run updateMgr quot C Program Files Adobe Acrobat Reader AdobeUpdateManager exe quot AcRdB -reboot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run Registry Repair Wizard Scheduler... Read more

A:google search-tracker.net hijackthis LOG

FW: Kaspersky Anti-Hacker *enabled* {0BB8CA15-F396-46C7-9A59-108D852CFEC0}.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\documents and settings\tomP\Application Data\Google\Shell32.dllc:\documents and settings\tomP\Application Data\inst.exec:\documents and settings\tomP\nah_log.datc:\windows\a3kebook.inic:\windows\akebook.inic:\windows\ANS2000.INIc:\windows\bhookpl.dllc:\windows\system32\_000005_.tmp.dllc:\windows\system32\_000006_.tmp.dllc:\windows\system32\_000007_.tmp.dllc:\windows\system32\bszip.dllc:\windows\system32\drivers\MSIVXxlmxowsejdvjmxneoirttakmwkmtqgwq.sysc:\windows\system32\MSIVXcountc:\windows\system32\MSIVXlclkoddocmiyykiigvifclpxladwdamm.dllc:\windows\system32\MSIVXyvhxnuairljmwdbelkpsybsalnlqpvuu.dllc:\windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job.((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Service_MSIVXserv.sys((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-30 ))))))))))))))))))))))))))))))).2100-02-08 22:03 . 2001-05-11 17:39 53248 -c--a-w- c:\program files\ACMonitor_X73.exe2009-07-08 15:04 . 2009-06-26 19:07 -------- d--h--w- C:\$AVG8.VAULT$2009-07-08 14:59 . 2009-07-08 14:59 11952 ----a-w- c:\windows\system32\avgrsstx.dll2009-07-08 14:59 . 2009-07-08 14:59 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys2009-07-08 14:59 . 2009-07-08 14:59 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys2009-07-08 14:59 . 2009-07-08 14:59 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys2009-07-08 14:58 . 2009-06-30 15:23 -------- d-----w- c:\windows\system32\drivers\Avg2009-07-08 14:58 . 2009-06-08 17:06 -------- d-----w- c:\documents and settings\tomP\Application Data\AVGTOOLBAR2009-07-08 14:58 . 2009-07-08 14:58 -------- d-----w- c:\program files\AVG2009-07-08 14:58 . 2009-06-08 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\avg82009-07-08 14:39 . 2009-07-08 14:39 422 ----a-w- c:\documents and settings\tomP\Application Data\AdobeUM\socks1.exe2009-07-08 14:39 . 2009-07-08 14:39 16141 ----a-w- c:\documents and settings\tomP\Application Data\CopyToDvd\lego.exe2009-07-08 14:39 . 2009-07-08 14:39 145131 ----a-w- c:\documents and settings\tomP\Application Data\Ahead\nomad.exe2009-07-08 14:39 . 2009-07-08 14:39 13221 ----a-w- c:\documents and settings\tomP\Application Data\Adobe\rengo.dll2009-07-08 14:39 . 2009-07-08 14:39 11410 ----a-w- c:\documents and settings\tomP\Application Data\Corel Photo Album\msgdi.dll2009-07-08 14:39 . 2009-07-08 14:39 11232 ----a-w- c:\documents and settings\tomP\Application Data\1ClickDVDCopy\shalom.exe2009-07-08 14:39 . 2009-07-08 14:39 10121 ----a-w- c:\documents and settings\tomP\Application Data\CyberLink\kern.dll2009-07-08 14:28 . 2009-07-08 14:28 -------- d-----w- c:\program files\Conduit2009-07-08 14:28 . 2009-07-08 14:28 -------- d-----w- c:\documents and settings\tomP\Local Settings\Application Data\Conduit2009-07-08 14:28 . 2009-07-08 14:28 -------- d-----w- c:\documents and settings\tomP\Local Settings\Application Data\isoHunt2009-07-08 14:28 . 2009-07-08 14:28 -------- d-----w- c:\program files\isoHunt2009-07-02 17:38 . 2009-03-06 14:44 283648 ------w- c:\windows\system32\dllcache\pdh.dll2009-07... Read more

http://www.bleepingcomputer.com/forums/t/237829/google-search-trackernet-hijackthis-log/
Relevancy 41.28%

So I had ms Juan on my laptop and i removed it, after 2 hours i realise my pc also has it (windows xp sp2, Advent mahcine) so i get combofix, but it wont run so i restart try it in safe mode etc still nothing, then i realise i cant perform a defrag or system clean up.

So I try to restart my computer, i login and then a horrible lag takes over, sometimes i am left staring at a blank blue desktop with no icons or task bar, sometimes I am left with a task bar and desktop that wont budge.

The first time it occured we had a blue screen of death. (only the once.)

I am really lost as i can no longer even access the system to perform a hijack this scan etc....

Any help is much appreciated!

A:MS Juan with lag

Insert the Windows XP CD into the CD drive, and then restart the computer. Click to select any options that are required to start the computer from the CD drive if you are prompted. When the "Welcome to Setup" screen appears, press R to start the Recovery Console. If you have a dual-boot or multiple-boot computer, select the installation that you must access from the Recovery Console. When you are prompted, type the Administrator password. If the administrator password is blank, just press ENTER.Type: chkdsk /rIt's important to have a space before the "/".To exit the Recovery Console and restart the computer, type exit at the command prompt, and then press ENTER.

http://www.bleepingcomputer.com/forums/t/183586/ms-juan-with-lag/
Relevancy 41.28%
Q: Ms juan

HEY ALL,

NEW user here..... HAVING MS JUAN IsSUES... i have ran hijackthis and combofix and atached both logs... any help would be appreciated..
ONE question though. if i am doing this off of the network that it will run on normally will these problems come back once connected to the network tht gave the issues in first place?????

thanks

scuba81
 

https://forums.techguy.org/threads/ms-juan.788548/
Relevancy 41.28%

I have Ms Juan on my computer When I run malwarebytes it MS rid of get Cant Juan says it cant delete it without restarting my computer but when I hit ok it doesnt restart my computer and MS Juan remains on the computer Any help in getting rid of MS Juan Cant get rid of MS Juan would be appreciated Thank you Logfile of Trend Micro HijackThis v Scan saved at PM on Cant get rid of MS Juan Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS Cant get rid of MS Juan system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Intel Wireless Bin EvtEng exeC Program Files Intel Wireless Bin S EvMon exeC Program Files Intel Wireless Bin WLKeeper exeC Program Files Alwil Software Avast aswUpdSv exeC Program Files Alwil Software Avast ashServ exeC WINDOWS Explorer EXEC WINDOWS ehome ehtray exeC WINDOWS system igfxsrvc exeC WINDOWS system hkcmd exeC WINDOWS system igfxpers exeC Program Files Synaptics SynTP SynTPEnh exeC Program Files Intel Wireless bin ZCfgSvc exeC Program Files Intel Wireless Bin ifrmewrk exeC WINDOWS stsystra exeC Program Files Dell Media Experience DMXLauncher exeC Program Files Dell QuickSet quickset exeC Program Files Creative Mixer CTSVolFE exeC WINDOWS system spoolsv exeC Program Files Common Files InstallShield UpdateService issch exeC Program Files iTunes iTunesHelper exeC Program Files Microsoft Office Office GrooveMonitor exeC Program Files Internet Explorer iexplore exeC Program Files HP HP Software Update HPWuSchd exeC PROGRA ALWILS Avast ashDisp exeC WINDOWS system ctfmon exeC Program Files Digital Line Detect DLG exeC Program Files HP Digital Imaging bin hpqtra exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Bonjour mDNSResponder exeC WINDOWS eHome ehRecvr exeC WINDOWS eHome ehSched exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Dell QuickSet NICCONFIGSVC exeC WINDOWS System svchost exeC Program Files Intel Wireless Bin RegSrvc exeC WINDOWS system svchost exeC Program Files Alwil Software Avast ashMaiSv exeC Program Files Alwil Software Avast ashWebSv exeC Program Files iPod bin iPodService exeC WINDOWS system dllhost exeC PROGRA Intel Wireless Bin Dot XCfg exeC Program Files HP Digital Imaging bin hpqSTE exeC Program Files HP Digital Imaging bin hpqbam exeC Program Files HP Digital Imaging bin hpqgpc exeC WINDOWS eHome ehmsas exeC WINDOWS system msiexec exeC Program Files Antispyware Antispyware exeC WINDOWS system rundll exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL www google com ig dell hl en amp client dell-usuk amp channel usR - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search Default Page URL www google com ig dell hl en amp client dell-usuk amp channel usR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dllO - HKLM Run ehTray C WINDOWS ehome ehtray exeO - HKLM Run igfxtray C WINDOWS system igfxtray exeO - HKLM Run igfxhkcmd C WINDOWS system hkcmd exeO - HKLM Run igfxpers C WINDOWS system igfxpers exeO - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exeO - HKLM Run IntelZeroConfig quot C Program Files Intel Wireless bin ZCfgSvc exe quot O -... Read more

A:Cant get rid of MS Juan

Hi,Welcome to BleepingComputer HijackThis Logs and Malware Removal,suly14. My name is sundavis, I will be helping you to deal with your Malware problems today.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times. and we are trying our best to keep up.In the meantime, please refrain from making any changes to your computer, and please do in the following:Step1Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)In your next reply, please post back:1.RSIT log.txt and info.txt. Thanks

http://www.bleepingcomputer.com/forums/t/201549/cant-get-rid-of-ms-juan/
Relevancy 41.28%

Hi I think I ve been infected with MS Juan I can t remove it with my antivirus AVG or Anti-Spyware Malwarebytes Ad-Aware Spybot Super Anti-Spyware When I go online MS Juan, Pop-Ups a ton of pop-ups show up Please help THanks MS Juan, Pop-Ups a bunch Logfile of Trend Micro HijackThis v Scan saved MS Juan, Pop-Ups at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running MS Juan, Pop-Ups processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C WINDOWS ehome ehtray exe C Program Files ATI Technologies ATI ACE cli exe C WINDOWS eHome ehmsas exe C Acer Empowering Technology ePower ePower DMC exe C WINDOWS system spoolsv exe C WINDOWS RTHDCPL EXE C Program Files Synaptics SynTP SynTPEnh exe C PROGRA LAUNCH LManager exe C PROGRA AVG AVG avgtray exe C Acer Empowering Technology ePerformance MemCheck exe C WINDOWS System spool DRIVERS W X EKIJ MUI exe C Program Files Winamp winampa exe C Program Files Messenger msmsgs exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Acer Empowering Technology Acer Empowering Framework Launcher exe C PROGRA AVG AVG avgwdsvc exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Kodak printer center KodakSvc exe C Program Files Common Files LightScribe LSSrvc exe C PROGRA AVG AVG avgrsx exe C WINDOWS system svchost exe C PROGRA AVG AVG avgemc exe C WINDOWS system wbem wmiapsrv exe C WINDOWS system dllhost exe C WINDOWS system wbem unsecapp exe C Program Files ATI Technologies ATI ACE cli exe C Program Files ATI Technologies ATI ACE cli exe C WINDOWS system wuauclt exe C WINDOWS system rundll exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http global acer com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http global acer com R - HKCU Software Microsoft Internet Connection Wizard ShellNext http global acer com O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - c Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO e -b - b- c -be bf - f-b eb- c -b - b e - C WINDOWS system puehdw dll O - BHO AVG Security Toolbar - A A -BACC- D - - A E E - C PROGRA AVG AVG AVGTOO DLL O - Toolbar AVG Security Toolbar - A A -BACC- D - - A E E - C PROGRA AVG AVG AVGTOO DLL O - HKLM Run ehTray C WINDOWS ehome ehtray exe O - HKLM Run ATICCC quot C Program Files ATI Technologies ATI ACE cli exe quot runtime -Delay O - HKLM Run AzMixerSel C Program Files Realtek InstallShield AzMixerSel exe O - HKLM Run ntiMUI C Program Files NewTech Infosystems NTI CD amp DVD-Maker ntiMUI exe O - HKLM Run Acer ePresentation HPD C Acer Empowering Technology ePresentation ePresentation exe O - HKLM Run IMJPMIG quot C WINDOWS IME imjp IMJPMIG EXE quot Spoil RemAdvDef Migration O - HKLM Run MSPY C WINDOWS system IME PINTLGNT ImScInst exe SYNC O - HKLM Run PHIME ASync C WINDOWS system IME TINTLGNT TINTSETP EXE SYNC O - HKLM Run PHIME A C WINDOWS system IME TINTLGNT TINTSETP EXE IMEName O - HKLM Run ePower DMC C Acer Empowering Technology ePower ePower DMC exe O - HKLM Run Boot C Acer Empowering Technology ePower Boot exe O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run SkyTel SkyTel EXE O - HKLM Run Alcmtr ALCMTR EXE O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run LManager C PROGRA LAUNCH LManager exe O - HKLM Run AVG TRAY C PROGRA AVG AVG avgtray exe O - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottime O - HKLM ... Read more

A:MS Juan, Pop-Ups

Also, I use firefox as my default browser.
 

https://forums.techguy.org/threads/ms-juan-pop-ups.787977/
Relevancy 41.28%
Q: MS Juan

Norton did not detect anything but I kept getting random popups on Firefox Downloaded Malwarebytes- Anti-malware and Spybot S amp D and while both keep finding MS Juan in the registry and delete it keeps coming back I have made sure that Spybot's TeaTimer is not undoing the deletion and I don't know what to try next Right now I still get popups I am getting errors saying that my subscription to Norton is done still has ish days left and I usually have a process going named explorer exe running even Juan MS though I do not have Internet Explorer enabled on my computer DDS Version - NTFSx Run by Christopher Kallas at on Tue BrowserJavaVersion Microsoft Windows XP Home Edition GMT - AV Norton AntiVirus On-access scanning enabled MS Juan Updated FW Norton AntiVirus enabled Running MS Juan Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C MS Juan Program Files Symantec LiveUpdate AluSchedulerSvc exe C Program Files Java jre bin jqs exe C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PifSvc exe C Program Files Norton AntiVirus Norton AntiVirus Engine ccSvcHst exe C WINDOWS System nvsvc exe C Program Files Sunbelt Software CounterSpy SBAMSvc exe C WINDOWS system wscntfy exe C Program Files Norton AntiVirus Norton AntiVirus Engine ccSvcHst exe C WINDOWS Explorer EXE C WINDOWS RTHDCPL EXE C Program Files iTunes iTunesHelper exe C WINDOWS Samsung PanelMgr ssmmgr exe C WINDOWS system RUNDLL EXE C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PifSvc exe C Program Files Java jre bin jusched exe C WINDOWS system rundll exe C Program Files Sunbelt Software CounterSpy SBAMTray exe C WINDOWS System svchost exe -k HTTPFilter C Program Files iPod bin iPodService exe C WINDOWS system taskmgr exe C Program Files Mozilla Firefox firefox exe C WINDOWS system wuauclt exe C Program Files Malwarebytes' Anti-Malware mbam exe C Documents and Settings Christopher Kallas My Documents Downloads dds scr Pseudo HJT Report BHO Spybot-S amp D IE Protection - F - D - - D F - c progra spybot SDHelper dll mRun nwiz nwiz exe install mRun RTHDCPL RTHDCPL EXE mRun SkyTel SkyTel EXE mRun QuickTime Task quot c program files quicktime QTTask exe quot -atboottime mRun iTunesHelper quot c program files itunes iTunesHelper exe quot mRun Samsung PanelMgr c windows samsung panelmgr ssmmgr exe autorun mRun NvMediaCenter RUNDLL EXE c windows system NvMcTray dll NvTaskbarInit mRun Symantec PIF AlertEng quot c program files common files symantec shared pif b e dd - - c -b f- f fca a pifsvc exe quot a m quot c program files common files symantec shared pif b e dd - - c -b f- f fca a AlertEng dll quot mRun SunJavaUpdateSched quot c program files java jre bin jusched exe quot mRun SBAMTray c program files sunbelt software counterspy SBAMTray exe IE DFB A - F - C -A - CAB FD A - - F - D - - D F - c progra spybot SDHelper dll AppInit DLLs jrzimm dll FIREFOX FF - ProfilePath - c docume christ applic mozilla firefox profiles wxnszah default FF - prefs js browser startup homepage - hxxp google com FF - component c documents and settings all users application data norton c c - f d- f -aaa - ef e norton ipsffplgn components IPSFFPl dll FF - plugin c program files mozilla firefox plugins npitunes dll SERVICES DRIVERS R SymEFA Symantec Extended File Attributes SystemRoot SystemRoot System Drivers NAV SYMEFA SYS R BHDrvx Symantec Heuristics Driver c windows system drivers nav BHDrvx sys - - R ccHP Symantec Hash Provider c windows system drivers nav ccHPx sys - - R IDSxpx IDSxpx c documents and settings all users application data norton c c - f d- f -aaa - ef e norton definitions ipsdefs IDSxpx sys - - R sbaphd sbaphd c windows system drivers sbaphd sys - - R Norton AntiVirus Norton AntiVirus quot c program files norton antivirus norton antiviru... Read more

A:MS Juan

Hello borke, to BleepingComputer, My Nick is Net_Surfer, and I will be assisting you with your malware issues.Whatever repairs we make, are for fixing "your computer problems only" and by no means should be used on another computer.Please continue to respond to this thread until I give you the All Clean!. If you have any question or you're stuck in there please reply it to me. I will try my best to help you.!Please take note of the following:You may want to keep the link to this topic in your favourites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown Here. 1. Please do not make any system changes yet. as any changes you make may well alter your log. 2. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean. 3. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes. 4. Most Important - Only do what I ask you to do. 5. Please reply to this thread. Do not start a new topic.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Please complete the steps below, I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.you should NOT make further changes to your computer] (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member or myself, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause some confusion and could complicate the malware removal process which would extend the time it takes to clean your computer.From this point on the HJT Team should be the only members that you take advice from and myself, until we have verified your log as clean.Step #1). Please Close/disable your anti virus and anti malware programs including TeaTimer. so they do not interfere with the fixing tools we are about to run. Instructions for doing so are located Click HEREHow to disable SPYBOT TEATIMER Launch Spybot S&D, go to the Mode menu and make sure "Advanced Mode" is selected.
On the left hand side, click on Tools, then click on the Resident Icon in the list.
Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
Click on the "System Startup" icon in the List
Uncheck the "TeaTimer" box and click "OK" any prompts.
If Teatimer gives you a warning that changes were made, click the "Allow Change" box when prompted.
Exit Spybot S&D when done.(When we are done, you can re-enable Teatimer using the same steps but this time place a check next to "Resident TeaTimer" and check the "TeaTimer" box in System Startup.)Important! Reboot to make these changes take effect. Step #2).Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<Read more

http://www.bleepingcomputer.com/forums/t/188878/ms-juan/