Hi everyone who can help me : I've unsuccesfully tried many tools to delete Look2me that Ad-Aware reports everytime I'm scanning my pc : FxSpL2Me from Symantec, Look2Me-destroyer, Kill2me, Removel2me, L2mfix, Flook2me from F-secure.....NO WAY!
This is my Ad-Aware log
Ad-Aware SE Build 1.06r1
Logfile Created on:lunedì 5 giugno 2006 17.29.11
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R110 31.05.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.Look2Me(TAC index:7):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R110 31.05.2006
Internal build : 131
File location : C:\Programmi\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 673936 Bytes
Total size : 2205484 Bytes
Signature data size : 2157938 Bytes
Reference data size : 47034 Bytes
Signatures total : 60724
CSI Fingerprints total : 2904
CSI data size : 100630 Bytes
Target categories : 15
Target families : 906
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:42 %
Total physical memory:523760 kb
Available physical memory:216868 kb
Total page file size:751068 kb
Available on page file:464928 kb
Total virtual memory:2097024 kb
Available virtual memory:2039696 kb
OS:Microsoft Windows 2000 Professional Service Pack 4 (Build 2195)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
05-06-2006 17.29.11 - Scan started. (Custom mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 176
ThreadCreationTime : 05-06-2006 14.55.28
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 200
ThreadCreationTime : 05-06-2006 14.55.32
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 196
ThreadCreationTime : 05-06-2006 14.55.33
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 248
ThreadCreationTime : 05-06-2006 14.55.34
BasePriority : Normal
FileVersion : 5.00.2195.7035
ProductVersion : 5.00.2195.7035
ProductName : Sistema operativo Microsoft® Windows ® 2000
CompanyName : Microsoft Corporation
FileDescription : Applicazione Servizi e Controller
InternalName : services.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 260
ThreadCreationTime : 05-06-2006 14.55.34
BasePriority : Normal
FileVersion : 5.00.2195.7011
ProductVersion : 5.00.2195.7011
ProductName : Sistema operativo Microsoft® Windows ® 2000
CompanyName : Microsoft Corporation
FileDescription : DLL eseguibile e server LSA
InternalName : lsasrv.dll e lsass.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : lsasrv.dll e lsass.exe
#:6 [smc.exe]
FilePath : C:\Programmi\Sygate\SPF\
ProcessID : 400
ThreadCreationTime : 05-06-2006 14.55.36
BasePriority : Normal
FileVersion : 5.6.00.2808
ProductVersion : 5.6.00.2808
ProductName : Sygate® Security Agent and Personal Firewall
CompanyName : Sygate Technologies, Inc.
FileDescription : Sygate Agent Firewall
InternalName : Smc
LegalCopyright : Copyright © 1999 - 2004 Sygate Technologies, Inc. All rights reserved.
OriginalFilename : Smc.EXE
#:7 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 456
ThreadCreationTime : 05-06-2006 14.55.38
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:8 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 496
ThreadCreationTime : 05-06-2006 14.55.39
BasePriority : Normal
FileVersion : 5.00.2195.7059
ProductVersion : 5.00.2195.7059
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : spoolss.exe
#:9 [aswupdsv.exe]
FilePath : C:\Programmi\Alwil Software\Avast4\
ProcessID : 648
ThreadCreationTime : 05-06-2006 14.55.42
BasePriority : Normal
#:10 [ashserv.exe]
FilePath : C:\Programmi\Alwil Software\Avast4\
ProcessID : 668
ThreadCreationTime : 05-06-2006 14.55.43
BasePriority : High
FileVersion : 4, 7, 824, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright © 2006 ALWIL Software
OriginalFilename : aswServ.exe
#:11 [btwdins.exe]
FilePath : C:\Programmi\WIDCOMM\Software Bluetooth\bin\
ProcessID : 700
ThreadCreationTime : 05-06-2006 14.55.44
BasePriority : Normal
FileVersion : 1.4.2 Build 10
ProductVersion : 1.4.2 Build 10
ProductName : Bluetooth Software 1.4.2 Build 10
CompanyName : WIDCOMM, Inc.
FileDescription : Bluetooth Support Server
InternalName : BTWDIns
LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003.
OriginalFilename : BTWDIns.EXE
#:12 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 716
ThreadCreationTime : 05-06-2006 14.55.44
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:13 [regsvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 764
ThreadCreationTime : 05-06-2006 14.55.45
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : REGSVC.EXE
#:14 [mstask.exe]
FilePath : C:\WINNT\system32\
ProcessID : 788
ThreadCreationTime : 05-06-2006 14.55.46
BasePriority : Normal
FileVersion : 4.71.2195.6972
ProductVersion : 4.71.2195.6972
ProductName : Utilità di pianificazione per Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Modulo di gestione dell'Utilità di pianificazione
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 1997
OriginalFilename : mstask.exe
#:15 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ProcessID : 848
ThreadCreationTime : 05-06-2006 14.55.47
BasePriority : Normal
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
ProductName : Strumentazione gestione Windows
CompanyName : Microsoft Corporation
FileDescription : Strumentazione gestione Windows
InternalName : WINMGMT
LegalCopyright : Copyright © Microsoft Corp. 1995-1999
#:16 [mspmspsv.exe]
FilePath : C:\WINNT\System32\
ProcessID : 884
ThreadCreationTime : 05-06-2006 14.55.48
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft ® DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE
#:17 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 908
ThreadCreationTime : 05-06-2006 14.55.48
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:18 [ashwebsv.exe]
FilePath : C:\Programmi\Alwil Software\Avast4\
ProcessID : 1208
ThreadCreationTime : 05-06-2006 14.55.59
BasePriority : Normal
#:19 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 1220
ThreadCreationTime : 05-06-2006 14.56.00
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : EXPLORER.EXE
#:20 [ashmaisv.exe]
FilePath : C:\Programmi\Alwil Software\Avast4\
ProcessID : 1252
ThreadCreationTime : 05-06-2006 14.56.01
BasePriority : Normal
#:21 [soundman.exe]
FilePath : C:\WINNT\
ProcessID : 548
ThreadCreationTime : 05-06-2006 14.56.14
BasePriority : Normal
FileVersion : 5.0.16
ProductVersion : 5.0.16
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager
#:22 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 1444
ThreadCreationTime : 05-06-2006 14.56.14
BasePriority : Normal
FileVersion : 4, 7, 817, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright © 2006 ALWIL Software
OriginalFilename : aswDisp.exe
#:23 [bttray.exe]
FilePath : C:\Programmi\WIDCOMM\Software Bluetooth\
ProcessID : 1416
ThreadCreationTime : 05-06-2006 14.56.16
BasePriority : Normal
FileVersion : 1.4.2 Build 10
ProductVersion : 1.4.2 Build 10
ProductName : Bluetooth Software 1.4.2 Build 10
CompanyName : WIDCOMM, Inc.
FileDescription : Bluetooth Tray Application
InternalName : BTTray
LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003.
OriginalFilename : BTTray.exe
#:24 [faxmonitor.exe]
FilePath : C:\Programmi\Fastweb\PrintAndFax\
ProcessID : 1588
ThreadCreationTime : 05-06-2006 14.56.18
BasePriority : Normal
FileVersion : 1, 2, 0, 0
ProductVersion : 1, 2, 0, 0
ProductName : Print And Fax
CompanyName : Icona SpA
FileDescription : FaxMonitor
InternalName : FaxMonitor
LegalCopyright : Copyright © 2003, 2005
OriginalFilename : FaxMonitor.EXE
#:25 [scaner32.exe]
FilePath : C:\WINNT\twain_32\AVISION\AV260C\
ProcessID : 1600
ThreadCreationTime : 05-06-2006 14.56.18
BasePriority : Normal
#:26 [taldde32.exe]
FilePath : C:\TAL\
ProcessID : 1608
ThreadCreationTime : 05-06-2006 14.56.19
BasePriority : Normal
FileVersion : 1.1.9.0
ProductVersion : 1,0,0,0
ProductName : TAL Trading Tools
CompanyName : Townsend Analytics Ltd.
FileDescription : Townsend Analytics Network DDE
InternalName : TALDDE.EXE
LegalCopyright : Copyright 1986-2004 Townsend Analytics, Ltd.
#:27 [ypermcache.exe]
FilePath : C:\TAL\
ProcessID : 588
ThreadCreationTime : 05-06-2006 14.56.25
BasePriority : Normal
FileVersion : 7. 4. 9. 0
ProductVersion : 7. 0. 0. 0
ProductName : YPermCache
CompanyName : Townsend Analytics, Ltd.
FileDescription : YPermCache - Permission Caching Tool
InternalName : ypermcache.exe
LegalCopyright : Copyright © 2002 - 2004 Townsend Analytics, Ltd.. All rights reserved.
OriginalFilename : YPermCache.exe
#:28 [excel.exe]
FilePath : C:\Programmi\Microsoft Office\Office\
ProcessID : 1728
ThreadCreationTime : 05-06-2006 14.56.38
BasePriority : Normal
#:29 [msgapp32.exe]
FilePath : C:\TAL\
ProcessID : 1736
ThreadCreationTime : 05-06-2006 14.56.49
BasePriority : Normal
FileVersion : 2.0.1.0
ProductVersion : 1,0,0,0
ProductName : TAL Trading Tools
CompanyName : Townsend Analytics Ltd.
FileDescription : TAL Message App
InternalName : MSGAPP.EXE
LegalCopyright : Copyright 1986-2005 Townsend Analytics, Ltd.
#:30 [eqdatsrv.exe]
FilePath : C:\Programmi\Equis\MetaStock\Servers\
ProcessID : 800
ThreadCreationTime : 05-06-2006 14.56.57
BasePriority : High
FileVersion : 9.0
ProductVersion : 9.0
ProductName : Equis Data Server
CompanyName : Equis International
FileDescription : EQDATSRV MFC Application
InternalName : EQDATSRV
LegalCopyright : Copyright © 1998-2004 Equis International
LegalTrademarks : Equis ® is a registered trademark of EQUIS International
OriginalFilename : EQDATSRV.EXE
#:31 [msrt.exe]
FilePath : C:\Programmi\MetaServer RT 2.0 Pro (Dde version)\
ProcessID : 1868
ThreadCreationTime : 05-06-2006 14.57.01
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : MetaServer RT (Dde version)
FileDescription : MetaServer RT
InternalName : MetaServer RT
LegalCopyright : Copyright © Andrew Nazarov.1999
OriginalFilename : msrt.exe
Comments : Build 1.0.0.1
#:32 [eqfilsrv.exe]
FilePath : C:\Programmi\Equis\MetaStock\Servers\
ProcessID : 1904
ThreadCreationTime : 05-06-2006 14.57.12
BasePriority : High
FileVersion : 9.0
ProductVersion : 9.0
ProductName : MetaStock File Server
CompanyName : Equis International
FileDescription : EQFILSRV MFC Application
InternalName : EQFILSRV
LegalCopyright : Copyright © 1998-2004 Equis International
LegalTrademarks : Equis ® is a registered trademark of Equis International
OriginalFilename : EQFILSRV.EXE
#:33 [rt332.exe]
FilePath : C:\TAL\
ProcessID : 1388
ThreadCreationTime : 05-06-2006 15.23.32
BasePriority : Normal
FileVersion : 8.3.22.1
ProductVersion : RealTick 8.3 SP1
ProductName : TAL Trading Tools
CompanyName : Townsend Analytics Ltd.
FileDescription : RealTick 8.3
InternalName : RT3.EXE
LegalCopyright : Copyright 1986-2006 Townsend Analytics, Ltd.
#:34 [ad-aware.exe]
FilePath : C:\Programmi\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1196
ThreadCreationTime : 05-06-2006 15.28.54
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.Look2Me Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{ddffa75a-e81d-4454-89fc-b9fd0631e726}
Adware.Look2Me Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{ddffa75a-e81d-4454-89fc-b9fd0631e726}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 2
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
<STOP>
17.30.03 Scan stopped by user
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00.00.51.835
Objects scanned:44980
Objects identified:2
Objects ignored:0
New critical objects:2
This is Hijackthis log (no adware reported !!)
Logfile of HijackThis v1.99.1
Scan saved at 16.58.47, on 05/06/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\Programmi\Sygate\SPF\smc.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINNT\Explorer.EXE
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
C:\Programmi\Fastweb\PrintAndFax\FaxMonitor.exe
C:\WINNT\twain_32\AVISION\AV260C\SCANER32.EXE
C:\TAL\taldde32.exe
C:\TAL\ypermcache.exe
C:\Programmi\Microsoft Office\Office\excel.exe
C:\TAL\msgapp32.exe
C:\Programmi\Equis\MetaStock\Servers\EQDATSRV.EXE
C:\Programmi\MetaServer RT 2.0 Pro (Dde version)\msrt.exe
C:\Programmi\Equis\MetaStock\Servers\EQFILSRV.EXE
C:\Programmi\Antivirus Removal tool\Hijack This\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://v4.windowsupdate.microsoft.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.it
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Antivirus Removal tool\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - Startup: Avision Scanner Utility.lnk = C:\WINNT\twain_32\AVISION\AV260C\SCANER32.EXE
O4 - Startup: Collegamento a taldde32.lnk = C:\TAL\taldde32.exe
O4 - Startup: Mswin.lnk = C:\Programmi\Equis\MetaStock\Mswin.exe
O4 - Startup: quote97.lnk = C:\TAL\quote97.xls
O4 - Global Startup: BTTray.lnk = C:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
O4 - Global Startup: PrintAndFax.lnk = C:\Programmi\Fastweb\PrintAndFax\FaxMonitor.exe
O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmi\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\programmi\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\programmi\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotion...ctor/WebAAS.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA2E688C-0737-446C-ACFC-099B181654D9}: NameServer = 212.216.112.112
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmi\Sygate\SPF\smc.exe
Who can help me ?
Thank you
Full Version: Hijackthis log for Look2me
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive HijackThis Logs
Hi Toni,
Welcome to the forum
Your log says the scan was stopped? Was Adaware not able to remove them?
Please download the Vx2 cleaner plugin for Adaware here:
http://www.lavasoft.de/software/addons/vx2cleaner.shtml
Follow the directions on that page. You may have to run it more than once.
If still no joy, please try rebooting into SAFE MODE. Scan with Adaware and see if it can then remove those entries.
How to Reboot into Safe Mode
You can usually do this by restarting your computer and continually tapping F8 until a menu appears. Highlight Safe Mode and hit enter.
How to start the computer in Safe mode
http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam
Welcome to the forum
Your log says the scan was stopped? Was Adaware not able to remove them?
Please download the Vx2 cleaner plugin for Adaware here:
http://www.lavasoft.de/software/addons/vx2cleaner.shtml
Follow the directions on that page. You may have to run it more than once.
If still no joy, please try rebooting into SAFE MODE. Scan with Adaware and see if it can then remove those entries.
How to Reboot into Safe Mode
You can usually do this by restarting your computer and continually tapping F8 until a menu appears. Highlight Safe Mode and hit enter.
How to start the computer in Safe mode
http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.