Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I'm back again

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby Navigator » July 23rd, 2007, 5:15 pm

TWYLYGHT wrote:LOL Between your vacation and my job we are having a hard time connecting here.
I'm printing out your last instructions now and following through with them.

I'll post up what I'm supposed to and post it when the job is done.............fingers crossed I don't get called into work durning this process! :shock:


LOL...I'll be around.... 8)
User avatar
Navigator
MRU Honors Grad Emeritus
 
Posts: 1237
Joined: December 21st, 2005, 8:35 pm
Location: Missouri
Advertisement
Register to Remove

Unread postby TWYLYGHT » July 24th, 2007, 5:19 am

Ok, AVG installed.
Ran HJT and it showed no files infected and didn't generat a list.
When I ran the Panda scan Avast caught a virus on it so that wasn't completed.

Never got to the work called for in the safe mods as I'm confused on that one. Do I do all you instructed in the safe mod??

Just a note here. Spyware Terminator is doing such a top job that I'm not getting infected with all the crud any more.

And, about a firewall. I don't have one currently installed but, do have one of downloaded ready to install. Waiting to install it after we are done with the repair work here.

Awaiting your instruction. :)
TWYLYGHT
Regular Member
 
Posts: 35
Joined: June 22nd, 2007, 9:17 am

Unread postby Navigator » July 24th, 2007, 2:39 pm

TWYLYGHT wrote:Ok, AVG installed.
Ran HJT and it showed no files infected and didn't generat a list.
When I ran the Panda scan Avast caught a virus on it so that wasn't completed.

Never got to the work called for in the safe mods as I'm confused on that one. Do I do all you instructed in the safe mod??

Just a note here. Spyware Terminator is doing such a top job that I'm not getting infected with all the crud any more.

And, about a firewall. I don't have one currently installed but, do have one of downloaded ready to install. Waiting to install it after we are done with the repair work here.

Awaiting your instruction. :)


I take it that you mean you ran AVG (vice HJT) and it found no infected files?

The Avast AV believed the Panda Online Scan to be a virus..that is not uncommon, but if the AVG scan was 'clean' and you are not having any problems with your computer, that's OK.

Since you didn't get into safe mode, I'm supposing that you did not delete the C:\WINDOWS\xhelper.dll file? You can try to do that (delete the file) in normal mode and also use add/remove programs to remove Viewpoint Media Player.

Are you having any particular problems with your system now? You can go ahead and install hte firewall if your system is behaving OK at this point, we were just 'finishing' up anyway.

Let me know if you are having any problems and if you are able to delete/remove what I mentioned above...and give me one more HJT log to review...
User avatar
Navigator
MRU Honors Grad Emeritus
 
Posts: 1237
Joined: December 21st, 2005, 8:35 pm
Location: Missouri

Unread postby TWYLYGHT » July 24th, 2007, 4:10 pm

Nope, didn't make it to the safe mod but, will.
My system appears to be running great at the moment.

Yes, I ran HJT and it showed no files of any kind infected. There was no log file to save and post to you. Is that a good thing?

I'll do the safe mode task tomorrow after work. I've actually been promised a few days off. :roll:

Will post up a HJT file after the safe mods task.

Thanks for all your help and sorry it took me so long to get things done.
TWYLYGHT
Regular Member
 
Posts: 35
Joined: June 22nd, 2007, 9:17 am

Unread postby Navigator » July 24th, 2007, 10:00 pm

No problem...!
User avatar
Navigator
MRU Honors Grad Emeritus
 
Posts: 1237
Joined: December 21st, 2005, 8:35 pm
Location: Missouri

Unread postby TWYLYGHT » July 25th, 2007, 11:05 am

Just home for lunch. Haven't done the safe mode thing as I don't have the time to put to it right now.
Will do so tomorrow and post up the results for you. :)
TWYLYGHT
Regular Member
 
Posts: 35
Joined: June 22nd, 2007, 9:17 am

Unread postby TWYLYGHT » July 25th, 2007, 3:02 pm

I am such a dummy. When I said HJT had no log file it was because I was running VundoFix instead.
Sorry, work is really stressing me out.
At any rate I've set here and read your instruction better and have followed through up to the point of the safe mode. I can't seem to make the computer go there.
Can I delete Viewpoint Media Player and the C:\windows\xhelper.dll in the normal mode as well as running ATF-Cleaner and AVG anti spyware?

Plus, as you know I can't run the Panda Active scan because Avast detected a virus???

Plus, how soon can I install the firewall?

A side not, I ran Avast and it found about 13 trojan on my computer! They have been taken care of. :shock: :shock:

Awaiting your instructions.
TWYLYGHT
Regular Member
 
Posts: 35
Joined: June 22nd, 2007, 9:17 am

Unread postby Navigator » July 25th, 2007, 9:38 pm

TWYLYGHT wrote:I am such a dummy. When I said HJT had no log file it was because I was running VundoFix instead.
Sorry, work is really stressing me out.
At any rate I've set here and read your instruction better and have followed through up to the point of the safe mode. I can't seem to make the computer go there.
Can I delete Viewpoint Media Player and the C:\windows\xhelper.dll in the normal mode as well as running ATF-Cleaner and AVG anti spyware?

Plus, as you know I can't run the Panda Active scan because Avast detected a virus???

Plus, how soon can I install the firewall?

A side not, I ran Avast and it found about 13 trojan on my computer! They have been taken care of. :shock: :shock:

Awaiting your instructions.


Yes, you can try to see if deleting/removing in normal mode works. You can also run ATF and AVG in normal mode (though they might work more efficiently in safe mode).

A few posts ago I told you that it was OK to install and activate your firewall....

Do you have a report of the trojans found with Avast?
User avatar
Navigator
MRU Honors Grad Emeritus
 
Posts: 1237
Joined: December 21st, 2005, 8:35 pm
Location: Missouri

Unread postby TWYLYGHT » July 26th, 2007, 8:21 am

Image

Couldn't figure out how to capture the scan file so did a screenshot. I hope you can see it.

I'm not giving up on doing the safe mode instructions. I'm thinking the problem is this fancy keyboard. Need to do the function key thing I think to make it act right??

Normally I'm not such a dumb arse about these things. :lol: Now that I have some time off work the brain should regroup from the work over load.

Will install that firewall today. Although I know Zone Alarm conflicts with my Avast. So, I'll be using one of the others suggested by this site.
TWYLYGHT
Regular Member
 
Posts: 35
Joined: June 22nd, 2007, 9:17 am

Unread postby TWYLYGHT » July 26th, 2007, 9:14 am

Ok, Viewpoint Media Player, deleted. xhelper.dll deleted.


Logs:

AVG Anti-Spyware - Scan Report\par
---------------------------------------------------------\par
\par
+ Created at:\tab 9:06:30 AM 7/26/2007\par
\par
+ Scan result:\tab\par
\par
\par
\par
C:\\System Volume Information\\_restore\{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF\}\\RP11\\A0000891.dll -> Adware.Agent : Cleaned.\par
C:\\System Volume Information\\_restore\{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF\}\\RP20\\A0002842.dll -> Adware.Virtumonde : Cleaned.\par
C:\\VundoFix Backups\\cbxyvwu.dll.bad -> Adware.Virtumonde : Cleaned.\par
C:\\Documents and Settings\\TWYLYGHT\\Local Settings\\Temporary Internet Files\\Content.IE5\\14LLRD1R\\opriewpowerxzcas[1].htm -> Downloader.Agent.gx : Cleaned.\par
C:\\Documents and Settings\\TWYLYGHT\\Local Settings\\Temporary Internet Files\\Content.IE5\\14LLRD1R\\powiwezxxzcklaswqe[1].htm -> Downloader.Agent.gx : Cleaned.\par
C:\\Documents and Settings\\TWYLYGHT\\Local Settings\\Temporary Internet Files\\Content.IE5\\2QEL5PWI\\weopiewrxczxlk[2].htm -> Downloader.Agent.gx : Cleaned.\par
C:\\Documents and Settings\\TWYLYGHT\\Local Settings\\Temporary Internet Files\\Content.IE5\\4PUNCXU3\\opizxcxzvzxxas[1].htm -> Downloader.Agent.gx : Cleaned.\par
C:\\Documents and Settings\\TWYLYGHT\\Local Settings\\Temporary Internet Files\\Content.IE5\\8DARODYN\\ewoprewiopipoxzcs[1].htm -> Downloader.Agent.gx : Cleaned.\par
C:\\System Volume Information\\_restore\{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF\}\\RP28\\A0004182.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\WINDOWS\\system32\\akxrhkip.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\WINDOWS\\system32\\bwwdkqft.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\WINDOWS\\system32\\hfedfmrw.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\WINDOWS\\system32\\iqcupydm.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\WINDOWS\\system32\\nfagikjk.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\WINDOWS\\system32\\nupvfsgy.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\WINDOWS\\system32\\vrnbukxy.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\WINDOWS\\system32\\vumwhskg.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\WINDOWS\\system32\\xkjtudne.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\WINDOWS\\system32\\xveknfcc.exe -> Downloader.Tiny.id : Cleaned.\par
C:\\Documents and Settings\\TWYLYGHT\\Local Settings\\Temporary Internet Files\\Content.IE5\\14LLRD1R\\oiewupqoidasqw[1].htm -> Dropper.Small.j : Cleaned.\par
C:\\Documents and Settings\\TWYLYGHT\\Local Settings\\Temporary Internet Files\\Content.IE5\\14LLRD1R\\opiczzxlklasdkdcv[1].htm -> Dropper.Small.j : Cleaned.\par
C:\\Documents and Settings\\TWYLYGHT\\Local Settings\\Temporary Internet Files\\Content.IE5\\14LLRD1R\\opxzcvxzsadwqew[1].htm -> Dropper.Small.j : Cleaned.\par
C:\\Documents and Settings\\TWYLYGHT\\Local Settings\\Temporary Internet Files\\Content.IE5\\14LLRD1R\\poiwzxwiekldfwew[1].htm -> Dropper.Small.j : Cleaned.\par
C:\\Documents and Settings\\TWYLYGHT\\Local Settings\\Temporary Internet Files\\Content.IE5\\4PUNCXU3\\poixcvddrtrfg[1].htm -> Dropper.Small.j : Cleaned.\par
:mozilla.201:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.2o7 : Cleaned.\par
:mozilla.202:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.2o7 : Cleaned.\par
:mozilla.204:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.2o7 : Cleaned.\par
:mozilla.302:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.2o7 : Cleaned.\par
:mozilla.303:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.2o7 : Cleaned.\par
:mozilla.304:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.2o7 : Cleaned.\par
:mozilla.44:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adbrite : Cleaned.\par
:mozilla.45:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adbrite : Cleaned.\par
:mozilla.46:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adbrite : Cleaned.\par
:mozilla.47:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adbrite : Cleaned.\par
:mozilla.51:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adbrite : Cleaned.\par
:mozilla.72:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Adbrite : Cleaned.\par
:mozilla.73:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Adbrite : Cleaned.\par
:mozilla.74:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Adbrite : Cleaned.\par
:mozilla.236:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Addynamix : Cleaned.\par
:mozilla.111:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.112:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.113:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.114:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.115:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.116:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.117:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.124:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.125:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.126:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.127:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.128:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.129:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.130:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.\par
:mozilla.110:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Advertising : Cleaned.\par
:mozilla.118:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Advertising : Cleaned.\par
:mozilla.119:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Advertising : Cleaned.\par
:mozilla.120:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Advertising : Cleaned.\par
:mozilla.121:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Advertising : Cleaned.\par
:mozilla.70:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Advertising : Cleaned.\par
:mozilla.71:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Advertising : Cleaned.\par
:mozilla.72:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Advertising : Cleaned.\par
:mozilla.73:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Advertising : Cleaned.\par
:mozilla.74:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Advertising : Cleaned.\par
:mozilla.44:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Atdmt : Cleaned.\par
:mozilla.89:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Atdmt : Cleaned.\par
:mozilla.122:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.\par
:mozilla.161:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.\par
:mozilla.160:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.\par
:mozilla.262:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.\par
:mozilla.257:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Burstnet : Cleaned.\par
:mozilla.259:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Burstnet : Cleaned.\par
:mozilla.260:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Burstnet : Cleaned.\par
:mozilla.261:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Burstnet : Cleaned.\par
:mozilla.57:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Burstnet : Cleaned.\par
:mozilla.59:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Burstnet : Cleaned.\par
:mozilla.204:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.\par
:mozilla.205:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.\par
:mozilla.206:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.\par
:mozilla.207:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.\par
:mozilla.208:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.\par
:mozilla.210:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.\par
:mozilla.211:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.\par
:mozilla.212:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.\par
:mozilla.113:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Clickbank : Cleaned.\par
:mozilla.209:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Com : Cleaned.\par
:mozilla.38:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Com : Cleaned.\par
:mozilla.39:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Com : Cleaned.\par
:mozilla.200:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.\par
:mozilla.237:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.\par
:mozilla.54:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.\par
:mozilla.58:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.\par
:mozilla.129:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Euroclick : Cleaned.\par
:mozilla.130:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Euroclick : Cleaned.\par
:mozilla.131:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Euroclick : Cleaned.\par
:mozilla.132:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Euroclick : Cleaned.\par
:mozilla.133:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Euroclick : Cleaned.\par
:mozilla.134:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Euroclick : Cleaned.\par
:mozilla.278:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Euroclick : Cleaned.\par
:mozilla.100:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Fastclick : Cleaned.\par
:mozilla.101:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Fastclick : Cleaned.\par
:mozilla.102:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Fastclick : Cleaned.\par
:mozilla.103:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Fastclick : Cleaned.\par
:mozilla.105:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Fastclick : Cleaned.\par
:mozilla.107:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Fastclick : Cleaned.\par
:mozilla.109:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Fastclick : Cleaned.\par
:mozilla.94:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Fastclick : Cleaned.\par
:mozilla.95:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Fastclick : Cleaned.\par
:mozilla.293:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.\par
:mozilla.294:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.\par
:mozilla.320:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.\par
:mozilla.63:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.\par
:mozilla.243:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.244:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.245:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.246:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.247:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.326:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.327:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.328:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.329:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.65:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.66:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.67:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Hitbox : Cleaned.\par
:mozilla.376:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.\par
:mozilla.377:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.\par
:mozilla.111:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Liveperson : Cleaned.\par
:mozilla.112:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Liveperson : Cleaned.\par
:mozilla.116:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.\par
:mozilla.117:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.\par
:mozilla.30:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.\par
:mozilla.31:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.\par
:mozilla.300:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Netflame : Cleaned.\par
:mozilla.317:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Overture : Cleaned.\par
:mozilla.77:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Overture : Cleaned.\par
:mozilla.83:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Paypal : Cleaned.\par
:mozilla.80:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Pointroll : Cleaned.\par
:mozilla.81:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Pointroll : Cleaned.\par
:mozilla.84:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Pointroll : Cleaned.\par
:mozilla.85:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Pointroll : Cleaned.\par
:mozilla.86:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Pointroll : Cleaned.\par
:mozilla.87:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Pointroll : Cleaned.\par
:mozilla.88:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Pointroll : Cleaned.\par
:mozilla.89:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Pointroll : Cleaned.\par
:mozilla.90:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Pointroll : Cleaned.\par
:mozilla.91:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Pointroll : Cleaned.\par
:mozilla.138:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.\par
:mozilla.139:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.\par
:mozilla.140:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.\par
:mozilla.168:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.\par
:mozilla.169:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.\par
:mozilla.123:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Realmedia : Cleaned.\par
:mozilla.124:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Realmedia : Cleaned.\par
:mozilla.125:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Realmedia : Cleaned.\par
:mozilla.126:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Realmedia : Cleaned.\par
:mozilla.127:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Realmedia : Cleaned.\par
:mozilla.131:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Realmedia : Cleaned.\par
:mozilla.132:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Realmedia : Cleaned.\par
:mozilla.133:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Realmedia : Cleaned.\par
:mozilla.344:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Realtracker : Cleaned.\par
:mozilla.195:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.196:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.197:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.198:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.199:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.301:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.42:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.45:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.46:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.47:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.53:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Revsci : Cleaned.\par
:mozilla.120:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Ru4 : Cleaned.\par
:mozilla.121:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Ru4 : Cleaned.\par
:mozilla.122:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Ru4 : Cleaned.\par
:mozilla.123:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Ru4 : Cleaned.\par
:mozilla.264:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.265:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.266:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.269:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.270:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.272:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.273:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.274:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.277:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.278:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.386:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.387:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.388:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.389:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.390:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.396:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Specificclick : Cleaned.\par
:mozilla.343:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Spinbox : Cleaned.\par
:mozilla.104:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Statcounter : Cleaned.\par
:mozilla.105:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Statcounter : Cleaned.\par
:mozilla.106:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Statcounter : Cleaned.\par
:mozilla.107:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Statcounter : Cleaned.\par
:mozilla.108:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Statcounter : Cleaned.\par
:mozilla.68:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Statcounter : Cleaned.\par
:mozilla.69:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Statcounter : Cleaned.\par
:mozilla.70:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Statcounter : Cleaned.\par
:mozilla.163:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Tacoda : Cleaned.\par
:mozilla.164:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Tacoda : Cleaned.\par
:mozilla.165:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Tacoda : Cleaned.\par
:mozilla.166:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Tacoda : Cleaned.\par
:mozilla.167:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Tacoda : Cleaned.\par
:mozilla.279:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Tacoda : Cleaned.\par
:mozilla.60:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Tacoda : Cleaned.\par
:mozilla.61:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Tacoda : Cleaned.\par
:mozilla.62:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Tacoda : Cleaned.\par
:mozilla.147:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.148:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.149:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.150:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.151:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.152:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.153:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.154:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.155:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.274:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.275:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.\par
:mozilla.128:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.\par
:mozilla.159:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.\par
:mozilla.222:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.\par
:mozilla.321:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Yadro : Cleaned.\par
:mozilla.322:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Yadro : Cleaned.\par
:mozilla.63:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.\par
:mozilla.64:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.\par
:mozilla.65:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.\par
:mozilla.78:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.\par
:mozilla.83:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.\par
:mozilla.84:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.\par
:mozilla.85:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.\par
:mozilla.86:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.\par
:mozilla.94:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.\par
:mozilla.95:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.\par
:mozilla.141:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Zedo : Cleaned.\par
:mozilla.142:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Zedo : Cleaned.\par
:mozilla.143:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Zedo : Cleaned.\par
:mozilla.144:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Zedo : Cleaned.\par
:mozilla.145:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Zedo : Cleaned.\par
:mozilla.146:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\4xfrej1x\\cookies.txt -> TrackingCookie.Zedo : Cleaned.\par
:mozilla.217:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Zedo : Cleaned.\par
:mozilla.218:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Zedo : Cleaned.\par
:mozilla.219:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Zedo : Cleaned.\par
:mozilla.220:C:\\Documents and Settings\\TWYLYGHT\\Application Data\\Netscape\\NSB\\Profiles\\hzuy05b5.default\\cookies.txt -> TrackingCookie.Zedo : Cleaned.\par
C:\\WINDOWS\\system32\\wnscpicom.exe -> Trojan.Small : Cleaned.\par
\par
\par
::Report end\par
\par
}






Logfile of HijackThis v1.99.1
Scan saved at 9:08:26 AM, on 7/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\htpatch.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\TrojanHunter 4.7\THGuard.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
D:\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\PrintScreen\PrintScreen.exe
C:\WINDOWS\system32\sistray.exe
D:\Stardock\ObjectDock\ObjectDock.exe
d:\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60308
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60308
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60308
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60308
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.7\THGuard.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "d:\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "D:\PrintScreen\PrintScreen.exe" /nosplash
O4 - Startup: Stardock ObjectDock.lnk
O4 - Global Startup: E-Color.lnk
O4 - Global Startup: Utility Tray.lnk
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: WBSrv - D:\STARDOCK\OBJECT~1\WINDOW~1\wbsrv.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - d:\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe



The only other problem I am or was having (didn't check before doing this post) are some temp Internet files I can't delete. Will check on those once I'm done here.
TWYLYGHT
Regular Member
 
Posts: 35
Joined: June 22nd, 2007, 9:17 am

Unread postby TWYLYGHT » July 26th, 2007, 9:23 am

Image


Again another Screenshot because I wasn't allowed to copy.

These are the temp Internet files I'm not being allowed to delete.
TWYLYGHT
Regular Member
 
Posts: 35
Joined: June 22nd, 2007, 9:17 am

Unread postby Navigator » July 26th, 2007, 10:21 pm

TWYLYGHT wrote:Image


Again another Screenshot because I wasn't allowed to copy.

These are the temp Internet files I'm not being allowed to delete.


Well I cannot tell much about those particular temp files from the screenshot...but it is not unusual for all temp files not to be deleted. For example, any temp file 'in use' will not be deleted.

AVG found some things, and it cleaned what it found...but I'd still like to get an online virus scan to do some more checking. I'm not seeing anything in particular in the HJT log.

You have an Active-X control for Kaspersky installed, so let's do a Kaspersky scan:

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
      Extended (if available otherwise Standard)
    • Scan Options:
      Scan Archives
      Scan Mail Bases

  • Click OK
  • Now under select a target to scan:
      Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
User avatar
Navigator
MRU Honors Grad Emeritus
 
Posts: 1237
Joined: December 21st, 2005, 8:35 pm
Location: Missouri

Unread postby TWYLYGHT » July 27th, 2007, 8:41 am

I'll do the scan later today as I'm off to take care of some business this morning.

I want to say thanks again for all your help.

The computer is working as it should now and I'm very happy with the Comodo Firewall. Much better than Zone Alarm and more user friendly.
Needless to say I feel more secure on the Internet now.
TWYLYGHT
Regular Member
 
Posts: 35
Joined: June 22nd, 2007, 9:17 am

Unread postby TWYLYGHT » July 27th, 2007, 11:46 am

E-Mail scan was clean.

The following scann shocked me as I just ran Avast yesterday!! :shock:

KASPERSKY ONLINE SCANNER REPORT
Friday, July 27, 2007 11:40:34 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 27/07/2007
Kaspersky Anti-Virus database records: 368569
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 115347
Number of viruses found: 7
Number of infected objects: 24 / 0
Number of suspicious objects: 0
Duration of the scan process: 00:57:19

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\History\History.IE5\MSHist012007072720070728\index.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\Temp\~DF1D34.tmp Object is locked skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\Temporary Internet Files\Content.IE5\2QEL5PWI\ewoiueoieuqwwq[1].htm Infected: Trojan-Downloader.JS.Agent.kd skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\Temporary Internet Files\Content.IE5\2QEL5PWI\weopiewrxczxlk[1].htm Infected: Trojan-Downloader.JS.Agent.kd skipped
C:\Documents and Settings\TWYLYGHT\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\ntuser.dat Object is locked skipped
C:\Documents and Settings\TWYLYGHT\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP11\A0000830.exe Infected: Virus.Win32.Agent.ab skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP20\A0002840.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP20\A0002841.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP20\A0002851.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kp skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP20\A0002852.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP28\A0004342.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP28\A0004343.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP28\A0004344.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP28\A0004345.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP28\A0004346.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP28\A0004347.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP28\A0004348.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP28\A0004349.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP28\A0004350.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP28\A0004351.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP30\change.log Object is locked skipped
C:\VundoFix Backups\catskuse.dll.bad Infected: Trojan.Win32.BHO.bd skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\htpatch.exe Infected: Virus.Win32.Agent.ab skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\evryjrih.dll Infected: Trojan.Win32.BHO.bd skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\hampcjdy.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\WINDOWS\system32\ibxypxai.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\WINDOWS\system32\jsuyklbg.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\WINDOWS\system32\keyhook.exe Infected: Virus.Win32.Agent.ab skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_4b4.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\_restore{53DFA49A-2DA9-43F0-AECD-A96FE435AAFF}\RP30\change.log Object is locked skipped

Scan process completed.
TWYLYGHT
Regular Member
 
Posts: 35
Joined: June 22nd, 2007, 9:17 am

Unread postby Navigator » July 27th, 2007, 8:41 pm

OK...good job. And, you're welcome.....! Different scanners find different things; it's why doing a few can often be beneficial..

Let's clean out the temporary internet files and delete the other stuff that Kaspersky found. The infected files Kaspersky found in system restore will be cleaned out later (when we are done) after we reset system restore. I'm going to have you set your computer to reveal hidden files prior to attempting to delete some files using HJT:

1 Clean out the Temporary Internet files folder
    - Quit Internet Explorer and quit any instances of Windows Explorer.
    - Click Start button, click Control Panel, and then double-click Internet Options.
    - On the General tab, click Delete Files under Temporary Internet Files.
    - In the Delete Files dialog box, click to select the Delete all offline content check box , and then click OK.
    - On the General tab, click Delete Cookies under Temporary Internet Files, and then click OK.

2. Reveal Hidden Files

  • Click Start.
  • Open My Computer.
  • SelectTools menu
  • Click Folder Options.
  • Select the View Tab.
  • Check Show hidden files and foldersin the Hidden files and folders section.
  • Uncheck Hide protected operating system files (recommended) option.
  • Uncheck the Hide file extensions for known file types option.
  • Click Yes.
  • Click OK.

3. Please delete these folders using Windows Explorer(if present):
  • Click Start>>All Programs>>Accessories>>Windows Explorer
  • Navigate to the listed folders, then right-click to select them and click delete


C:\VundoFix Backups


4. Delete Files on Reboot using HJT:

  • Open HiJackThis
  • Click on the "Config..." button on the bottom right
  • Click on the tab "Misc Tools"
  • Click on "Delete File on Reboot"
  • Navigate to this file - C:\WINDOWS\system32\hampcjdy.exe
  • Double click on that file.
  • HJT asks you if you want to reboot, now. Click "no".
  • Do the above for the following files also. After the last one, click "yes" when HJT asks you to reboot.

C:\WINDOWS\system32\ibxypxai.exe
C:\WINDOWS\system32\jsuyklbg.exe


5. After the reboot, post back with another HJT log for me to review and let me know if your computer is still without problems...
User avatar
Navigator
MRU Honors Grad Emeritus
 
Posts: 1237
Joined: December 21st, 2005, 8:35 pm
Location: Missouri
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 51 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware