version 3.2
by noahdfear
Microsoft Windows XP [Version 5.1.2600]
"IE"="6.0000"
The current date is: Mon 12/04/2006
The current time is: 19:17:04.85
Running from
C:\Malware Stuff\smitRem
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pre-run SharedTask Export
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Appinitdll check ........ Thank you Grinler!
dumphive.exe (C)2000-2004 Markus Stephany
REGEDIT4
[Windows]
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
XP Firewall allowed access
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\WinMX\\WinMX.exe"="C:\\Program Files\\WinMX\\WinMX.exe:*:Enabled:WinMX Application"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Nortel Networks\\Extranet.exe"="C:\\Program Files\\Nortel Networks\\Extranet.exe:*:Enabled:Contivity VPN Client"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\WINDOWS\\system32\\vypiqvsr.exe"="C:\\WINDOWS\\system32\\vypiqvsr.exe:*:Disabled:vypiqvsr"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
checking for drsmartload2 key
drsmartload2 key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present
AlfaCleaner uninstaller NOT present
SpyFalcon uninstaller NOT present
SpywareQuake uninstaller NOT present
SpywareSheriff uninstaller NOT present
Trust Cleaner uninstaller NOT present
SpyHeal uninstaller NOT present
VirusBurst uninstaller NOT present
BraveSentry uninstaller NOT present
AntiVermins uninstaller NOT present
VirusBursters uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Existing Pre-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
Download Free Spyware Remover.url
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 764 'explorer.exe'
Starting registry repairs
Registry repairs complete
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SharedTask Export after registry fix
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Deleting files
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Remaining Post-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~ Wininet.dll ~~~
CLEAN!
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 8:20:14 PM 12/6/2006
+ Scan result:
G:\System Volume Information\_restore{2773F7A5-A97D-4117-9649-F0BEC6AFD717}\RP194\A0035474.exe -> Adware.Gator : No action taken.
I:\System Volume Information\_restore{2773F7A5-A97D-4117-9649-F0BEC6AFD717}\RP194\A0035475.exe -> Adware.Gator : No action taken.
C:\System Volume Information\_restore{2773F7A5-A97D-4117-9649-F0BEC6AFD717}\RP194\A0035473.exe -> Adware.Rebates : No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : No action taken.
:mozilla.128:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.129:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.130:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.131:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.132:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.133:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.134:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.135:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.136:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.137:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.138:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.139:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.140:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.141:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.154:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.313:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.103:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.104:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.105:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.33:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.34:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.35:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.36:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.51:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.52:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.53:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.99:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.372:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Bfast : No action taken.
:mozilla.178:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.249:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.250:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.251:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.252:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.202:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Burstbeacon : No action taken.
:mozilla.203:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.204:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.205:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.73:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.75:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.76:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.77:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.78:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.79:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.80:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.25:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.82:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.83:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.86:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.91:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.92:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.160:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.167:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.253:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.322:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.342:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.377:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.404:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.215:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.216:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.217:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.262:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.263:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.368:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.188:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.189:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.190:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.191:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.165:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.166:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.186:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.187:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.192:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.373:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Myaffiliateprogram : No action taken.
:mozilla.374:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Myaffiliateprogram : No action taken.
:mozilla.417:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Myaffiliateprogram : No action taken.
:mozilla.418:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Myaffiliateprogram : No action taken.
:mozilla.145:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.146:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.285:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.123:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.124:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.125:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.126:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.127:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.278:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.279:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.280:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.281:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.282:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.283:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.222:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.223:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.224:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.225:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.108:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.109:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.110:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.111:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.354:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.119:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.120:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.121:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.158:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.159:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.411:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.412:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.413:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.157:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.81:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.84:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.85:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.87:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.88:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.89:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.90:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.194:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.197:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.198:C:\Program Files\support.com\backup\co\cookies.txt\50957_599b56090_/cookies.txt -> TrackingCookie.Zedo : No action taken.
::Report end
Logfile of HijackThis v1.99.1
Scan saved at 8:40:03 PM, on 12/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Upromise_Remind_U\UpromiseRemindU.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Malware Stuff\Hijack this\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bellsouth.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UpromiseRemindU] "C:\Program Files\Upromise_Remind_U\UpromiseRemindU.exe"
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: RemindU. - file://C:\Program Files\Upromise_Remind_U\UpromisesRemindU\UpromisetRemindU\uproC0.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: RemindU - {B48798CE-A2E0-4918-BC00-0F72FBA708E2} - file://C:\Program Files\Upromise_Remind_U\UpromisesRemindU\UpromisetRemindU\uproC0.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.bellsouth.net
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail ... nPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7895776056
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} (Rite Aid One Hour Photo Online Control) - https://photos.riteaid.com/control/Rite ... Online.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe