Thanks Susan528, here is what you asked for...
Spysweeper
********
2:01 PM: | Start of Session, Sunday, November 20, 2005 |
2:01 PM: Spy Sweeper started
2:01 PM: Sweep initiated using definitions version 574
2:01 PM: Starting Memory Sweep
2:06 PM: Memory Sweep Complete, Elapsed Time: 00:05:09
2:06 PM: Starting Registry Sweep
2:06 PM: Found Adware: popuper
2:06 PM: HKLM\software\microsoft\windows\currentversion\explorer\browser helper objecta\ (4 subtraces) (ID = 735573)
2:06 PM: Found Adware: security2k hijacker
2:06 PM: HKLM\software\microsoft\windows\currentversion\policies\explorer\run\ || kernel32.dll (ID = 796421)
2:06 PM: Found Trojan Horse: trojan-downloader-zlob
2:06 PM: HKLM\software\microsoft\windows\currentversion\policies\explorer\run\ || wininet.dll (ID = 797370)
2:06 PM: HKLM\software\microsoft\windows\currentversion\policies\explorer\run\ || wininet.dll (ID = 797671)
2:06 PM: HKCR\nvideocodek.chl\ (2 subtraces) (ID = 820294)
2:06 PM: HKLM\software\classes\nvideocodek.chl\ (2 subtraces) (ID = 820324)
2:06 PM: Registry Sweep Complete, Elapsed Time:00:00:27
2:06 PM: Starting Cookie Sweep
2:06 PM: Found Spy Cookie: coremetrics cookie
2:06 PM:
emma@data.coremetrics[1].txt (ID = 2472)
2:07 PM: Found Spy Cookie: 2o7.net cookie
2:07 PM: ashley@2o7[2].txt (ID = 1957)
2:07 PM: Found Spy Cookie: 64.62.232 cookie
2:07 PM: ashley@64.62.232[1].txt (ID = 1987)
2:07 PM: ashley@64.62.232[2].txt (ID = 1987)
2:07 PM: ashley@64.62.232[3].txt (ID = 1987)
2:07 PM: ashley@64.62.232[5].txt (ID = 1987)
2:07 PM: ashley@64.62.232[6].txt (ID = 1987)
2:07 PM: Found Spy Cookie: 888 cookie
2:07 PM: ashley@888[2].txt (ID = 2019)
2:07 PM: Found Spy Cookie: shop@home cookie
2:07 PM:
ashley@a.shopathomeselect[1].txt (ID = 3368)
2:07 PM: Found Spy Cookie: websponsors cookie
2:07 PM:
ashley@a.websponsors[2].txt (ID = 3665)
2:07 PM: Found Spy Cookie: about cookie
2:07 PM: ashley@about[2].txt (ID = 2037)
2:07 PM: Found Spy Cookie: ad-logics cookie
2:07 PM: ashley@ad-logics[1].txt (ID = 2049)
2:07 PM: Found Spy Cookie: yieldmanager cookie
2:07 PM:
ashley@ad.yieldmanager[2].txt (ID = 3751)
2:07 PM: Found Spy Cookie: adecn cookie
2:07 PM: ashley@adecn[1].txt (ID = 2063)
2:07 PM: Found Spy Cookie: adknowledge cookie
2:07 PM: ashley@adknowledge[2].txt (ID = 2072)
2:07 PM: Found Spy Cookie: hbmediapro cookie
2:07 PM:
ashley@adopt.hbmediapro[2].txt (ID = 2768)
2:07 PM: Found Spy Cookie: hotbar cookie
2:07 PM:
ashley@adopt.hotbar[2].txt (ID = 4207)
2:07 PM: Found Spy Cookie: specificclick.com cookie
2:07 PM:
ashley@adopt.specificclick[2].txt (ID = 3400)
2:07 PM: Found Spy Cookie: adorigin cookie
2:07 PM: ashley@adorigin[2].txt (ID = 2082)
2:07 PM: Found Spy Cookie: adrevolver cookie
2:07 PM: ashley@adrevolver[2].txt (ID = 2088)
2:07 PM: ashley@adrevolver[3].txt (ID = 2088)
2:07 PM: Found Spy Cookie: addynamix cookie
2:07 PM:
ashley@ads.addynamix[2].txt (ID = 2062)
2:07 PM: Found Spy Cookie: ads.adsag cookie
2:07 PM:
ashley@ads.adsag[1].txt (ID = 2108)
2:07 PM: Found Spy Cookie: cc214142 cookie
2:07 PM:
ashley@ads.cc214142[1].txt (ID = 2367)
2:07 PM: Found Spy Cookie: pointroll cookie
2:07 PM:
ashley@ads.pointroll[2].txt (ID = 3148)
2:07 PM: Found Spy Cookie: adserver cookie
2:07 PM: ashley@adserver[2].txt (ID = 2141)
2:07 PM: Found Spy Cookie: advertising cookie
2:07 PM: ashley@advertising[1].txt (ID = 2175)
2:07 PM: Found Spy Cookie: apmebf cookie
2:07 PM: ashley@apmebf[1].txt (ID = 2229)
2:07 PM: Found Spy Cookie: falkag cookie
2:07 PM:
ashley@as-eu.falkag[1].txt (ID = 2650)
2:07 PM:
ashley@as-us.falkag[1].txt (ID = 2650)
2:07 PM: Found Spy Cookie: ask cookie
2:07 PM: ashley@ask[1].txt (ID = 2245)
2:07 PM: Found Spy Cookie: atlas dmt cookie
2:07 PM: ashley@atdmt[2].txt (ID = 2253)
2:07 PM: Found Spy Cookie: belnk cookie
2:07 PM:
ashley@ath.belnk[1].txt (ID = 2293)
2:07 PM: Found Spy Cookie: atwola cookie
2:07 PM: ashley@atwola[2].txt (ID = 2255)
2:07 PM: Found Spy Cookie: banner cookie
2:07 PM: ashley@banner[2].txt (ID = 2276)
2:07 PM: ashley@belnk[2].txt (ID = 2292)
2:07 PM: Found Spy Cookie: bluestreak cookie
2:07 PM: ashley@bluestreak[2].txt (ID = 2314)
2:07 PM: Found Spy Cookie: bravenet cookie
2:07 PM: ashley@bravenet[1].txt (ID = 2322)
2:07 PM: Found Spy Cookie: bs.serving-sys cookie
2:07 PM:
ashley@bs.serving-sys[1].txt (ID = 2330)
2:07 PM: Found Spy Cookie: burstnet cookie
2:07 PM: ashley@burstnet[1].txt (ID = 2336)
2:07 PM: Found Spy Cookie: casalemedia cookie
2:07 PM: ashley@casalemedia[2].txt (ID = 2354)
2:07 PM: Found Spy Cookie: centrport net cookie
2:07 PM: ashley@centrport[1].txt (ID = 2374)
2:07 PM: Found Spy Cookie: clickagents cookie
2:07 PM: ashley@clickagents[1].txt (ID = 2394)
2:07 PM: Found Spy Cookie: clickbank cookie
2:07 PM: ashley@clickbank[1].txt (ID = 2398)
2:07 PM: Found Spy Cookie: commission junction cookie
2:07 PM: ashley@commission-junction[2].txt (ID = 2455)
2:07 PM: ashley@coxhsi.112.2o7[2].txt (ID = 1958)
2:07 PM: Found Spy Cookie: clickzs cookie
2:07 PM:
ashley@cz8.clickzs[2].txt (ID = 2413)
2:07 PM:
ashley@data.coremetrics[1].txt (ID = 2472)
2:07 PM: Found Spy Cookie: did-it cookie
2:07 PM: ashley@did-it[1].txt (ID = 2523)
2:07 PM:
ashley@dist.belnk[2].txt (ID = 2293)
2:07 PM: Found Spy Cookie: ru4 cookie
2:07 PM:
ashley@edge.ru4[2].txt (ID = 3269)
2:07 PM: Found Spy Cookie: empnads cookie
2:07 PM: ashley@empnads[2].txt (ID = 5012)
2:07 PM: Found Spy Cookie: experclick cookie
2:07 PM: ashley@experclick[2].txt (ID = 2639)
2:07 PM:
ashley@familycrafts.about[2].txt (ID = 2038)
2:07 PM: Found Spy Cookie: fastclick cookie
2:07 PM: ashley@fastclick[2].txt (ID = 2651)
2:07 PM: Found Spy Cookie: findwhat cookie
2:07 PM: ashley@findwhat[1].txt (ID = 2674)
2:07 PM: ashley@gateway.122.2o7[1].txt (ID = 1958)
2:07 PM:
ashley@geography.about[1].txt (ID = 2038)
2:07 PM: Found Spy Cookie: clickandtrack cookie
2:07 PM:
ashley@hits.clickandtrack[2].txt (ID = 2397)
2:07 PM: Found Spy Cookie: hypertracker.com cookie
2:07 PM: ashley@hypertracker[2].txt (ID = 2817)
2:07 PM: Found Spy Cookie: screensavers.com cookie
2:07 PM:
ashley@i.screensavers[2].txt (ID = 3298)
2:07 PM: Found Spy Cookie: ic-live cookie
2:07 PM: ashley@ic-live[1].txt (ID = 2821)
2:07 PM: Found Spy Cookie: maxserving cookie
2:07 PM: ashley@maxserving[1].txt (ID = 2966)
2:07 PM: ashley@msnportal.112.2o7[1].txt (ID = 1958)
2:07 PM: Found Spy Cookie: nextag cookie
2:07 PM: ashley@nextag[2].txt (ID = 5014)
2:07 PM: Found Spy Cookie: offeroptimizer cookie
2:07 PM: ashley@offeroptimizer[2].txt (ID = 3087)
2:07 PM: Found Spy Cookie: one-time-offer cookie
2:07 PM: ashley@one-time-offer[1].txt (ID = 3095)
2:07 PM: Found Spy Cookie: overture cookie
2:07 PM: ashley@overture[1].txt (ID = 3105)
2:07 PM: Found Spy Cookie: paypopup cookie
2:07 PM: ashley@paypopup[1].txt (ID = 3119)
2:07 PM:
ashley@perf.overture[1].txt (ID = 3106)
2:07 PM: Found Spy Cookie: pro-market cookie
2:07 PM: ashley@pro-market[2].txt (ID = 3197)
2:07 PM: Found Spy Cookie: qksrv cookie
2:07 PM: ashley@qksrv[2].txt (ID = 3213)
2:07 PM: Found Spy Cookie: questionmarket cookie
2:07 PM: ashley@questionmarket[1].txt (ID = 3217)
2:07 PM: Found Spy Cookie: realmedia cookie
2:07 PM: ashley@realmedia[2].txt (ID = 3235)
2:07 PM: Found Spy Cookie: reunion cookie
2:07 PM: ashley@reunion[2].txt (ID = 3255)
2:07 PM: Found Spy Cookie: revenue.net cookie
2:07 PM: ashley@revenue[2].txt (ID = 3257)
2:07 PM: Found Spy Cookie: rn11 cookie
2:07 PM: ashley@rn11[2].txt (ID = 3261)
2:07 PM: Found Spy Cookie: adjuggler cookie
2:07 PM:
ashley@rotator.adjuggler[2].txt (ID = 2071)
2:07 PM: ashley@screensavers[1].txt (ID = 3297)
2:07 PM: Found Spy Cookie: server.iad.liveperson cookie
2:07 PM:
ashley@server.iad.liveperson[2].txt (ID = 3341)
2:07 PM: Found Spy Cookie: serving-sys cookie
2:07 PM: ashley@serving-sys[2].txt (ID = 3343)
2:07 PM: ashley@shopathomeselect[1].txt (ID = 3367)
2:07 PM: Found Spy Cookie: spylog cookie
2:07 PM: ashley@spylog[1].txt (ID = 3415)
2:07 PM: Found Spy Cookie: onestat.com cookie
2:07 PM:
ashley@stat.onestat[2].txt (ID = 3098)
2:07 PM: Found Spy Cookie: statcounter cookie
2:07 PM: ashley@statcounter[2].txt (ID = 3447)
2:07 PM: Found Spy Cookie: webtrendslive cookie
2:07 PM:
ashley@statse.webtrendslive[1].txt (ID = 3667)
2:07 PM: Found Spy Cookie: targetnet cookie
2:07 PM: ashley@targetnet[1].txt (ID = 3489)
2:07 PM: Found Spy Cookie: tickle cookie
2:07 PM: ashley@tickle[2].txt (ID = 3529)
2:07 PM: Found Spy Cookie: tradedoubler cookie
2:07 PM: ashley@tradedoubler[1].txt (ID = 3575)
2:07 PM: Found Spy Cookie: trafficmp cookie
2:07 PM: ashley@trafficmp[1].txt (ID = 3581)
2:07 PM: Found Spy Cookie: tribalfusion cookie
2:07 PM: ashley@tribalfusion[2].txt (ID = 3589)
2:07 PM: Found Spy Cookie: tripod cookie
2:07 PM: ashley@tripod[1].txt (ID = 3591)
2:07 PM:
ashley@vip.clickzs[2].txt (ID = 2413)
2:07 PM: Found Spy Cookie: burstbeacon cookie
2:07 PM:
ashley@www.burstbeacon[1].txt (ID = 2335)
2:07 PM:
ashley@www.screensavers[2].txt (ID = 3298)
2:07 PM:
ashley@www.shopathomeselect[2].txt (ID = 3368)
2:07 PM: Found Spy Cookie: stlyrics cookie
2:07 PM:
ashley@www.stlyrics[2].txt (ID = 3462)
2:07 PM: Found Spy Cookie: xiti cookie
2:07 PM: ashley@xiti[2].txt (ID = 3717)
2:07 PM: Found Spy Cookie: yadro cookie
2:07 PM: ashley@yadro[1].txt (ID = 3743)
2:07 PM: ashley@yieldmanager[1].txt (ID = 3749)
2:07 PM:
ashley@z1.adserver[1].txt (ID = 2142)
2:07 PM: Found Spy Cookie: zedo cookie
2:07 PM: ashley@zedo[2].txt (ID = 3762)
2:07 PM: amy@2o7[1].txt (ID = 1957)
2:07 PM: amy@about[1].txt (ID = 2037)
2:07 PM:
amy@adopt.specificclick[2].txt (ID = 3400)
2:07 PM:
amy@ads.pointroll[2].txt (ID = 3148)
2:07 PM: amy@advertising[2].txt (ID = 2175)
2:07 PM:
amy@as-us.falkag[1].txt (ID = 2650)
2:07 PM: amy@atdmt[2].txt (ID = 2253)
2:07 PM: amy@atwola[1].txt (ID = 2255)
2:07 PM: Found Spy Cookie: a cookie
2:07 PM: amy@a[1].txt (ID = 2027)
2:07 PM: amy@belnk[1].txt (ID = 2292)
2:07 PM: amy@bluestreak[1].txt (ID = 2314)
2:07 PM:
amy@bs.serving-sys[1].txt (ID = 2330)
2:07 PM: Found Spy Cookie: goclick cookie
2:07 PM:
amy@c.goclick[2].txt (ID = 2733)
2:07 PM: amy@centrport[2].txt (ID = 2374)
2:07 PM: Found Spy Cookie: hitslink cookie
2:07 PM:
amy@counter.hitslink[2].txt (ID = 2790)
2:07 PM: amy@coxhsi.112.2o7[1].txt (ID = 1958)
2:07 PM: Found Spy Cookie: 360i cookie
2:07 PM: amy@ct.360i[1].txt (ID = 1962)
2:07 PM:
amy@data.coremetrics[1].txt (ID = 2472)
2:07 PM:
amy@dist.belnk[2].txt (ID = 2293)
2:07 PM:
amy@edge.ru4[1].txt (ID = 3269)
2:07 PM:
amy@entertaining.about[2].txt (ID = 2038)
2:07 PM: amy@fastclick[1].txt (ID = 2651)
2:07 PM: amy@gateway.122.2o7[1].txt (ID = 1958)
2:07 PM: Found Spy Cookie: humanclick cookie
2:07 PM:
amy@hc2.humanclick[1].txt (ID = 2810)
2:07 PM: amy@nextag[1].txt (ID = 5014)
2:07 PM:
amy@perf.overture[1].txt (ID = 3106)
2:07 PM: amy@questionmarket[1].txt (ID = 3217)
2:07 PM: amy@realmedia[1].txt (ID = 3235)
2:07 PM: amy@revenue[1].txt (ID = 3257)
2:07 PM:
amy@sel.as-us.falkag[2].txt (ID = 2650)
2:07 PM: Found Spy Cookie: servedby advertising cookie
2:07 PM:
amy@servedby.advertising[1].txt (ID = 3335)
2:07 PM: amy@serving-sys[2].txt (ID = 3343)
2:07 PM: amy@tripod[1].txt (ID = 3591)
2:07 PM:
amy@z1.adserver[1].txt (ID = 2142)
2:07 PM: amy@zedo[1].txt (ID = 3762)
2:07 PM: me@ask[1].txt (ID = 2245)
2:07 PM: me@belnk[1].txt (ID = 2292)
2:07 PM:
me@dist.belnk[2].txt (ID = 2293)
2:07 PM: me@spylog[1].txt (ID = 3415)
2:07 PM: me@statcounter[2].txt (ID = 3447)
2:07 PM: me@tribalfusion[2].txt (ID = 3589)
2:07 PM: Cookie Sweep Complete, Elapsed Time: 00:00:10
2:07 PM: Starting File Sweep
2:52 PM: Warning: Failed to open file "c:\documents and settings\me\my documents\my videos\new folder\33.zip:zone.identifier". The system cannot find the file specified
2:52 PM: Found Adware: coolwebsearch (cws)
2:52 PM: dc1.url (ID = 54373)
2:52 PM: dc2.url (ID = 54472)
2:52 PM: Found Adware: directrevenue-abetterinternet
2:52 PM: a0023077.inf (ID = 83267)
2:52 PM: a0023085.inf (ID = 83180)
2:52 PM: a0023087.inf (ID = 83223)
2:52 PM: a0023089.inf (ID = 83267)
2:52 PM: a0023075.inf (ID = 83180)
2:52 PM: a0024303.ini (ID = 83499)
2:52 PM: a0023076.inf (ID = 83223)
2:54 PM: File Sweep Complete, Elapsed Time: 00:47:13
2:54 PM: Full Sweep has completed. Elapsed time 00:46:55
2:54 PM: Traces Found: 166
3:01 PM: Removal process initiated
3:02 PM: Quarantining All Traces: directrevenue-abetterinternet
3:02 PM: Quarantining All Traces: popuper
3:02 PM: Quarantining All Traces: security2k hijacker
3:02 PM: Quarantining All Traces: trojan-downloader-zlob
3:02 PM: Quarantining All Traces: coolwebsearch (cws)
3:02 PM: Quarantining All Traces: 2o7.net cookie
3:02 PM: Quarantining All Traces: 360i cookie
3:02 PM: Quarantining All Traces: 64.62.232 cookie
3:02 PM: Quarantining All Traces: 888 cookie
3:02 PM: Quarantining All Traces: a cookie
3:02 PM: Quarantining All Traces: about cookie
3:02 PM: Quarantining All Traces: addynamix cookie
3:02 PM: Quarantining All Traces: adecn cookie
3:02 PM: Quarantining All Traces: adjuggler cookie
3:02 PM: Quarantining All Traces: adknowledge cookie
3:02 PM: Quarantining All Traces: ad-logics cookie
3:02 PM: Quarantining All Traces: adorigin cookie
3:02 PM: Quarantining All Traces: adrevolver cookie
3:02 PM: Quarantining All Traces: ads.adsag cookie
3:02 PM: Quarantining All Traces: adserver cookie
3:02 PM: Quarantining All Traces: advertising cookie
3:02 PM: Quarantining All Traces: apmebf cookie
3:02 PM: Quarantining All Traces: ask cookie
3:02 PM: Quarantining All Traces: atlas dmt cookie
3:02 PM: Quarantining All Traces: atwola cookie
3:02 PM: Quarantining All Traces: banner cookie
3:02 PM: Quarantining All Traces: belnk cookie
3:02 PM: Quarantining All Traces: bluestreak cookie
3:02 PM: Quarantining All Traces: bravenet cookie
3:02 PM: Quarantining All Traces: bs.serving-sys cookie
3:02 PM: Quarantining All Traces: burstbeacon cookie
3:02 PM: Quarantining All Traces: burstnet cookie
3:02 PM: Quarantining All Traces: casalemedia cookie
3:02 PM: Quarantining All Traces: cc214142 cookie
3:02 PM: Quarantining All Traces: centrport net cookie
3:02 PM: Quarantining All Traces: clickagents cookie
3:02 PM: Quarantining All Traces: clickandtrack cookie
3:02 PM: Quarantining All Traces: clickbank cookie
3:02 PM: Quarantining All Traces: clickzs cookie
3:02 PM: Quarantining All Traces: commission junction cookie
3:02 PM: Quarantining All Traces: coremetrics cookie
3:02 PM: Quarantining All Traces: did-it cookie
3:02 PM: Quarantining All Traces: empnads cookie
3:02 PM: Quarantining All Traces: experclick cookie
3:02 PM: Quarantining All Traces: falkag cookie
3:02 PM: Quarantining All Traces: fastclick cookie
3:02 PM: Quarantining All Traces: findwhat cookie
3:02 PM: Quarantining All Traces: goclick cookie
3:02 PM: Quarantining All Traces: hbmediapro cookie
3:02 PM: Quarantining All Traces: hitslink cookie
3:02 PM: Quarantining All Traces: hotbar cookie
3:02 PM: Quarantining All Traces: humanclick cookie
3:02 PM: Quarantining All Traces: hypertracker.com cookie
3:02 PM: Quarantining All Traces: ic-live cookie
3:02 PM: Quarantining All Traces: maxserving cookie
3:02 PM: Quarantining All Traces: nextag cookie
3:02 PM: Quarantining All Traces: offeroptimizer cookie
3:02 PM: Quarantining All Traces: onestat.com cookie
3:02 PM: Quarantining All Traces: one-time-offer cookie
3:02 PM: Quarantining All Traces: overture cookie
3:02 PM: Quarantining All Traces: paypopup cookie
3:02 PM: Quarantining All Traces: pointroll cookie
3:02 PM: Quarantining All Traces: pro-market cookie
3:02 PM: Quarantining All Traces: qksrv cookie
3:02 PM: Quarantining All Traces: questionmarket cookie
3:02 PM: Quarantining All Traces: realmedia cookie
3:02 PM: Quarantining All Traces: reunion cookie
3:02 PM: Quarantining All Traces: revenue.net cookie
3:02 PM: Quarantining All Traces: rn11 cookie
3:02 PM: Quarantining All Traces: ru4 cookie
3:02 PM: Quarantining All Traces: screensavers.com cookie
3:02 PM: Quarantining All Traces: servedby advertising cookie
3:02 PM: Quarantining All Traces: server.iad.liveperson cookie
3:02 PM: Quarantining All Traces: serving-sys cookie
3:02 PM: Quarantining All Traces: shop@home cookie
3:02 PM: Quarantining All Traces: specificclick.com cookie
3:02 PM: Quarantining All Traces: spylog cookie
3:02 PM: Quarantining All Traces: statcounter cookie
3:02 PM: Quarantining All Traces: stlyrics cookie
3:02 PM: Quarantining All Traces: targetnet cookie
3:02 PM: Quarantining All Traces: tickle cookie
3:02 PM: Quarantining All Traces: tradedoubler cookie
3:02 PM: Quarantining All Traces: trafficmp cookie
3:02 PM: Quarantining All Traces: tribalfusion cookie
3:02 PM: Quarantining All Traces: tripod cookie
3:02 PM: Quarantining All Traces: websponsors cookie
3:02 PM: Quarantining All Traces: webtrendslive cookie
3:02 PM: Quarantining All Traces: xiti cookie
3:02 PM: Quarantining All Traces: yadro cookie
3:02 PM: Quarantining All Traces: yieldmanager cookie
3:02 PM: Quarantining All Traces: zedo cookie
3:20 PM: Removal process completed. Elapsed time 00:19:03
********
2:00 PM: | Start of Session, Sunday, November 20, 2005 |
2:00 PM: Spy Sweeper started
2:00 PM: Your spyware definitions have been updated.
2:01 PM: | End of Session, Sunday, November 20, 2005 |
Ewido
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{0519A9C9-064A-4cbc-BC47-D0EACD581477} -> Spyware.Icoo : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{465A59EC-20E5-4fca-A38A-E5EC3C480218} -> Spyware.Icoo : Cleaned with backup
HKLM\SOFTWARE\Classes\icoou.ICOODManager\CLSID\\ -> Spyware.Icoo : Cleaned with backup
HKLM\SOFTWARE\Classes\icoou.ICOODManager.1\CLSID\\ -> Spyware.Icoo : Cleaned with backup
HKLM\SOFTWARE\Classes\icooue.ICOOEHandler.1\CLSID\\ -> Spyware.Icoo : Cleaned with backup
HKLM\SOFTWARE\Classes\icooue.ICOOExternal\CLSID\\ -> Spyware.Icoo : Cleaned with backup
C:\!KillBox\svchosts.dll -> Not-A-Virus.Downloader.Win32.Spax.a : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@bs.serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@centrport[2].txt -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@citi.bridgetrack[2].txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@counter.hitslink[2].txt -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@coxhsi.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@data.coremetrics[1].txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@ehg-console.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@ehg-kohls.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@ehg-legalmatch.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@fastclick[1].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@gateway.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@mediaplex[2].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@revenue[1].txt -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@sel.as-us.falkag[2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@servedby.advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Amy\Cookies\amy@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@a.shopathomeselect[1].txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@ad-logics[1].txt -> Spyware.Cookie.Ad-logics : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@adorigin[2].txt -> Spyware.Cookie.Adorigin : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@ads.addynamix[2].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@as-eu.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@bfast[2].txt -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@bs.serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@casalemedia[2].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@centrport[1].txt -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@citi.bridgetrack[1].txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@clickagents[1].txt -> Spyware.Cookie.Clickagents : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@commission-junction[2].txt -> Spyware.Cookie.Commission-junction : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@coxhsi.112.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@cz8.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@data.coremetrics[1].txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@edge.ru4[2].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@ehg-mbm.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@ehg-shoes.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@findwhat[1].txt -> Spyware.Cookie.Findwhat : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@gateway.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@hypertracker[2].txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@mediaplex[2].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@msnportal.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@mt.valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@pro-market[2].txt -> Spyware.Cookie.Pro-market : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@qksrv[2].txt -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@revenue[2].txt -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@rotator.adjuggler[2].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@server.iad.liveperson[2].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@shopathomeselect[1].txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@spylog[1].txt -> Spyware.Cookie.Spylog : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@stat.onestat[2].txt -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@statcounter[2].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@statse.webtrendslive[1].txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@targetnet[1].txt -> Spyware.Cookie.Targetnet : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@valueclick[2].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@vip.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@www.burstbeacon[1].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@www.shopathomeselect[2].txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Ashley\Cookies\ashley@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Documents and Settings\Me\Cookies\me@stats.adbrite[2].txt -> Spyware.Cookie.Adbrite : Cleaned with backup
C:\WINDOWS\system32\1024\ld9E66.tmp -> TrojanDropper.Small.ahg : Cleaned with backup
Hijack This
Logfile of HijackThis v1.99.1
Scan saved at 3:32:29 PM, on 11/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\eMachines Bay Reader\shwiconem.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\aim\aim.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Mach5 Software\Kremlin\Kremlin Sentry.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\SecuritySuite.exe
C:\Documents and Settings\Me\My Documents\Hijack this\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.emachines.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.emachines.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://securityresponse.symantec.com/av ... _homepage/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.emachines.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 151.164.228.114:8000
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: HomepageBHO - {7caf96a2-c556-460a-988e-76fc7895d284} - C:\WINDOWS\system32\hp8A4E.tmp
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\eMachines Bay Reader\shwiconem.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\aim\aim.exe -cnetwait.odl
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Startup: Kremlin Sentry.LNK = C:\Program Files\Mach5 Software\Kremlin\Kremlin Sentry.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AOL Instant Messenger (SM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) -
http://web1.shutterfly.com/downloads/Uploader.cab
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe