Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer is acting weird

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer is acting weird

Unread postby williesbest2 » October 10th, 2005, 5:21 pm

Every once in a while my internet just seems to freeze and then all of a sudden I can't do anything on the internet, until I unplug my modem and turn off my computer and turn it back on. My hijackthis log is below:

Logfile of HijackThis v1.99.1
Scan saved at 4:19:25 PM, on 10/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\BigFix\BigFix.exe
C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?LinkId= ... lcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 8346180730
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://support.gateway.com/eSupport/sta ... launch.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ ... brkpie.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
User avatar
williesbest2
Regular Member
 
Posts: 62
Joined: September 25th, 2005, 11:50 pm
Advertisement
Register to Remove

Unread postby NonSuch » October 12th, 2005, 4:03 pm

Hi there, and welcome to the forums!

You have Counterspy and SpywareGuard running. Please disable them both before fixing the following entries in HijackThis...

Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ ... brkpie.cab


Click on Fix Checked when finished and exit HijackThis.

Your log actually looks fairly clean and your current problem may have nothing to do with malware; but to make sure that your system really is that clean I'll need you to do several scans for me. When you do the ewido scan it is extremely important that you run it in Safe Mode otherwise it will not delete all the various infections it is capable of deleting. Also, while ewido is scanning, do nothing else on your computer and have all other windows closed.

First, download, install, and run CCleaner (so the scans won't take as long because CCleaner will clear out temporary files) *NOTE* CCleaner deletes EVERYTHING out of temp/temporary folders. If you have anything in a temp folder, back it up or move it to a permanent folder prior to running CCleaner!

Download CCleaner from here to clean temp files from your computer.
  • Double click on the file to start the installation of the program.
  • Select your language and click OK, then next.
  • Read the license agreement and click I Agree.
  • Click next to use the default install location. Click Install then finish to complete installation.
  • Double click the CCleaner shortcut on the desktop to start the program.
  • On the "Windows" tab, under "Internet Explorer," uncheck "Cookies" if you do not want them deleted. (If deleted, you will likely need to reenter your passwords at all sites where a cookie is used to recognize you when you visit).
  • If you use either the Firefox or Mozilla browsers, the box to uncheck for "Cookies" is on the Applications tab, under Firefox/Mozilla.
  • Click on "Options" at the top of the window, then click on the advanced" button.
    deselect "Only delete files in Windows Temp folders older than 48 hours." Click on "OK."
  • Click Run Cleaner to run the program.
  • Caution: It is not recommended that you use the "Issues" feature unless you are very familiar with the registry as it has been known to find legitimate items.
  • After CCleaner has completed its process, click Exit.
Please download ewido Security Suite
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu."
  • Launch ewido, there should be a big "E" icon on your desktop, double-click it.
  • The program will prompt you to update click the "OK" button
  • The program will now go to the main screen

    You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Click on Start

    The update will start and a progress bar will show the updates being installed. After the updates are installed, exit ewido.

    Once the updates are installed do the following:
  • If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.
  • Reboot into Safe Mode, you can do this by restarting your computer, then contiunally tapping F8 until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter. Then, run ewido.
  • Close all open windows/programs/folders. Have nothing else open while ewido performs its scan!
  • Click on scanner
  • Click on Settings
    • Under "How to scan" all boxes should be selected
    • Under "Possibly unwanted software" all boxes should be selected
    • Under "What to scan" select scan every file
    • Click OK
  • Click on Complete system scan
  • Let the program scan the machine
  • If ewido finds anything, it will pop up a notification. NOTE: We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is
    legitimate (for example, parts of AVG Antivirus, AOL, pcAnywhere and the game "Risk" have been flagged. In particular, watch for alerts that have the word "Heuristic" in them - if you recognize the file name as "friendly," these may actually be false positives) select "none" as the action. DO NOT check "Perform action with all infections." If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.

    Once the scan has completed, there will be a button located on the bottom of the screen named Save report.
  • Click Save report
  • Save the report to your desktop

Reboot into normal mode.

Then, please run this online virus scan:
ActiveScan

Save the results from ActiveScan.

Download, install, update, configure and run a scan with Ad-aware SE v1.06:
  1. Download and Install AdAware SE Personal, keeping the default options. However, some of the settings will need to be changed before your first scan.
  2. Close ALL windows except Ad-Aware SE.
  3. Click on the‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware.
  4. Once the update is finished click on the ‘Gear’ icon (second from the left at the top of the window) to access the preferences/settings window:
    1. In the ‘General’ window make sure the following are selected in
      green:
      • Under Safety:
        • Automatically save log-file
        • Automatically quarantine objects prior to removal
        • Safe Mode (always request confirmation)
      • Under Definitions:
        • Prompt to update outdated definitions - set the number of days
  5. Click on the ‘Scanning’ button on the left and select in
    green:
    1. Under Driver, Folders & Files:
      • Scan Within Archives
    2. Under Select drives & folders to scan:
      • choose all hard drives
    3. Under Memory & Registry: all green
      • Scan Active Processes
      • Scan Registry
      • Deep Scan Registry
      • Scan my IE favorites for banned URL’s
      • Scan my Hosts file
  6. Click on the ‘Advanced’ button on the left and select in green:
    1. Under Shell Integration:
      • Move deleted files to recycle bin
    2. Under Logfile Detail Level: all green
      • include addtional object information
      • DESELECT - include negligible objects information
      • include environment information
    3. Under Alternate Data Streams:
      • Don't log streams smaller than 0 bytes
      • Don't log ADS with the following names: CA_INOCULATEIT
  7. Click the ‘Tweak’ button and select in green:
    1. Under ‘Scanning Engine’:
      • Unload recognized processes during scanning
      • Scan registry for all users instead of current user only
    2. Under ‘Cleaning Engine’:
      • Let Windows remove files in use at next reboot
    3. Under Log Files:
      • Include basic Ad-aware SE settings in logfile
      • Include additional Ad-aware SE settings in logfile
      • Please do not check: Include Module list in logfile
  8. Click on ‘Proceed’ to save the settings.
  9. Click ‘Start’
  10. Choose 'Perform Full System Scan'
  11. DESELECT "Search for negligible risk entries", as negligible risk entries (MRU's) are not considered to be a threat.
  12. Click ‘Next’ and Ad-Aware SE will scan your hard drive(s) with the options you have selected and clean automatically.
  13. If Ad-Aware SE finds bad entries, you will receive a list of what it found in the window.
  14. Right-click on the list and choose Select All
  15. Click the Next button to finish removing the items that were found.
  16. When finished, REBOOT to complete the removal of what Ad-Aware SE found

Please post the log from Ewido, the log from ActiveScan, and a new HiJackThis log into this topic. Do NOT post the Ad-aware log.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California

Unread postby williesbest2 » October 13th, 2005, 7:21 am

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 6:19:24 AM, 10/13/2005
+ Report-Checksum: A4F355C5

+ Scan result:

:mozilla.42:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.330:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.331:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.364:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.383:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.384:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.385:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.386:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.387:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.388:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.389:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.390:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.391:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.392:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.394:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.395:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.396:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.397:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.398:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.399:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.400:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.401:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.402:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.403:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.404:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.405:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.406:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.407:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.408:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.409:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.410:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.411:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.412:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.413:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.414:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.415:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.416:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.417:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.418:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.419:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.420:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.421:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.422:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.423:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.425:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.426:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.427:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.428:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.433:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.434:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.436:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.437:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.438:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.439:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.440:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.441:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.442:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.443:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.444:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.445:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.446:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.447:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.448:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.449:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.450:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.451:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.453:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.454:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.455:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.456:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.457:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.458:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.459:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.460:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.461:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.462:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.463:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.464:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.465:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.466:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.467:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.468:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.469:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.470:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.471:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.472:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.474:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.475:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.478:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.479:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.480:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.481:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.482:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.484:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.486:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.487:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.488:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.489:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.490:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.491:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.492:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.493:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.498:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.499:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.500:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.501:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.502:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.503:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.510:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.511:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.512:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.513:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.514:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.515:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.516:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.517:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.519:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.536:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.537:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.538:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.539:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.540:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.541:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.542:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.549:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.550:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.555:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.574:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.575:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.576:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.577:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.578:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.579:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.583:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.584:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.585:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.597:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
:mozilla.606:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.607:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.608:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.609:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.620:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.623:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.625:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.626:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.627:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.628:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.629:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.630:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.631:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.632:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.634:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.635:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.636:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.644:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.653:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.654:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.655:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.656:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.657:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.665:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.672:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.688:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.689:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.699:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.700:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.703:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.706:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.707:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.716:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Directnetadvertising : Cleaned with backup
:mozilla.717:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Directnetadvertising : Cleaned with backup
:mozilla.728:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.729:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.733:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.737:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.742:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.770:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.771:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.772:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.781:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.782:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.792:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.795:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.797:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.808:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.809:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.810:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.811:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.813:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.832:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.833:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.842:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.843:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.844:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.845:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.850:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.894:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.912:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hotlog : Cleaned with backup
:mozilla.921:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.926:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.927:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.928:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.931:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.962:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.963:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.968:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.970:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.979:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.980:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjligldpagq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\U7IXOTQF\cpbrkpie[1].cab/cpbrkpie.ocx -> Spyware.Coupons : Cleaned with backup
C:\Program Files\Mozilla Firefox\FireDLL.dll -> TrojanNotifier.Small.a : Cleaned with backup
C:\WINDOWS\cpbrkpie.ocx -> Spyware.Coupons : Cleaned with backup
C:\WINDOWS\system32\MRT.exe -> Heuristic.Win32.AVKiller : Cleaned with backup


::Report End

That's from Ewido. I'll post a HijackThis log in a little while.
User avatar
williesbest2
Regular Member
 
Posts: 62
Joined: September 25th, 2005, 11:50 pm

Unread postby williesbest2 » October 13th, 2005, 7:23 am

Logfile of HijackThis v1.99.1
Scan saved at 6:22:31 AM, on 10/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?LinkId= ... lcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 8346180730
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://support.gateway.com/eSupport/sta ... launch.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ ... brkpie.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS


O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ ... brkpie.cab Is still there after safe mode removal, detection, and delete. It's back. Thanks for your help by the way.
User avatar
williesbest2
Regular Member
 
Posts: 62
Joined: September 25th, 2005, 11:50 pm

Unread postby NonSuch » October 13th, 2005, 8:55 am

Hello, williesbest2! :)

First, let me assure you that this is not a virus or a trojan. It is detected as a "potentially unwanted program." It is a direct-marketing application that delivers coupon offers to end users. Let's see if we can get rid of it for you.

Please print out the following instructions so you will have them readily at hand...
  • Next, make certain that you have all applications disabled that would block potential changes to the registry or prevent removal of programs...

    SpywareGuard

    Right click the running icon of SpywareGuard in the system tray to open the program. Then go to Menu, File, and choose Exit. It will automatically restart at next boot.

    CounterSpy

    1. Right-click the running icon of CounterSpy in the sytem tray.
    2. With your mouse, hover over Active Protection Status (This should be enabled).
    3. A menu will slide out and then you need to right click on "Disable Active Protection."
  • Go to your Control Panel's Add/Remove Programs to search for and remove any dubious appearing programs such as toolbars and/or search bars that you did not knowingly install. Look for anything related to "Coupons." If any are found, remove them.
  • Using Windows Explorer, navigate to and delete, if it still remains, the following file...

    C:\WINDOWS\cpbrkpie.ocx
  • Next, go here and delete all files from this folder...

    C:\WINDOWS\Downloaded Program Files\

  • Please run Notepad and paste the following text into a new file:

    REGEDIT4

    [-HKEY_CLASSES_ROOT\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}]


    Save the file to the desktop as fix.reg and make sure the "Save as Type" field says "All Files." Then please go to the desktop and double-click on fix.reg, and click "Yes" to merge it with the registry.

  • Copy the bold red text below into a new notepad document (not wordpad).
    Click file> save as...> call it Hijackthis.bat > save as file type *all files* > and save it to your desktop...

    @echo off
    cd\
    echo REGEDIT4>Temp.reg
    echo.>>Temp.reg
    echo [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx]>>Temp.reg
    echo "Flags"=dword:00000008>>Temp.reg
    echo [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\000]>>Temp.reg
    echo "runonce"="\"\\!HJT.bat\"">>Temp.reg
    echo.@echo off>!HJT.BAT
    Echo.echo Hijackthis will open before the windows desktop>>!HJT.BAT
    echo.echo Scan and Fix only what your forum adviser suggested>>!HJT.BAT
    echo pause>>!HJT.BAT
    echo.start hijackthis.exe>>!HJT.BAT
    echo.echo ONLY when finished with hijackthis close it and,..>>!HJT.BAT
    echo pause>>!HJT.BAT
    echo.del Temp.reg>>!HJT.BAT
    echo.CLS>>!HJT.BAT
    echo.exit>>!HJT.BAT
    regedit.exe /s Temp.reg
    echo Please restart your PC now
    Echo Just before the desktop loads Hijackthis will open,
    echo Scan and Fix only what your forum adviser suggested
    pause
    CLS
    exit


    Run HijackThis.bat then restart your PC.

    HijackThis will open before the desktop loads, scan and fix the following entry then close hijackthis...

    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4056/ ... brkpie.cab
  • When finished with all of the above, please scan with ewido again, exactly as before, then, in normal mode, scan with HijackThis and post a fresh HijackThis log and the results of the ewido scan into this same thread.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California

Unread postby williesbest2 » October 13th, 2005, 6:23 pm

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 5:22:02 PM, 10/13/2005
+ Report-Checksum: 7FABF619

+ Scan result:

:mozilla.43:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.328:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.329:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.362:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.381:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.382:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.383:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.384:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.385:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.386:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.387:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.388:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.389:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.390:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.392:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.393:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.394:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.395:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.396:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.397:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.398:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.399:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.400:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.401:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.402:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.403:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.404:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.405:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.406:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.407:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.408:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.409:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.410:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.411:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.412:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.413:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.414:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.415:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.416:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.417:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.418:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.419:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.420:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.421:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.422:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.423:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.425:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.426:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.431:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.432:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.433:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.434:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.436:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.437:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.438:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.439:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.440:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.441:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.442:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.443:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.444:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.445:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.446:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.447:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.448:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.449:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.450:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.451:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.453:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.454:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.455:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.456:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.457:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.458:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.459:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.460:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.461:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.462:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.463:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.464:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.465:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.466:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.467:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.468:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.469:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.470:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.471:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.472:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.474:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.475:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.478:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.479:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.480:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.482:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.484:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.485:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.486:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.487:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.488:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.489:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.490:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.491:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.496:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.497:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.498:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.499:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.500:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.501:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.508:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.509:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.510:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.511:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.512:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.513:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.514:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.515:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.517:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.534:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.535:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.536:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.537:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.538:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.539:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.540:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.541:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.547:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.548:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.553:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.572:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.573:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.574:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.575:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.576:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.577:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.582:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.583:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.595:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
:mozilla.604:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.605:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.606:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.607:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.618:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.621:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.623:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.624:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.625:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.626:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.627:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.628:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.629:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.631:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.632:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.633:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.641:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.650:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.651:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.652:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.653:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.654:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.662:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.669:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.685:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.686:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.696:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.697:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.700:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.703:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.704:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.713:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Directnetadvertising : Cleaned with backup
:mozilla.714:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Directnetadvertising : Cleaned with backup
:mozilla.725:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.726:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.730:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.734:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.738:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.766:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.767:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.768:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.777:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.778:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.788:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.791:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.793:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.804:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.805:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.806:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.807:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.809:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.828:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.829:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.838:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.839:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.840:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.841:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.846:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.890:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.908:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hotlog : Cleaned with backup
:mozilla.917:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.922:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.923:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.924:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.927:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.958:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.959:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.964:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.966:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.975:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.976:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\57rthiph.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup


::Report End
User avatar
williesbest2
Regular Member
 
Posts: 62
Joined: September 25th, 2005, 11:50 pm

Unread postby williesbest2 » October 13th, 2005, 6:52 pm

Logfile of HijackThis v1.99.1
Scan saved at 5:51:30 PM, on 10/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?LinkId= ... lcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 8346180730
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://support.gateway.com/eSupport/sta ... launch.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
User avatar
williesbest2
Regular Member
 
Posts: 62
Joined: September 25th, 2005, 11:50 pm

Unread postby NonSuch » October 13th, 2005, 7:13 pm

Well, williesbest2, that seems to have cleared it out. :D Hopefully, your system will now be more stable.

I see that ewido cleared out another large batch of spyware cookies. You may need to tighten up your security settings.

The following is what I normally post when a log is clean, which yours certainly appears to be now. Some of the information may not apply to your system, but I believe you'll find much of it to be useful.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

  1. Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.
    You can find instructions on how to enable and re enable system restore here:
    Managing Windows Millennium System Restore
    or
    Windows XP System Restore Guide
    re-enable system restore with instructions from tutorial above
  2. Make your Internet Explorer more secure - This can be done by following these simple instructions:

    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on the Security tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.

      1. Change the Download signed ActiveX controls to Prompt
      2. Change the Download unsigned ActiveX controls to Disable
      3. Change the Initialise and script ActiveX controls not marked as safe to Disable
      4. Change the Installation of desktop items to Prompt
      5. Change the Launching programs and files in an IFRAME to Prompt
      6. Change the Navigate sub-frames across different domains to Prompt
      7. When all these settings have been made, click on the OK button.
      8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
    5. Next press the Apply button and then the OK to exit the Internet Properties page.
  3. Use an Anti Virus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future. See this link for a listing of some online & their stand-alone anti virus programs:
    Computer Safety On line - Anti-Virus
  4. Update your Anti Virus Software - It is imperative that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.
  5. Use a Firewall - I cannot stress how important it is that you use a firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. For an article on firewalls and a listing of some available ones see the link below:
    Computer Safety On line - Software Firewalls
  6. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer always has the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  7. Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.
    This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here:
    Instructions for - Spybot S & D and Ad-aware
  8. Install Ad-Aware - Install and download Ad-Aware. You should also scan your computer with the program on a regular basis just as you would an anti virus software in conjunction with Spybot. A tutorial on installing & using this product can be found here:
    Instructions for - Spybot S & D and Ad-aware
  9. Install SpywareBlaster - SpywareBlaster will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A article on anti-malware products with links for this program and others can be found here:
    Computer Safety on line - Anti-Malware
  10. Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California

Unread postby williesbest2 » October 13th, 2005, 9:02 pm

Thanks for your help.
User avatar
williesbest2
Regular Member
 
Posts: 62
Joined: September 25th, 2005, 11:50 pm

Unread postby NonSuch » October 14th, 2005, 2:16 am

You're very welcome. :)
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California

Unread postby NonSuch » October 16th, 2005, 10:02 pm

Glad we could be of assistance.

This topic is now closed. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 490 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware