Thank you so much for the instructions! I have done everything and will post the Hijack This and Ewido logs. I have Zone Alarm for a firewall. What is the best software to help keep all of this spyware off of the computer? The kids use Instant Messenger and iTunes. I appreciate all of your help and expertise!
HijackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 12:12:07 AM, on 10/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\HPINST~1\Pavilion\XPHNABS3EN\plugin\bin\pchbutton.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\SpywareGuard\sgmain.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\AOL\1128043387\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1128043387\ee\AOLServiceHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6711
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1128043387\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\Pavilion\XPHNABS3EN\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone:
http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: RaptisoftGameLoader -
http://www.miniclip.com/hamsterball/rap ... loader.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) -
http://usercenter.cox.net/rsuite/sdccom ... gctlcm.jsp
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) -
http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) -
http://www.mathxl.com/wizmodules/testge ... nstall.cab
O16 - DPF: {9C3E8350-5873-4D8E-A1D4-DCB9E885E86D} (CYBSnoop Control) -
http://www.cybersitterhelp.com/snooper/ ... XSnoop.ocx
O16 - DPF: {C4DD6732-1E82-4AE7-BD94-180331B84082} (DeltaCVX Control) -
http://www.mathxl.com/applets/deltacvx.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Ewido Log:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 11:57:39 PM, 10/21/2005
+ Report-Checksum: 9B583B1D
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} -> Spyware.NetNucleus : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{0F2A4ADC-DABF-4980-8DB4-19F67D7B1F95} -> Spyware.ClearSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{0F2A4ADC-DABF-4980-8DB4-19F67D7B1F95}\TypeLib\\ -> Spyware.ClearSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{8C505A6B-124B-4768-8FD3-1A066C839848} -> Spyware.BlazeFind : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{8C505A6B-124B-4768-8FD3-1A066C839848}\TypeLib\\ -> Spyware.BlazeFind : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{E82431BF-E8A2-45CA-8361-E5517588CDA1}\TypeLib\\ -> Spyware.RelatedLinks : Cleaned with backup
HKLM\SOFTWARE\Dsi -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75} -> Spyware.NetNucleus : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\Mvu -> Spyware.Delfin : Cleaned with backup
HKU\S-1-5-21-3627264205-4118304944-2170005720-1006\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{120E090D-9136-4b78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Cleaned with backup
HKU\S-1-5-21-3627264205-4118304944-2170005720-1006\Software\Mvu -> Spyware.Delfin : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.226:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.289:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.290:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.291:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.295:C:\Documents and Settings\Kids\Application Data\Mozilla\Firefox\Profiles\qev59s3m.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Kids\Cookies\kids@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Kids\Cookies\kids@e-2dj6wfl4ogc5eaq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kids\Cookies\kids@e-2dj6wfliokdpclp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kids\Cookies\kids@e-2dj6wjkocodjgho.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kids\Cookies\kids@e-2dj6wjny-1pcpwk.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kids\Cookies\kids@e-2dj6wjnygid5mgp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kids\Local Settings\Temp\dinst.exe -> TrojanDownloader.Intexp.d : Cleaned with backup
C:\install_george.exe.tcf -> Spyware.PurityScan : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\0AC1D626-6F69-4D1C-811A-05EEAF\B0DFD8EB-231E-430D-9D67-11DFBF -> Spyware.Delfin : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\3E516BD1-02BE-4248-A27A-AE2D15\ED85D7DB-459B-4618-ABAE-E5648B -> Spyware.Hijacker.Generic : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\6E2078FC-44D7-4ED9-B834-E40FF9\5DADCC8E-4C58-4677-B159-69DC14 -> Trojan.Stervis.d : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\6E2078FC-44D7-4ED9-B834-E40FF9\607ACD8A-05F0-45A3-8F24-51B7A1 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\753BDA3F-B237-4C61-8D1E-2FC6DF\78BD5D62-6602-456B-BF17-563663 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\79EC92CD-0360-4F0A-9EEB-08F24D\EE4CAE7C-E758-4A34-BBA6-B6146A -> Trojan.Agent.iw : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\7B83051C-354A-4883-8944-EB9649\905B1DBC-1755-482C-9636-C0B2D0 -> Spyware.Hijacker.Generic : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\8002425B-F2F0-4B24-BFD0-C0B5A3\0B4A1B5B-11C7-4090-BB5A-B5EB8D -> Spyware.Hijacker.Generic : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\82FC3226-511A-4B86-BC57-289182\1B932D33-DC7B-4DDB-AA7C-61A615 -> Trojan.Agent.ic : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\8B0597DC-F268-4C7B-AB5D-770070\9B51D5D9-32FC-4D20-BC31-061C2C -> Adware.SAHA : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\8CCF143D-A59D-42FC-AF77-3C4688\3FB5A92D-77DC-4FCA-AF1D-F8177B -> Trojan.Agent.db : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\9E9F0A07-E26D-4307-BE4D-90A1C6\368BE39B-D213-4077-8F61-7BC04B -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\9E9F0A07-E26D-4307-BE4D-90A1C6\59288B35-966B-49C3-BC5B-101BD8 -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\9E9F0A07-E26D-4307-BE4D-90A1C6\9F21B7A6-748B-4EDF-9263-7BE358 -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\CB640A48-C1B4-4203-8BB0-B69556\881E12B3-720D-4297-9994-B842DE -> Trojan.Agent.db : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\CCA95F34-B3E7-4EFE-98AA-27FA36\0D841EC0-95F7-4BF6-B4C9-E2E593 -> Adware.SaveNow : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\CCA95F34-B3E7-4EFE-98AA-27FA36\48151C21-F987-4C71-BF8D-0E5D58 -> Spyware.Getmirar : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\CF37213D-D2F1-4CCB-9BCA-C4D7B4\2F449B8C-9DED-4FFF-AC7C-B24065 -> Trojan.Agent.db : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\DBF40DD3-8DB0-439E-9DE6-202C8C\729FC938-E917-46EC-A606-D30481 -> Trojan.Agent.km : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc123\setup4021.cab/liqp7c25q_.dll -> Adware.SAHA : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc123\setup4021.cab/atrc8parb_.exe -> Adware.SAHA : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc123\setup4021.cab/umqltg4cl_.exe -> Adware.SAHA : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc123\setup4021.cab/hqrhil7kg_.exe -> Adware.SAHA : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc123\setup4021.cab/umqltg4cl_.ini -> Adware.SAHA : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc123\setup4021.cab/update.exe -> Adware.SAHA : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc123\umqltg4cl_.ini -> Adware.SAHA : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc20.tmp\thnall1z.exe -> Adware.BetterInternet : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc232.tmp -> TrojanDownloader.Siboco : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc438.tcf/clientax.dll -> Spyware.180Solutions : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc438.tcf/clientax.dll -> Spyware.180Solutions : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc600.tmp -> Spyware.180Solutions : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc602.tmp/clientax.dll -> Spyware.180Solutions : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc602.tmp/clientax.dll -> Spyware.180Solutions : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc704.tcf -> TrojanDownloader.IstBar : Cleaned with backup
C:\RECYCLER\S-1-5-21-3627264205-4118304944-2170005720-1006\Dc91.tmp\m67m.ocx -> Spyware.MediaMotor : Cleaned with backup
C:\temp\WinTaskAdInstPack.exe -> Spyware.WinAD : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\installer_MARKETING48.exe.tcf -> TrojanDownloader.Adload.a : Cleaned with backup
C:\WINDOWS\gpwtcf.exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\Nail.exe.tcf -> Trojan.Agent.km : Cleaned with backup
C:\WINDOWS\Nail.exe5758.tcf -> Trojan.Agent.km : Cleaned with backup
C:\WINDOWS\system32\MSAgentXP.exe.tcf -> TrojanDownloader.Reqlook.c : Cleaned with backup
C:\WINDOWS\system32\wnsintcc.exe.tcf -> Spyware.PurityScan : Cleaned with backup
C:\WINDOWS\yrnrnc.exe -> Adware.BetterInternet : Cleaned with backup
::Report End