Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Hi, here is my Log File then...

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Hi, here is my Log File then...

Unread postby breeze » February 10th, 2006, 10:11 am

Hi guys, as requested in the title, here is my logfile from hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 14:11:02, on 10/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\anVzdGluIGZpZWxk\command.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\iNet Protector\IProtectorService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$PROVIDUSSTD\Binn\sqlservr.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\PGPserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\3Com\3Com OfficeConnect Wireless Utility\3Com Wireless 11g PC Card\PRISMSVR.EXE
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\sory.exe
C:\WINDOWS\Marketing Tips Messenger.exe
C:\Program Files\NETGEAR\WPN511\Utility\WPN511.exe
C:\Program Files\iNet Protector\iprotect.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\wintask.exe
C:\windows\winsysban7.exe
C:\WINDOWS\newfrn.exe
C:\Program Files\Mpqyt\Opbuu.exe
C:\WINDOWS\SYSC00.exe
C:\WINDOWS\ms055954611607.exe
C:\WINDOWS\win32075461160759.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Common Files\VCClient\VCMain.exe
C:\PROGRA~1\COMMON~1\ikqu\ikqum.exe
C:\Program Files\3Com\3Com OfficeConnect Wireless Utility\3Com Wireless 11g PC Card\Monitor.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\BT Voyager\BT Voyager Wireless\WLM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PGP Corporation\PGP for Windows XP\PGPtray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\COMMON~1\ikqu\ikqua.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\VCClient\VCClient.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HIJACKTHIS\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R3 - URLSearchHook: (no name) - _{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB57.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DSKEY] C:\WINDOWS\system32\DsKey.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\3Com\3Com OfficeConnect Wireless Utility\3Com Wireless 11g PC Card\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [REGRUN] C:\sory.exe
O4 - HKLM\..\Run: [Marketing Tips Messenger] C:\WINDOWS\Marketing Tips Messenger.exe
O4 - HKLM\..\Run: [AS00_WPN511] C:\Program Files\NETGEAR\WPN511\Utility\WPN511.exe -hide
O4 - HKLM\..\Run: [inetprot] "C:\Program Files\iNet Protector\iprotect.exe" tray
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd7.exe
O4 - HKLM\..\Run: [WinTask driver] C:\WINDOWS\system32\wintask.exe
O4 - HKLM\..\Run: [winsysban] C:\windows\winsysban7.exe
O4 - HKLM\..\Run: [NewFrn] C:\WINDOWS\newfrn.exe
O4 - HKLM\..\Run: [Gjjyn] C:\Program Files\Mpqyt\Opbuu.exe
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [ms055954611607] C:\WINDOWS\ms055954611607.exe
O4 - HKLM\..\Run: [win32075461160759] C:\WINDOWS\win32075461160759.exe
O4 - HKLM\..\Run: [win.exe] C:\WINDOWS\system32\win.exe
O4 - HKLM\..\Run: [MTE2ODI6ODoxNg.exe] C:\WINDOWS\system32\MTE2ODI6ODoxNg.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WPSched3] "C:\PROGRA~1\WEBPOS~1\WPSched3.exe" MINIMIZE
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [ikqu] C:\PROGRA~1\COMMON~1\ikqu\ikqum.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: 3Com Wireless 11g PC Card.lnk = C:\Program Files\3Com\3Com OfficeConnect Wireless Utility\3Com Wireless 11g PC Card\Monitor.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BT Voyager Wireless Utility.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: PGPtray.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: BT - {8D76BDB8-5A27-4E10-B492-ED32F0CF2B8A} - http://www.bt.com (file missing) (HKCU)
O9 - Extra button: Homepage - {DE23D815-3480-4D6B-BE0B-FD369AC8CF22} - http://bt.yahoo.com (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSIns ... ml350.html
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {5E0BD5F5-FF74-4436-BEBB-9B62298E2DD4} (Textinput Class) - http://www.aceflex.com/demos/aceflexb2c ... tmlctl.cab
O16 - DPF: {61F8894B-CA7F-4964-AB94-F5BC48EE79DD} (QSAPI Active WebMenu 2.0) - http://www.qsapi.com/Demos/AWM20/CAB/QS ... Menu20.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200 ... taller.exe
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://locator1.cdn.imagesrvr.com/sites ... nstall.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C762DC2-C685-4C5E-A179-16A42DF48735}: NameServer = 217.13.128.17,217.13.128.27
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF929751-7500-461A-A08E-4AA733344717}: NameServer = 192.168.0.2,217.13.128.17
O18 - Protocol: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\WINDOWS\system32\wowctl2.dll
O20 - Winlogon Notify: MCD - C:\WINDOWS\system32\mvn2l95o1.dll
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\anVzdGluIGZpZWxk\command.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Internet Protector System Service (InternetProtectorService) - Unknown owner - C:\Program Files\iNet Protector\IProtectorService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySQL41 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PGPserv - PGP Corporation - C:\WINDOWS\system32\PGPserv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\WINDOWS\Pointdev\VNC\WinVNC.exe" -service (file missing)

Thanks in advance for any help.

Best Regards

Breeze.
breeze
Regular Member
 
Posts: 41
Joined: February 10th, 2006, 10:08 am
Advertisement
Register to Remove

Unread postby amateur » February 10th, 2006, 8:41 pm

Hi Breeze, :D

Welcome to MR. :D You have quite a lot in there. :( No wonder! You have NO ANTIVIRUS. Please download and install one of the following free ones, update and run a full system scan before you do anything else: Make sure that you have only ONE antivirus running on your computer as more than one would cause conflict and render the computer vulnerable.

AVG Free here
Avast here
AntiVir here

Then, let's do some cleaning and see what we are left with.

Download ATF Cleaner by Atribune and save it to your Desktop.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Prefetch
Java Cache

The rest are optional - if you want to remove the lot, check "Select All".

Finally click Empty Selected. When you get the "Done Cleaning" message, click OK.

If you use the Firefox or Opera browsers, you can use this program as a quick way to tidy those up as well.

Firefox :
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Opera :
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

When you have finished, click on the Exit button in the Main menu.

For Technical Support, double-click the e-mail address located at the bottom of each menu

========================================================================

Download Ewido Security Suit

When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
From the main ewido screen, click on update in the left menu, then click the Start update button.
After the update finishes (the status bar at the bottom will display "Update successful") Do not run it yet.

========================================================
Download WebRoot SpySweeper from here (It's a 2 week trial):
  • Click the Free Trial link on the right - next to "SpySweeper for Home Computers" to download the program.
  • Double-click the file to install it as follows:
    • Click "Next", read the agreement, Click "Next"
    • Choose "Custom" click "Next".
    • Leave the default installation directory as it is, then click "Next".
    • UNcheck "Run SpySweeper at Windows Startup" and "Add Sweep for Spyware to Windows Explorer Context Menu". Click "Next".
    • On the following screen you can leave the e-mail address field blank, if you wish. Click "Next".
    • Finally, click "Install"
  • Once the program is installed, it will open.
  • It will prompt you to update to the latest definitions, click Yes.
  • Once the definitions are installed, click Options on the left side.
  • Click the Sweep Options tab.
  • Under What to Sweep please put a check next to the following:
    • Sweep Memory
    • Sweep Registry
    • Sweep Cookies
    • Sweep All User Accounts
    • Enable Direct Disk Sweeping
    • Sweep Contents of Compressed Files
    • Sweep for Rootkits
    • Please UNCHECK Do not Sweep System Restore Folder.
  • Click Shields on the left.
  • Click Internet Explorer and uncheck all items.
  • Click Windows System and uncheck all items.
  • Click Startup Programs and uncheck all items.
  • Click Sweep Now on the left side.
  • Click the Start button.
  • When it's done scanning, click the Next button.
  • Make sure everything has a check next to it, then click the Next button.
  • It will remove all of the items found.
  • Click Session Log in the upper right corner, copy everything in that window.
  • Click the Summary tab and click Finish.
  • Paste the contents of the session log you copied into your next reply.
  • After Spysweeper has finished and removed any items found, reboot your computer right away to ensure the infection is fully removed
Spy Sweeper initially quarantines the spyware it finds on your computer. DO NOT remove items from Quarantine, until after you verify your system still functions properly once spyware has been quarantined. After reboot ensure important programs still work before you remove any items from Quarantine.

=======================================================================

Download Spybot S & D

a. In the Menu Bar at the top of the Spybot window you will see 'Mode'. Make certain that 'default mode' has a check mark beside it.
b. Close ALL windows except Spybot S&D
c. Click the button to 'Search for Updates' then download and install the Updates. Remember to "immunize" after updating so that the latest definitions can be enabled.

Next click the button 'Check for Problems'
When Spybot is complete, it will be showing RED entries, BLACK entries and GREEN entries in the window.
Make sure that there is a check mark beside all of the RED entries ONLY.
Choose Fix Selected Problems and allow Spybot to fix the RED entries.

If it has trouble removing any spyware, you will get a message window, asking if it would be ok to run Spybot - S&D on the next reboot before any other applications start running. You should reply Yes to this. The next time you start Windows, Spybot will run automatically and fix any of the programs it could not fix previously.

At this point you will be presented with the list of found entries again, but now there will be large green checkmarks next to the items that Spybot - S&D was able to remove. The ones that are still checked but do not have the large green checkmark next to them will be fixed on the next reboot of windows. Reboot to clear memory.

==================================================

Please download the free Ad-Aware SE and install it. If you already have Ad-Aware SE, please configure it as indicated below. If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06.

Run Ad-Aware, and click Check for updates now.

Select Configurations (click the Gear wheel at the top) as follows:

  • General Button > Safety & Settings: Check (Green) all three.
  • Tweak Button > Cleaning Engine > UNcheck "Always try to unload modules before deletion".

Click Proceed.
To start the scan, Click > "Scan Now" at left

  • Deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat.
  • Select "Search for low-risk threats"
  • Select "Perform full system scan"
  • Click Next
4) When the scan has completed, select Next. [list]
[*]In the Scanning Results window, select the "Critical Objects" tab.
[*]Right-click on the screen and choose "Select all objects"
[*]Click Next to remove the infections found, and click OK to the prompt.
[*]Next, please reboot your computer in Safe Mode by doing the following:

After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear
Select the first option, to run Windows in Safe Mode.
Look in here for more information, if needed.

======================================================================

Run Ewido Security Suit

Click on the Scanner button in the left menu, then click on Settings, and under "What to scan?", select "Every file" then click ok.
Then click on Complete System Scan. This scan can take quite a while to run.

If during your scan Ewido "crashes" or "hangs", please try scanning again. Before running the scan, click on 'Scanner' (the 3rd bar from the top on the left) and Choose 'Settings'. Uncheck 'Scan in NTFS Alternate Data Streams' as this can cause problems in overly infected systems. Click 'OK' and then follow the instructions

If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.

When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.
=====================================================================

Reboot in Normal Mode to complete the scan and clear memory.

=====================================================================

Run Panda's ActiveScan from here and perform a full system scan.
- Once you are on the Panda site click the "Scan your PC" button
- A new window will open...click the big "Check Now" button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It will take a couple minutes)
- Click on "Local Disks" to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.

=======================================================================
Please post:
a new HijackThis log,
Spysweeper log,
Ewido report
Panda online Scan result


You may have to post them separately if they are too long.
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby breeze » February 13th, 2006, 9:09 am

Thanks Amateur,

I am going through these stages now and will post back the results.

Thank You for your time

Best Regards
Breeze
breeze
Regular Member
 
Posts: 41
Joined: February 10th, 2006, 10:08 am

Unread postby amateur » February 13th, 2006, 9:23 am

:thumbright:
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby breeze » February 13th, 2006, 11:21 am

Spy Sweeper:

********
13:39: | Start of Session, 13 February 2006 |
13:39: Spy Sweeper started
13:39: Sweep initiated using definitions version 613
13:39: Found Adware: surfsidekick
13:39: HKLM\software\microsoft\windows\currentversion\run\ || surfsidekick 3 (ID = 1055336)
13:39: Ssk.exe (ID = 1055336)
13:39: HKCR\clsid\{02ee5b04-f144-47bb-83fb-a60bd91b74a9}\inprocserver32\ (2 subtraces) (ID = 1055337)
13:39: SskBho.dll (ID = 1055337)
13:39: Found Adware: findthewebsiteyouneed hijacker
13:39: HKLM\software\microsoft\windows\currentversion\run\ || winsysupd (ID = 1145796)
13:39: winsysupd7.exe (ID = 1145796)
13:39: HKLM\software\microsoft\windows\currentversion\run\ || winsysban (ID = 1145797)
13:39: winsysban7.exe (ID = 1145797)
13:39: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\microsoft\windows\currentversion\run\ || surfsidekick 3 (ID = 1055335)
13:39: Ssk.exe (ID = 1055335)
13:39: Starting Memory Sweep
13:39: Detected running threat: C:\WINDOWS\system32\repairs302972994.dll (ID = 242406)
13:39: Found Adware: command
13:39: Detected running threat: C:\WINDOWS\anVzdGluIGZpZWxk\asappsrv.dll (ID = 144945)
13:40: Detected running threat: C:\WINDOWS\anVzdGluIGZpZWxk\command.exe (ID = 144946)
13:42: Detected running threat: C:\Program Files\Network Monitor\netmon.exe (ID = 231443)
13:45: Found Adware: effective-i toolbar
13:45: Detected running threat: C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll (ID = 106574)
13:45: Detected running threat: C:\Program Files\SurfSideKick 3\SskBho.dll (ID = 242398)
13:45: Detected running threat: C:\Program Files\SurfSideKick 3\SskCore.dll (ID = 242399)
13:46: Detected running threat: C:\Program Files\Common Files\VCClient\VCMain.exe (ID = 212830)
13:46: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\Software\Microsoft\Windows\CurrentVersion\Run || CU2 (ID = 0)
13:47: Detected running threat: C:\Program Files\Common Files\VCClient\VCClient.exe (ID = 212828)
13:47: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\Software\Microsoft\Windows\CurrentVersion\Run || CU1 (ID = 0)
13:47: Memory Sweep Complete, Elapsed Time: 00:07:59
13:47: Starting Registry Sweep
13:47: Found Adware: findthewebsiteyouneed hijack
13:47: HKLM\software\microsoft\internet explorer\search\ || searchassistant (ID = 125242)
13:47: HKCR\clsid\{44be0690-5429-47f0-85bb-3ffd8020233e}\ (6 subtraces) (ID = 125653)
13:47: HKLM\software\classes\clsid\{44be0690-5429-47f0-85bb-3ffd8020233e}\ (6 subtraces) (ID = 125656)
13:47: HKLM\software\effective-i\ (26 subtraces) (ID = 125658)
13:47: HKLM\software\microsoft\internet explorer\toolbar\ || {44be0690-5429-47f0-85bb-3ffd8020233e} (ID = 125665)
13:47: HKLM\software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator\ (9 subtraces) (ID = 125671)
13:47: Found Adware: internetoptimizer
13:47: HKCR\interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5}\ (8 subtraces) (ID = 128885)
13:47: HKLM\software\classes\interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5}\ (8 subtraces) (ID = 128896)
13:47: HKLM\software\microsoft\windows\currentversion\uninstall\rotue\ (ID = 128925)
13:47: Found Adware: moneytree
13:47: HKCR\interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0}\ (8 subtraces) (ID = 135185)
13:48: Found Adware: elitemediagroup-mediamotor
13:48: HKCR\clsid\{7149e79c-dc19-4c5e-a53c-a54ddf75eee9}\ (23 subtraces) (ID = 140032)
13:48: HKLM\software\classes\clsid\{7149e79c-dc19-4c5e-a53c-a54ddf75eee9}\inprocserver32\ (2 subtraces) (ID = 140081)
13:48: HKLM\software\classes\clsid\{7149e79c-dc19-4c5e-a53c-a54ddf75eee9}\miscstatus\ (3 subtraces) (ID = 140082)
13:48: HKLM\software\classes\clsid\{7149e79c-dc19-4c5e-a53c-a54ddf75eee9}\progid\ (1 subtraces) (ID = 140083)
13:48: HKLM\software\classes\clsid\{7149e79c-dc19-4c5e-a53c-a54ddf75eee9}\toolboxbitmap32\ (1 subtraces) (ID = 140084)
13:48: HKLM\software\classes\clsid\{7149e79c-dc19-4c5e-a53c-a54ddf75eee9}\typelib\ (1 subtraces) (ID = 140085)
13:48: HKLM\software\classes\clsid\{7149e79c-dc19-4c5e-a53c-a54ddf75eee9}\version\ (1 subtraces) (ID = 140086)
13:48: HKLM\software\classes\typelib\{466c63ac-f26e-49f1-861a-e07da768a46a}\ (18 subtraces) (ID = 140131)
13:48: HKCR\typelib\{466c63ac-f26e-49f1-861a-e07da768a46a}\ (18 subtraces) (ID = 140223)
13:48: HKCR\clsid\{02ee5b04-f144-47bb-83fb-a60bd91b74a9}\ (3 subtraces) (ID = 143389)
13:48: HKLM\software\classes\clsid\{02ee5b04-f144-47bb-83fb-a60bd91b74a9}\ (3 subtraces) (ID = 143392)
13:48: HKLM\software\microsoft\internet explorer\urlsearchhooks\ || {02ee5b04-f144-47bb-83fb-a60bd91b74a9} (ID = 143400)
13:48: HKLM\software\microsoft\windows\currentversion\run\ || surfsidekick 3 (ID = 143406)
13:48: HKLM\software\microsoft\windows\currentversion\uninstall\surf sidekick\ (2 subtraces) (ID = 143408)
13:48: HKLM\software\surfsidekick3\ (2 subtraces) (ID = 143413)
13:48: HKLM\software\microsoft\windows nt\currentversion\windows\ || appinit_dlls (ID = 819064)
13:48: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ (7 subtraces) (ID = 892523)
13:48: Found Adware: enbrowser
13:48: HKLM\software\system\sysold\ (3 subtraces) (ID = 926808)
13:48: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || nomodify (ID = 958653)
13:48: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || noremove (ID = 958654)
13:48: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || norepair (ID = 958655)
13:48: HKLM\system\currentcontrolset\services\cmdservice\ (12 subtraces) (ID = 958670)
13:48: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\0000\ (8 subtraces) (ID = 1016064)
13:48: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\ (10 subtraces) (ID = 1016072)
13:48: HKLM\software\microsoft\windows\currentversion\run\ || themonitor (ID = 1028873)
13:48: Found Adware: mirar webband
13:48: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\system32\winats.dll (ID = 1055333)
13:48: Found Trojan Horse: trojan-downloader-dh
13:48: HKLM\software\microsoft\windows\currentversion\uninstall\dh\ (2 subtraces) (ID = 1057035)
13:48: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/winats.dll\ (2 subtraces) (ID = 1066860)
13:48: HKLM\software\microsoft\windows\currentversion\uninstall\{a394e835-c8d6-4b4b-884b-d2709059f3be}\ (7 subtraces) (ID = 1110756)
13:48: HKLM\software\microsoft\windows\currentversion\run\ || winsysupd (ID = 1121711)
13:48: HKLM\software\microsoft\windows\currentversion\run\ || winsysban (ID = 1121712)
13:48: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || uninstallstring (ID = 1134952)
13:48: Found Adware: winantispyware 2005
13:48: HKLM\software\winfixer_2006\ (ID = 1137189)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\effective-i\ (7 subtraces) (ID = 125657)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\maxthon\plugin\toolbar\{44be0690-5429-47f0-85bb-3ffd8020233e}\ (1 subtraces) (ID = 125661)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\microsoft\internet explorer\toolbar\ || {44be0690-5429-47f0-85bb-3ffd8020233e} (ID = 125662)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\microsoft\internet explorer\toolbar\webbrowser\ || {44be0690-5429-47f0-85bb-3ffd8020233e} (ID = 125668)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\microsoft\internet explorer\urlsearchhooks\ || {02ee5b04-f144-47bb-83fb-a60bd91b74a9} (ID = 143397)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\microsoft\windows\currentversion\run\ || surfsidekick 3 (ID = 143403)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\surfsidekick3\ (3 subtraces) (ID = 143412)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\microsoft\internet explorer\urlsearchhooks\ || _{02ee5b04-f144-47bb-83fb-a60bd91b74a9} (ID = 165102)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\system\sysuid\ (1 subtraces) (ID = 731748)
13:48: Found Adware: zquest
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\microsoft\internet explorer\desktop\components\0\ || source (ID = 1140816)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\microsoft\windows\currentversion\run\ || cu1 (ID = 1140965)
13:48: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\software\microsoft\windows\currentversion\run\ || cu2 (ID = 1140966)
13:48: Registry Sweep Complete, Elapsed Time:00:01:08
13:48: Starting Cookie Sweep
13:48: Found Spy Cookie: burstbeacon cookie
13:48: administrator@www.burstbeacon[1].txt (ID = 2335)
13:48: Found Spy Cookie: myaffiliateprogram.com cookie
13:48: administrator@www.myaffiliateprogram[1].txt (ID = 3032)
13:49: Found Spy Cookie: 2o7.net cookie
13:49: justin@112.2o7[2].txt (ID = 1958)
13:49: Found Spy Cookie: 50881381 cookie
13:49: justin@50881381[2].txt (ID = 1981)
13:49: Found Spy Cookie: 64.62.232 cookie
13:49: justin@64.62.232[2].txt (ID = 1987)
13:49: Found Spy Cookie: 66.70.21 cookie
13:49: justin@66.70.21[1].txt (ID = 1999)
13:49: Found Spy Cookie: 888 cookie
13:49: justin@888[1].txt (ID = 2019)
13:49: justin@888[2].txt (ID = 2019)
13:49: Found Spy Cookie: websponsors cookie
13:49: justin@a.websponsors[1].txt (ID = 3665)
13:49: Found Spy Cookie: aa cookie
13:49: justin@aa[2].txt (ID = 2029)
13:49: Found Spy Cookie: go.com cookie
13:49: justin@abcnews.go[1].txt (ID = 2729)
13:49: Found Spy Cookie: about cookie
13:49: justin@about[1].txt (ID = 2037)
13:49: Found Spy Cookie: yieldmanager cookie
13:49: justin@ad.yieldmanager[1].txt (ID = 3751)
13:49: Found Spy Cookie: epilot cookie
13:49: justin@adcenter.epilot[1].txt (ID = 2622)
13:49: Found Spy Cookie: hbmediapro cookie
13:49: justin@adopt.hbmediapro[1].txt (ID = 2768)
13:49: Found Spy Cookie: hotbar cookie
13:49: justin@adopt.hotbar[2].txt (ID = 4207)
13:49: Found Spy Cookie: specificclick.com cookie
13:49: justin@adopt.specificclick[1].txt (ID = 3400)
13:49: Found Spy Cookie: ads.businessweek cookie
13:49: justin@ads.businessweek[1].txt (ID = 2113)
13:50: Found Spy Cookie: searchingbooth cookie
13:50: justin@ads.searchingbooth[1].txt (ID = 3322)
13:50: Found Spy Cookie: revenue.net cookie
13:50: justin@ads1.revenue[1].txt (ID = 3258)
13:50: Found Spy Cookie: hyperbanner cookie
13:50: justin@ads12.hyperbanner[2].txt (ID = 2816)
13:50: Found Spy Cookie: bpath cookie
13:50: justin@ads18.bpath[1].txt (ID = 2321)
13:50: Found Spy Cookie: aff6007 cookie
13:50: justin@aff6007[1].txt (ID = 2193)
13:50: Found Spy Cookie: affiliate cookie
13:50: justin@affiliate[1].txt (ID = 2199)
13:50: justin@affiliate[3].txt (ID = 2199)
13:50: Found Spy Cookie: anm.co.uk cookie
13:50: justin@anm.co[2].txt (ID = 2223)
13:50: Found Spy Cookie: gostats cookie
13:50: justin@as.gostats[2].txt (ID = 2748)
13:50: Found Spy Cookie: ask cookie
13:50: justin@ask[2].txt (ID = 2245)
13:50: Found Spy Cookie: atlas dmt cookie
13:50: justin@atdmt[2].txt (ID = 2253)
13:50: Found Spy Cookie: atwola cookie
13:50: justin@atwola[1].txt (ID = 2255)
13:50: Found Spy Cookie: azjmp cookie
13:50: justin@azjmp[2].txt (ID = 2270)
13:50: Found Spy Cookie: a cookie
13:50: justin@a[1].txt (ID = 2027)
13:50: Found Spy Cookie: paypopup cookie
13:50: justin@banner.paypopup[1].txt (ID = 3120)
13:50: justin@banners.searchingbooth[1].txt (ID = 3322)
13:50: Found Spy Cookie: bannerspace cookie
13:50: justin@bannerspace[2].txt (ID = 2284)
13:50: Found Spy Cookie: banners cookie
13:50: justin@banners[1].txt (ID = 2282)
13:50: justin@banners[2].txt (ID = 2282)
13:50: Found Spy Cookie: banner cookie
13:50: justin@banner[1].txt (ID = 2276)
13:50: justin@banner[3].txt (ID = 2276)
13:50: Found Spy Cookie: belnk cookie
13:50: justin@belnk[1].txt (ID = 2292)
13:50: Found Spy Cookie: bizrate cookie
13:50: justin@bizrate[1].txt (ID = 2308)
13:50: Found Spy Cookie: touchclarity cookie
13:50: justin@bmw.touchclarity[1].txt (ID = 3566)
13:50: justin@btow.touchclarity[1].txt (ID = 3566)
13:50: Found Spy Cookie: burstnet cookie
13:50: justin@burstnet[1].txt (ID = 2336)
13:50: Found Spy Cookie: enhance cookie
13:50: justin@c.enhance[1].txt (ID = 2614)
13:50: justin@c3.gostats[2].txt (ID = 2748)
13:50: Found Spy Cookie: cassava cookie
13:50: justin@cassava[1].txt (ID = 2362)
13:50: Found Spy Cookie: controlsearch cookie
13:50: justin@controlsearch[1].txt (ID = 2463)
13:50: Found Spy Cookie: tickle cookie
13:50: justin@cookie.tickle[1].txt (ID = 3530)
13:50: Found Spy Cookie: customer cookie
13:50: justin@customer[1].txt (ID = 2481)
13:50: justin@customer[2].txt (ID = 2481)
13:50: justin@customer[3].txt (ID = 2481)
13:50: justin@customer[4].txt (ID = 2481)
13:50: justin@customer[5].txt (ID = 2481)
13:50: Found Spy Cookie: webtrendslive cookie
13:50: justin@dcsklxjd7oifwzramfu7ehxd9_2j2f[1].txt (ID = 3676)
13:50: Found Spy Cookie: dcskqeg2voifwznnd6alhtnei_8f3u cookie
13:50: justin@dcskqeg2voifwznnd6alhtnei_8f3u[1].txt (ID = 2501)
13:51: Found Spy Cookie: dealhelper cookie
13:51: justin@dealhelper[1].txt (ID = 2503)
13:51: Found Spy Cookie: dealtime cookie
13:51: justin@dealtime[1].txt (ID = 2505)
13:51: Found Spy Cookie: webtrends cookie
13:51: justin@demo.webtrends[2].txt (ID = 3669)
13:51: Found Spy Cookie: did-it cookie
13:51: justin@did-it[2].txt (ID = 2523)
13:51: justin@disney.store.go[1].txt (ID = 2729)
13:51: justin@dist.belnk[2].txt (ID = 2293)
13:51: Found Spy Cookie: exitexchange cookie
13:51: justin@exitexchange[1].txt (ID = 2633)
13:51: justin@experts.about[1].txt (ID = 2038)
13:51: Found Spy Cookie: fe.lea.lycos.com cookie
13:51: justin@fe.lea.lycos[1].txt (ID = 2660)
13:51: justin@ford.touchclarity[1].txt (ID = 3566)
13:51: Found Spy Cookie: gamespy cookie
13:51: justin@gamespy[1].txt (ID = 2719)
13:51: Found Spy Cookie: go2net.com cookie
13:51: justin@go2net[1].txt (ID = 2730)
13:51: Found Spy Cookie: goldenpalace cookie
13:51: justin@goldenpalace[2].txt (ID = 2734)
13:51: justin@gostats[2].txt (ID = 2747)
13:51: Found Spy Cookie: gotoast cookie
13:51: justin@gotoast[1].txt (ID = 2751)
13:51: justin@go[2].txt (ID = 2728)
13:51: justin@go[3].txt (ID = 2728)
13:51: justin@graphicssoft.about[1].txt (ID = 2038)
13:51: Found Spy Cookie: starware.com cookie
13:51: justin@h.starware[2].txt (ID = 3442)
13:51: Found Spy Cookie: clickandtrack cookie
13:51: justin@hits.clickandtrack[1].txt (ID = 2397)
13:51: Found Spy Cookie: homestore cookie
13:51: justin@homestore[1].txt (ID = 2793)
13:51: Found Spy Cookie: hpm001 cookie
13:51: justin@hpm001[1].txt (ID = 2807)
13:51: Found Spy Cookie: hypertracker.com cookie
13:51: justin@hypertracker[2].txt (ID = 2817)
13:51: Found Spy Cookie: screensavers.com cookie
13:51: justin@i.screensavers[1].txt (ID = 3298)
13:51: justin@javascript.about[1].txt (ID = 2038)
13:51: Found Spy Cookie: kmpads cookie
13:51: justin@kmpads[2].txt (ID = 2909)
13:51: Found Spy Cookie: techtarget cookie
13:51: justin@knowledgestorm.techtarget[1].txt (ID = 3500)
13:51: Found Spy Cookie: kount cookie
13:51: justin@kount[1].txt (ID = 2911)
13:51: Found Spy Cookie: linkexchange cookie
13:51: justin@linkexchange[1].txt (ID = 2920)
13:51: Found Spy Cookie: top-banners cookie
13:51: justin@media.top-banners[1].txt (ID = 3548)
13:51: Found Spy Cookie: ugo cookie
13:51: justin@mediamgr.ugo[2].txt (ID = 3609)
13:51: Found Spy Cookie: qsrch cookie
13:51: justin@moniker.qsrch[2].txt (ID = 3216)
13:51: justin@msn.touchclarity[2].txt (ID = 3566)
13:51: Found Spy Cookie: nextag cookie
13:51: justin@nextag[2].txt (ID = 5014)
13:51: justin@ondemand.webtrends[2].txt (ID = 3669)
13:51: justin@partygaming.122.2o7[1].txt (ID = 1958)
13:51: Found Spy Cookie: partypoker cookie
13:51: justin@partypoker[1].txt (ID = 3111)
13:51: justin@paypopup[1].txt (ID = 3119)
13:51: Found Spy Cookie: mircx cookie
13:51: justin@pop.mircx[2].txt (ID = 2998)
13:51: Found Spy Cookie: pricegrabber cookie
13:51: justin@pricegrabber[1].txt (ID = 3185)
13:51: justin@product.webtrends[1].txt (ID = 3669)
13:51: Found Spy Cookie: rc cookie
13:51: justin@rc[1].txt (ID = 3231)
13:51: Found Spy Cookie: rightmedia cookie
13:51: justin@rightmedia[2].txt (ID = 3259)
13:51: Found Spy Cookie: rn11 cookie
13:51: justin@rn11[2].txt (ID = 3261)
13:51: Found Spy Cookie: co cookie
13:51: justin@rs0.co[1].txt (ID = 2430)
13:51: Found Spy Cookie: s152531 cookie
13:51: justin@S152531[2].txt (ID = 3273)
13:51: justin@search.about[1].txt (ID = 2038)
13:51: Found Spy Cookie: domain sponsor cookie
13:51: justin@search.domainsponsor[1].txt (ID = 2534)
13:51: justin@searchcio.techtarget[1].txt (ID = 3500)
13:51: justin@searchingbooth[2].txt (ID = 3321)
13:51: justin@searchportal.domainsponsor[1].txt (ID = 2534)
13:51: Found Spy Cookie: overture cookie
13:51: justin@secure.overture[1].txt (ID = 3106)
13:51: Found Spy Cookie: web-stat cookie
13:51: justin@server3.web-stat[2].txt (ID = 3649)
13:51: Found Spy Cookie: servlet cookie
13:51: justin@servlet[2].txt (ID = 3345)
13:51: justin@sitematch.overture[1].txt (ID = 3106)
13:51: justin@smac.sitematch.overture[1].txt (ID = 3106)
13:51: justin@stat.dealtime[2].txt (ID = 2506)
13:51: Found Spy Cookie: clicktracks cookie
13:51: justin@stats.clicktracks[2].txt (ID = 2407)
13:51: Found Spy Cookie: stats.klsoft.com cookie
13:51: justin@stats.klsoft[1].txt (ID = 3451)
13:51: Found Spy Cookie: reliablestats cookie
13:51: justin@stats1.reliablestats[1].txt (ID = 3254)
13:51: Found Spy Cookie: tacoda cookie
13:51: justin@tacoda[1].txt (ID = 6444)
13:51: justin@techtarget[1].txt (ID = 3499)
13:51: justin@theaa.touchclarity[1].txt (ID = 3566)
13:51: Found Spy Cookie: tracking cookie
13:51: justin@tracking[1].txt (ID = 3571)
13:51: justin@webtracking.touchclarity[1].txt (ID = 3566)
13:51: Found Spy Cookie: trb.com cookie
13:51: justin@wgntv.trb[1].txt (ID = 3588)
13:51: Found Spy Cookie: wizzle cookie
13:51: justin@wizzle[1].txt (ID = 3695)
13:51: justin@www.888[2].txt (ID = 2020)
13:51: justin@www.burstbeacon[1].txt (ID = 2335)
13:51: justin@www.clicktracks[2].txt (ID = 2407)
13:51: Found Spy Cookie: clickxchange adware cookie
13:51: justin@www.clickxchange[1].txt (ID = 2409)
13:51: Found Spy Cookie: clickz cookie
13:51: justin@www.clickz[1].txt (ID = 2411)
13:51: Found Spy Cookie: directtrack cookie
13:51: justin@www.directtrack[1].txt (ID = 2528)
13:51: justin@www.epilot[2].txt (ID = 2622)
13:51: Found Spy Cookie: findwhat cookie
13:51: justin@www.findwhat[1].txt (ID = 2675)
13:51: Found Spy Cookie: dbbsrv cookie
13:51: justin@www.fun.com.18345.fb.dbbsrv[2].txt (ID = 2500)
13:51: justin@www.go[1].txt (ID = 2729)
13:51: justin@www.hypertracker[2].txt (ID = 2818)
13:51: Found Spy Cookie: jumptothat cookie
13:51: justin@www.jumptothat[1].txt (ID = 2894)
13:51: justin@www.myaffiliateprogram[2].txt (ID = 3032)
13:51: Found Spy Cookie: mytemplatestorage cookie
13:51: justin@www.mytemplatestorage[1].txt (ID = 3050)
13:51: Found Spy Cookie: popuptraffic cookie
13:51: justin@www.popuptraffic[2].txt (ID = 3164)
13:51: Found Spy Cookie: portland.co cookie
13:51: justin@www.portland.co[2].txt (ID = 3180)
13:51: justin@www.screensavers[2].txt (ID = 3298)
13:51: justin@www.searchingbooth[2].txt (ID = 3322)
13:51: Found Spy Cookie: seek-zone cookie
13:51: justin@www.seek-zone[1].txt (ID = 3330)
13:51: justin@www.starware[1].txt (ID = 3442)
13:51: justin@www.ugo[1].txt (ID = 3609)
13:51: justin@www.web-stat[1].txt (ID = 3649)
13:51: Found Spy Cookie: wesearchall cookie
13:51: justin@www.wesearchall[2].txt (ID = 3684)
13:51: Found Spy Cookie: xiti cookie
13:51: justin@xiti[1].txt (ID = 3717)
13:51: Found Spy Cookie: yadro cookie
13:51: justin@yadro[2].txt (ID = 3743)
13:51: Cookie Sweep Complete, Elapsed Time: 00:03:14
13:52: Starting File Sweep
13:52: Found Adware: orbit explorer
13:52: c:\program files\common files\oe (1 subtraces) (ID = -2147480516)
13:52: Found Adware: dealhelper
13:52: c:\documents and settings\all users\start menu\programs\d-helper web driver (1 subtraces) (ID = -2147481151)
13:52: c:\program files\surfsidekick 3 (3 subtraces) (ID = -2147480186)
13:52: c:\program files\common files\vcclient (9 subtraces) (ID = -2147461290)
13:52: c:\program files\thesearchaccelerator (7 subtraces) (ID = -2147481059)
13:52: c:\documents and settings\justin\start menu\programs\ucmore - the search accelerator (3 subtraces) (ID = -2147481062)
13:52: c:\program files\network monitor (1 subtraces) (ID = -2147459771)
13:53: Found Adware: deskwizz
13:53: a0121444.exe (ID = 240959)
13:53: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp403\a0121414.dll". Access is denied
13:54: a0122465.exe (ID = 240959)
13:54: Found Adware: look2me
13:54: a0121349.dll (ID = 159)
13:54: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp403\a0121396.dll". Access is denied
13:54: Found Adware: dollarrevenue
13:54: dc2571.exe (ID = 216545)
13:54: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0121441.dll". Access is denied
13:54: a0121386.exe (ID = 240959)
13:55: a0122487.dll (ID = 59843)
13:55: Found Trojan Horse: lzio
13:55: wintask.vir (ID = 81002)
13:55: a0122501.exe (ID = 216718)
13:55: vcclient.exe (ID = 212828)
13:55: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\Software\Microsoft\Windows\CurrentVersion\Run || CU1 (ID = 0)
13:56: iucmore.dll (ID = 59843)
13:56: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp403\a0121376.ocx". Access is denied
13:56: Found Adware: purityscan
13:56: a0123185.exe (ID = 73191)
13:56: a0122512.exe (ID = 133210)
13:56: repairs302972994.dll (ID = 242406)
13:56: installer.exe (ID = 73121)
13:56: ss1001.exe (ID = 216718)
13:56: vcupdate.exe.config (ID = 212361)
13:56: installer.exe (ID = 168558)
13:57: a0121418.exe (ID = 240959)
13:57: a0119485.exe (ID = 212830)
13:57: a0121399.exe (ID = 240959)
13:57: dc2570.exe (ID = 216545)
13:57: mt-uninstaller.exe (ID = 73191)
13:58: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122494.exe". Access is denied
13:58: vcmain.exe (ID = 212830)
13:58: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\Software\Microsoft\Windows\CurrentVersion\Run || CU2 (ID = 0)
13:58: a0123214.exe (ID = 242087)
13:58: vcupdate.exe (ID = 212831)
13:58: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122528.dll". Access is denied
13:58: mvr6l99s1.dll (ID = 159)
13:58: dh9013.exe (ID = 208497)
13:58: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0121458.dll". Access is denied
13:58: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122455.dll". Access is denied
14:00: a0122503.exe (ID = 59853)
14:00: sskbho.dll (ID = 242398)
14:00: Found Adware: targetsaver
14:00: a0122510.exe (ID = 193501)
14:00: a0123208.exe (ID = 242116)
14:00: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp402\a0120304.ocx". Access is denied
14:01: a0123212.exe (ID = 125346)
14:01: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp402\a0121355.ocx". Access is denied
14:01: a0123216.exe (ID = 242088)
14:01: sskknwrd.dll (ID = 77733)
14:02: a0123240.dll (ID = 159)
14:02: ucmoreiex.exe (ID = 59853)
14:03: a0121435.dll (ID = 159)
14:03: ssk.exe (ID = 242428)
14:03: HKLM\Software\Microsoft\Windows\CurrentVersion\Run || SurfSideKick 3 (ID = 0)
14:03: HKU\S-1-5-21-1344734455-1439202154-709122288-1266\Software\Microsoft\Windows\CurrentVersion\Run || SurfSideKick 3 (ID = 0)
14:05: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122496.exe". Access is denied
14:05: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp401\a0119713.ocx". Access is denied
14:05: a0122504.exe (ID = 133208)
14:05: a0121390.dll (ID = 159)
14:06: backup-20060209-103502-897.dll (ID = 208226)
14:06: a0123184.dll (ID = 133227)
14:06: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122499.exe". Access is denied
14:07: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp402\a0120327.ocx". Access is denied
14:07: a0119486.exe (ID = 212831)
14:08: a0123210.ocx (ID = 74058)
14:08: a0122493.dll (ID = 163672)
14:09: a0122509.dll (ID = 163672)
14:09: bk.exe (ID = 242377)
14:10: tsupdate2[1].ini (ID = 193498)
14:13: ucmtsaie.dll (ID = 106574)
14:13: a0123215.exe (ID = 239527)
14:14: a0121408.dll (ID = 159)
14:14: a0122522.dll (ID = 144945)
14:14: a0119484.config (ID = 212361)
14:15: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122477.exe". Access is denied
14:15: a0120298.dll (ID = 215893)
14:15: a0121452.dll (ID = 159)
14:15: a0121329.dll (ID = 159)
14:16: a0120294.exe (ID = 216230)
14:16: a0122520.dll (ID = 159)
14:16: a0123203.exe (ID = 242116)
14:16: a0120291.dll (ID = 240920)
14:17: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122500.exe". Access is denied
14:17: uninstall_nmon.vbs (ID = 231442)
14:18: a0122521.exe (ID = 144946)
14:19: a0123213.exe (ID = 239528)
14:19: a0122519.dll (ID = 159)
14:20: a0123224.dll (ID = 159)
14:20: r08slal71dq.dll (ID = 159)
14:20: a0120293.exe (ID = 216712)
14:21: wgnbrand.dll (ID = 159)
14:21: a0123207.exe (ID = 242087)
14:24: a0123188.dll (ID = 159)
14:24: a0122490.dll (ID = 106574)
14:25: a0122511.dll (ID = 70014)
14:26: temp.fr7ab1 (ID = 159)
14:26: rgsmxs.dll (ID = 159)
14:26: temp.frea2a (ID = 159)
14:27: a0123220.dll (ID = 159)
14:28: a0123222.exe (ID = 81002)
14:28: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122478.exe". Access is denied
14:29: winsysupd6.exe (ID = 243652)
14:29: a0122514.exe (ID = 212828)
14:29: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp403\a0121378.dll". Access is denied
14:29: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122479.exe". Access is denied
14:29: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122506.dll". Access is denied
14:29: netmon.exe (ID = 231443)
14:29: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122480.exe". Access is denied
14:29: command.exe (ID = 144946)
14:29: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122498.exe". Access is denied
14:29: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122481.exe". Access is denied
14:29: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122482.exe". Access is denied
14:29: wallpap.exe (ID = 240959)
14:29: a0121405.dll (ID = 208226)
14:30: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122513.dll". Access is denied
14:30: asappsrv.dll (ID = 144945)
14:30: a0121368.dll (ID = 159)
14:30: winsysban6.exe (ID = 243651)
14:31: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122483.exe". Access is denied
14:31: a0122497.dll (ID = 195129)
14:31: Found Adware: apropos
14:31: a0122508.dll (ID = 166754)
14:31: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122502.exe". Access is denied
14:31: a0123236.dll (ID = 159)
14:32: Warning: Failed to open file "c:\system volume information\_restore{c7314aa2-e842-4091-b22f-b766d3876805}\rp404\a0122505.exe". Access is denied
14:32: cobview.dll (ID = 159)
14:32: atmtd.dll (ID = 166754)
14:32: a0122495.exe (ID = 168558)
14:32: vocabulary (ID = 78283)
14:32: class-barrel (ID = 78229)
14:33: iejp81k.dll (ID = 159)
14:33: srgina.dll (ID = 159)
14:33: atmtd.dll._ (ID = 166754)
14:33: a0122451.dll (ID = 159)
14:33: a0121451.dll (ID = 159)
14:34: q4ps0e77eh.dll (ID = 159)
14:35: sskcore.dll (ID = 242399)
14:38: redirector.dll (ID = 71705)
14:38: a0123228.dll (ID = 163672)
14:38: wantrust.dll (ID = 159)
14:38: a0120292.dll (ID = 216713)
14:39: newfrn[1].ini (ID = 239476)
14:39: a0119712.ini (ID = 238253)
14:39: setup[1].ini (ID = 238253)
14:39: a0121385.ini (ID = 238253)
14:39: clientupdater.bat (ID = 212353)
14:39: vcclient.exe.config (ID = 212358)
14:39: myupdates.dat (ID = 198788)
14:39: ucmore tour.lnk (ID = 59855)
14:39: how to uninstall.lnk (ID = 59838)
14:39: backup-20060209-103502-897.inf (ID = 208224)
14:39: a0119236.ini (ID = 238253)
14:39: a0122492.bat (ID = 212353)
14:39: a0122515.config (ID = 212358)
14:39: ubpwx35rk3tdtqu4.vbs (ID = 185675)
14:39: a0122486.lnk (ID = 59855)
14:39: a0122484.lnk (ID = 59838)
14:41: Warning: Unhandled Archive Type
14:44: Warning: Cannot create file "C:\WINDOWS\Temp\1433SST4B.0\include\pclzip\". The system cannot find the path specified
14:47: Warning: Unhandled Archive Type
14:54: Warning: Unhandled Archive Type
14:56: File Sweep Complete, Elapsed Time: 01:04:14
14:56: Full Sweep has completed. Elapsed time 01:17:00
14:56: Traces Found: 595
15:07: Removal process initiated
15:07: Quarantining All Traces: look2me
15:08: look2me is in use. It will be removed on reboot.
15:08: mvr6l99s1.dll is in use. It will be removed on reboot.
15:08: rgsmxs.dll is in use. It will be removed on reboot.
15:08: q4ps0e77eh.dll is in use. It will be removed on reboot.
15:08: Quarantining All Traces: lzio
15:08: Quarantining All Traces: purityscan
15:08: Quarantining All Traces: apropos
15:08: Quarantining All Traces: dollarrevenue
15:08: Quarantining All Traces: enbrowser
15:08: Quarantining All Traces: internetoptimizer
15:08: Quarantining All Traces: orbit explorer
15:08: Quarantining All Traces: surfsidekick
15:10: Warning: QF[866]: CmprsF(): The operation completed successfully
15:10: surfsidekick is in use. It will be removed on reboot.
15:10: Ssk.exe is in use. It will be removed on reboot.
15:10: SskBho.dll is in use. It will be removed on reboot.
15:10: Ssk.exe is in use. It will be removed on reboot.
15:10: c:\program files\surfsidekick 3 is in use. It will be removed on reboot.
15:10: repairs302972994.dll is in use. It will be removed on reboot.
15:10: vcmain.exe is in use. It will be removed on reboot.
15:10: sskbho.dll is in use. It will be removed on reboot.
15:10: ssk.exe is in use. It will be removed on reboot.
15:10: sskcore.dll is in use. It will be removed on reboot.
15:10: C:\WINDOWS\system32\repairs302972994.dll is in use. It will be removed on reboot.
15:10: C:\Program Files\SurfSideKick 3\SskBho.dll is in use. It will be removed on reboot.
15:10: C:\Program Files\SurfSideKick 3\SskCore.dll is in use. It will be removed on reboot.
15:10: C:\Program Files\Common Files\VCClient\VCMain.exe is in use. It will be removed on reboot.
15:10: C:\Program Files\Common Files\VCClient\VCClient.exe is in use. It will be removed on reboot.
15:10: Quarantining All Traces: trojan-downloader-dh
15:10: Quarantining All Traces: zquest
15:10: Quarantining All Traces: command
15:10: command is in use. It will be removed on reboot.
15:10: netmon.exe is in use. It will be removed on reboot.
15:10: command.exe is in use. It will be removed on reboot.
15:10: asappsrv.dll is in use. It will be removed on reboot.
15:10: C:\WINDOWS\anVzdGluIGZpZWxk\asappsrv.dll is in use. It will be removed on reboot.
15:10: C:\WINDOWS\anVzdGluIGZpZWxk\command.exe is in use. It will be removed on reboot.
15:10: C:\Program Files\Network Monitor\netmon.exe is in use. It will be removed on reboot.
15:10: Quarantining All Traces: dealhelper
15:10: Quarantining All Traces: deskwizz
15:10: Quarantining All Traces: effective-i toolbar
15:11: effective-i toolbar is in use. It will be removed on reboot.
15:11: ucmtsaie.dll is in use. It will be removed on reboot.
15:11: Quarantining All Traces: elitemediagroup-mediamotor
15:11: Quarantining All Traces: findthewebsiteyouneed hijacker
15:11: Quarantining All Traces: findthewebsiteyouneed hijack
15:11: Quarantining All Traces: mirar webband
15:11: Quarantining All Traces: moneytree
15:11: Quarantining All Traces: targetsaver
15:11: Quarantining All Traces: 2o7.net cookie
15:11: Quarantining All Traces: 50881381 cookie
15:11: Quarantining All Traces: 64.62.232 cookie
15:11: Quarantining All Traces: 66.70.21 cookie
15:11: Quarantining All Traces: 888 cookie
15:11: Quarantining All Traces: a cookie
15:11: Quarantining All Traces: aa cookie
15:11: Quarantining All Traces: about cookie
15:11: Quarantining All Traces: ads.businessweek cookie
15:11: Quarantining All Traces: aff6007 cookie
15:11: Quarantining All Traces: affiliate cookie
15:11: Quarantining All Traces: anm.co.uk cookie
15:11: Quarantining All Traces: ask cookie
15:11: Quarantining All Traces: atlas dmt cookie
15:11: Quarantining All Traces: atwola cookie
15:11: Quarantining All Traces: azjmp cookie
15:11: Quarantining All Traces: banner cookie
15:11: Quarantining All Traces: banners cookie
15:11: Quarantining All Traces: bannerspace cookie
15:11: Quarantining All Traces: belnk cookie
15:11: Quarantining All Traces: bizrate cookie
15:11: Quarantining All Traces: bpath cookie
15:11: Quarantining All Traces: burstbeacon cookie
15:11: Quarantining All Traces: burstnet cookie
15:11: Quarantining All Traces: cassava cookie
15:11: Quarantining All Traces: clickandtrack cookie
15:11: Quarantining All Traces: clicktracks cookie
15:11: Quarantining All Traces: clickxchange adware cookie
15:11: Quarantining All Traces: clickz cookie
15:11: Quarantining All Traces: co cookie
15:11: Quarantining All Traces: controlsearch cookie
15:11: Quarantining All Traces: customer cookie
15:11: Quarantining All Traces: dbbsrv cookie
15:11: Quarantining All Traces: dcskqeg2voifwznnd6alhtnei_8f3u cookie
15:11: Quarantining All Traces: dealhelper cookie
15:11: Quarantining All Traces: dealtime cookie
15:11: Quarantining All Traces: did-it cookie
15:11: Quarantining All Traces: directtrack cookie
15:11: Quarantining All Traces: domain sponsor cookie
15:11: Quarantining All Traces: enhance cookie
15:11: Quarantining All Traces: epilot cookie
15:11: Quarantining All Traces: exitexchange cookie
15:11: Quarantining All Traces: fe.lea.lycos.com cookie
15:11: Quarantining All Traces: findwhat cookie
15:11: Quarantining All Traces: gamespy cookie
15:11: Quarantining All Traces: go.com cookie
15:11: Quarantining All Traces: go2net.com cookie
15:11: Quarantining All Traces: goldenpalace cookie
15:11: Quarantining All Traces: gostats cookie
15:11: Quarantining All Traces: gotoast cookie
15:11: Quarantining All Traces: hbmediapro cookie
15:11: Quarantining All Traces: homestore cookie
15:11: Quarantining All Traces: hotbar cookie
15:11: Quarantining All Traces: hpm001 cookie
15:11: Quarantining All Traces: hyperbanner cookie
15:11: Quarantining All Traces: hypertracker.com cookie
15:11: Quarantining All Traces: jumptothat cookie
15:11: Quarantining All Traces: kmpads cookie
15:11: Quarantining All Traces: kount cookie
15:11: Quarantining All Traces: linkexchange cookie
15:11: Quarantining All Traces: mircx cookie
15:11: Quarantining All Traces: myaffiliateprogram.com cookie
15:11: Quarantining All Traces: mytemplatestorage cookie
15:11: Quarantining All Traces: nextag cookie
15:11: Quarantining All Traces: overture cookie
15:11: Quarantining All Traces: partypoker cookie
15:11: Quarantining All Traces: paypopup cookie
15:11: Quarantining All Traces: popuptraffic cookie
15:11: Quarantining All Traces: portland.co cookie
15:11: Quarantining All Traces: pricegrabber cookie
15:11: Quarantining All Traces: qsrch cookie
15:11: Quarantining All Traces: rc cookie
15:11: Quarantining All Traces: reliablestats cookie
15:11: Quarantining All Traces: revenue.net cookie
15:11: Quarantining All Traces: rightmedia cookie
15:11: Quarantining All Traces: rn11 cookie
15:11: Quarantining All Traces: s152531 cookie
15:11: Quarantining All Traces: screensavers.com cookie
15:11: Quarantining All Traces: searchingbooth cookie
15:11: Quarantining All Traces: seek-zone cookie
15:11: Quarantining All Traces: servlet cookie
15:11: Quarantining All Traces: specificclick.com cookie
15:11: Quarantining All Traces: starware.com cookie
15:11: Quarantining All Traces: stats.klsoft.com cookie
15:11: Quarantining All Traces: tacoda cookie
15:11: Quarantining All Traces: techtarget cookie
15:11: Quarantining All Traces: tickle cookie
15:11: Quarantining All Traces: top-banners cookie
15:11: Quarantining All Traces: touchclarity cookie
15:11: Quarantining All Traces: tracking cookie
15:11: Quarantining All Traces: trb.com cookie
15:11: Quarantining All Traces: ugo cookie
15:11: Quarantining All Traces: websponsors cookie
15:11: Quarantining All Traces: web-stat cookie
15:11: Quarantining All Traces: webtrends cookie
15:11: Quarantining All Traces: webtrendslive cookie
15:11: Quarantining All Traces: wesearchall cookie
15:11: Quarantining All Traces: winantispyware 2005
15:11: Quarantining All Traces: wizzle cookie
15:11: Quarantining All Traces: xiti cookie
15:11: Quarantining All Traces: yadro cookie
15:11: Quarantining All Traces: yieldmanager cookie
15:12: Preparing to restart your computer. Please wait...
15:12: Removal process completed. Elapsed time 00:04:42
********
13:34: | Start of Session, 13 February 2006 |
13:34: Spy Sweeper started
13:37: Your spyware definitions have been updated.
13:39: | End of Session, 13 February 2006 |
breeze
Regular Member
 
Posts: 41
Joined: February 10th, 2006, 10:08 am

Unread postby amateur » February 13th, 2006, 1:15 pm

Please post:
a new HijackThis log,
Spysweeper log,
Ewido report
Panda online Scan result

You may have to post them separately if they are too long.


So far, I only got the SpySweeper log. I am waiting for the rest. ;)
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby breeze » February 15th, 2006, 7:21 am

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:24:03, 15/02/2006
+ Report-Checksum: 5CE44581

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{00000000-0000-0000-0000-000000000010} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-0000-0000-0000-000000000010} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\H323TSP -> Adware.Look2Me : Cleaned with backup
HKU\S-1-5-21-1344734455-1439202154-709122288-1266\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-0000-0000-0000-000000000010} -> Adware.Generic : Cleaned with backup
HKU\S-1-5-21-1344734455-1439202154-709122288-1266\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5AF2622-8C75-4DFB-9693-23AB7686A456} -> Adware.Generic : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.X10 : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Adviva : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Adviva : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Adviva : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.224:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.240:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.241:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.245:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.268:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.271:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.280:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.287:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.289:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.290:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.302:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.307:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.308:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.309:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.310:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.315:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\default.r8l\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.224:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.226:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Adviva : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.271:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.295:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.301:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.302:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.306:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.307:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.308:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.309:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.310:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.311:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.312:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.325:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.326:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.337:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.341:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.360:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.361:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.362:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.363:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.364:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.365:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.367:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.368:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.369:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.370:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.371:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.379:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.383:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.395:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.396:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.400:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Findwhat : Cleaned with backup
:mozilla.429:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.430:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.431:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.432:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.433:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.434:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.450:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.451:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.461:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.462:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.474:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.475:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.478:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.479:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.480:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.481:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.482:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.483:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.484:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.485:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.486:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.487:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.488:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.489:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.490:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.491:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.492:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.493:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.494:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.495:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.496:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.497:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.498:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.499:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.500:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.501:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.502:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.503:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.504:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.505:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.506:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.507:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.508:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.509:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.510:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.511:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.512:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.513:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.514:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.515:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.516:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.517:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.518:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.603:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.604:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.613:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.618:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.619:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.620:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.621:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.622:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.626:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.627:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.630:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup
:mozilla.631:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.648:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.649:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.650:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.651:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.652:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.653:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.660:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.662:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.688:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.689:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.696:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.708:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.709:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.710:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.714:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.715:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.739:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.779:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.793:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.794:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.834:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.871:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.884:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Cj : Cleaned with backup
:mozilla.885:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Cj : Cleaned with backup
:mozilla.889:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Commission-junction : Cleaned with backup
:mozilla.890:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Commission-junction : Cleaned with backup
:mozilla.891:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Cj : Cleaned with backup
:mozilla.892:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.922:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.937:C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@ads.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@download.com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@ilead.itrack[2].txt -> TrackingCookie.Itrack : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Justin\Cookies\justin@webstat[1].txt -> TrackingCookie.Web-stat : Cleaned with
breeze
Regular Member
 
Posts: 41
Joined: February 10th, 2006, 10:08 am

Unread postby amateur » February 15th, 2006, 8:58 am

H Breeze,

Thanks for the logs you provided. However, I didn't receive all the logs I requested, and certainly not in a timely manner. I have received only two of the four logs I requested, with a couple of days apart. I still don't know if you installed an antivirus software. Without it, you will get infected within seconds you are on the internet. I am sorry but I cannot help you if you do not follow the instructions and provide the feedback I need. Please let me know what your intention is.
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby breeze » February 15th, 2006, 9:13 am

So sorry about the delay, I am running the Panda Scan just now, it is half way through.

I appreciate the time scale etc, and I apologies if I have not been able to do it all at one time.

I am nearly there.

Best Regards

Breeze.
breeze
Regular Member
 
Posts: 41
Joined: February 10th, 2006, 10:08 am

Unread postby breeze » February 15th, 2006, 9:15 am

Active Scan:


Incident Status Location

Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
Spyware:spyware/surfsidekick Not disinfected C:\Documents and Settings\Justin\Local Settings\Temporary Internet Files\Ssk.log
Adware:adware/maxifiles Not disinfected C:\mc-110-12-0000228.exe
Adware:adware/dollarrevenue Not disinfected C:\WINDOWS\drsmartload2.dat
Adware:adware/alexa-toolbar Not disinfected C:\PROGRAM FILES\Alexa Toolbar
Potentially unwanted tool:application/funweb Not disinfected C:\PROGRAM FILES\FunWebProducts
Potentially unwanted tool:application/mywebsearch Not disinfected C:\PROGRAM FILES\MyWebSearch
Adware:adware/searchaid Not disinfected C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\NetMon
Potentially unwanted tool:application/myway Not disinfected HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Adware:adware/dyfuca Not disinfected Windows Registry
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Justin\Cookies\justin@image.checkmystats.com[2].txt
Spyware:Cookie/Media-motor Not disinfected C:\Documents and Settings\Justin\Cookies\justin@mmm.media-motor[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Justin\Cookies\justin@searchportal.information[2].txt
Spyware:Cookie/TargetSaver Not disinfected C:\Documents and Settings\Justin\Cookies\justin@targetsaver[2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Justin\Cookies\justin@target[2].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Justin\Cookies\justin@winfixer[2].txt
Spyware:Cookie/Buydomains Not disinfected C:\Documents and Settings\Justin\Cookies\justin@www47.buydomains[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Justin\Cookies\justin@xmts[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[stats1.reliablestats.com/]
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.rn11.com/]
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.adopt.hbmediapro.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.zedo.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.doubleclick.net/]
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[www.myaffiliateprogram.com/]
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.www.myaffiliateprogram.com/]
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[www.myaffiliateprogram.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.hitbox.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.atdmt.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.bravenet.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.advertising.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.bravenet.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.advertising.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.bravenet.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.advertising.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.overture.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.perf.overture.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[server.iad.liveperson.net/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.overture.com/]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.valueclick.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.statcounter.com/]
Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.adviva.net/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.bfast.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.belnk.com/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.as-us.falkag.net/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.fastclick.net/]
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.z1.adserver.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[statse.webtrendslive.com/]
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.winfixer.com/]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.adtech.de/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Enhance Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[c.enhance.com/]
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.888.com/]
Spyware:Cookie/Findwhat Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.findwhat.com/]
Spyware:Cookie/GoClick Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[c.goclick.com/]
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[counter.hitslink.com/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[as1.falkag.de/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.realmedia.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.questionmarket.com/]
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.2o7.net/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.toplist.cz/]
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.ask.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[server.iad.liveperson.net/hc/32997519]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.xiti.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.xmts.net/]
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.clickbank.net/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.com.com/]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[www.tradedoubler.com/]
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.112.2o7.net/]
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.gostats.com/]
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[c3.gostats.com/]
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[landing.domainsponsor.com/]
Spyware:Cookie/24/7 Realmedia Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.247realmedia.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[searchportal.information.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.apmebf.com/]
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.azjmp.com/]
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[.revenue.net/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[32997519]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Justin\Application Data\Mozilla\Firefox\Profiles\mtjvegth.justin\cookies.txt[]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\JumpforFun.sbd\Justin - jumpforfun[email-info.txt .pif]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[email-info.htm .pif]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[instructions.txt .scr]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[email-info.htm .exe]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[qwxs.txt .exe]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[gnvni.htm .exe]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[document.htm .exe]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[dccm.txt .scr]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[document.htm .scr]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[email-info.doc .pif]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[information.doc .exe]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[info-text.txt .scr]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[email-info.txt .scr]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[email-doc.txt .pif]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[information.doc .scr]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[email-info.htm .scr]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[information.doc .pif]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[information.txt .scr]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[email-info.doc .exe]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[instructions.htm .exe]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[information.htm .pif]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[email-info.doc .scr]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[ywb.txt .pif]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[information.htm .exe]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[mpmzks.txt .pif]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[information.htm .pif]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[instructions.txt .exe]
Virus:W32/Mytob.DR.worm Disinfected C:\Documents and Settings\Justin\Application Data\Thunderbird\Profiles\hahiuzcl.default\Mail\Local Folders\LaptechSolutions.sbd\sem - laptech[document.doc .exe]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Justin\Cookies\justin@image.checkmystats.com[2].txt
Spyware:Cookie/Media-motor Not disinfected C:\Documents and Settings\Justin\Cookies\justin@mmm.media-motor[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Justin\Cookies\justin@searchportal.information[2].txt
Spyware:Cookie/TargetSaver Not disinfected C:\Documents and Settings\Justin\Cookies\justin@targetsaver[2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Justin\Cookies\justin@target[2].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Justin\Cookies\justin@winfixer[2].txt
Spyware:Cookie/Buydomains Not disinfected C:\Documents and Settings\Justin\Cookies\justin@www47.buydomains[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Justin\Cookies\justin@xmts[2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Justin\Desktop\l2mfix\Process.exe
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Justin\Local Settings\Temp\Cookies\justin@adopt.hbmediapro[2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Justin\Local Settings\Temp\Cookies\justin@ask[1].txt
Spyware:Cookie/Date Not disinfected C:\Documents and Settings\Justin\Local Settings\Temp\Cookies\justin@date[1].txt
Spyware:Cookie/elmer Not disinfected C:\Documents and Settings\Justin\Local Settings\Temp\Cookies\justin@elmer[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Justin\Local Settings\Temp\Cookies\justin@searchportal.information[1].txt
Spyware:Cookie/TargetSaver Not disinfected C:\Documents and Settings\Justin\Local Settings\Temp\Cookies\justin@targetsaver[2].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Justin\Local Settings\Temp\Cookies\justin@winfixer[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Justin\Local Settings\Temp\Cookies\justin@xmts[1].txt
Adware:Adware/Maxifiles Not disinfected C:\mc-110-12-0000228.exe
Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\data1.cab[MySetp.exe]
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\sothink\data1.cab[MySetp.exe]
Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\SourceTec\Sothink DHTMLMenu\MySearch\MySetp.exe
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\RECYCLER\S-1-5-21-1344734455-1439202154-709122288-1266\Dc2568.exe
Adware:Adware/Deskwizz Not disinfected C:\WINDOWS\system32\ad.html
Virus:Trj/Qhost.gen Disinfected C:\WINDOWS\system32\drivers\etc\hosts.bak
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
breeze
Regular Member
 
Posts: 41
Joined: February 10th, 2006, 10:08 am

Unread postby breeze » February 15th, 2006, 9:19 am

Latest from HijackThis:

Logfile of HijackThis v1.99.1
Scan saved at 13:21:48, on 15/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\iNet Protector\IProtectorService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$PROVIDUSSTD\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\PGPserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\3Com\3Com OfficeConnect Wireless Utility\3Com Wireless 11g PC Card\PRISMSVR.EXE
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\Marketing Tips Messenger.exe
C:\Program Files\NETGEAR\WPN511\Utility\WPN511.exe
C:\Program Files\iNet Protector\iprotect.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\WEBPOS~1\WPSched3.exe
C:\PROGRA~1\WEBPOS~1\WPSched3.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\3Com\3Com OfficeConnect Wireless Utility\3Com Wireless 11g PC Card\Monitor.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\BT Voyager\BT Voyager Wireless\WLM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PGP Corporation\PGP for Windows XP\PGPtray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HIJACKTHIS\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DSKEY] C:\WINDOWS\system32\DsKey.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\3Com\3Com OfficeConnect Wireless Utility\3Com Wireless 11g PC Card\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Marketing Tips Messenger] C:\WINDOWS\Marketing Tips Messenger.exe
O4 - HKLM\..\Run: [AS00_WPN511] C:\Program Files\NETGEAR\WPN511\Utility\WPN511.exe -hide
O4 - HKLM\..\Run: [inetprot] "C:\Program Files\iNet Protector\iprotect.exe" tray
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [win.exe] C:\WINDOWS\system32\win.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WPSched3] "C:\PROGRA~1\WEBPOS~1\WPSched3.exe" MINIMIZE
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: 3Com Wireless 11g PC Card.lnk = C:\Program Files\3Com\3Com OfficeConnect Wireless Utility\3Com Wireless 11g PC Card\Monitor.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BT Voyager Wireless Utility.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: PGPtray.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: BT - {8D76BDB8-5A27-4E10-B492-ED32F0CF2B8A} - http://www.bt.com (file missing) (HKCU)
O9 - Extra button: Homepage - {DE23D815-3480-4D6B-BE0B-FD369AC8CF22} - http://bt.yahoo.com (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSIns ... ml350.html
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {5E0BD5F5-FF74-4436-BEBB-9B62298E2DD4} (Textinput Class) - http://www.aceflex.com/demos/aceflexb2c ... tmlctl.cab
O16 - DPF: {61F8894B-CA7F-4964-AB94-F5BC48EE79DD} (QSAPI Active WebMenu 2.0) - http://www.qsapi.com/Demos/AWM20/CAB/QS ... Menu20.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200 ... taller.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C762DC2-C685-4C5E-A179-16A42DF48735}: NameServer = 217.13.128.17,217.13.128.27
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF929751-7500-461A-A08E-4AA733344717}: NameServer = 192.168.0.2,217.13.128.17
O18 - Protocol: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\WINDOWS\system32\wowctl2.dll
O20 - Winlogon Notify: Hints - C:\WINDOWS\system32\guard.tmp (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Internet Protector System Service (InternetProtectorService) - Unknown owner - C:\Program Files\iNet Protector\IProtectorService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySQL41 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PGPserv - PGP Corporation - C:\WINDOWS\system32\PGPserv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\WINDOWS\Pointdev\VNC\WinVNC.exe" -service (file missing)
breeze
Regular Member
 
Posts: 41
Joined: February 10th, 2006, 10:08 am

Unread postby amateur » February 15th, 2006, 9:59 am

Thanks for the logs. :) I am going through them now. I'll get back to you as soon as I am finished.
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby breeze » February 15th, 2006, 10:05 am

Thank you very much Amateur, and again, sorry for the prolonged delay.

Best Regards

Breeze.
breeze
Regular Member
 
Posts: 41
Joined: February 10th, 2006, 10:08 am

Unread postby amateur » February 15th, 2006, 11:27 am

Hi Breeze,

No problem. ;) Let's continue.

Please copy/paste these instruction on a notepad and save it to your desktop for easy acces. Then print them out as well. You'll need them when you are in Safe Mode later on. Please read carefully and follow the instructions in the order they are given.

Please go to Start>Control Panel>Add/Remove Programs and remove the following programs if found:

Media Access
Viewpoint
Veiwpoint Media


==============================================

Run ATF cleaner.

==============================================

Download VX2 Cleaner Plug-in

Start Ad-Aware SE
Go to "Plug-ins"
Select the VX2 Cleaner plug-in and click "Run Plugin"
If your computer isn't infected, click "close"
[bIf your computer is infected[/b]:
Select "Clean System"
Reboot your computer

Start Ad-Aware SE
" Click on Add-ons
" Select the VX2 Cleaner plug-in and click Run Tool
" If your computer isn't infected, click Close.
OR
" If you computer is infected with VX2, a dialog box with text such as New VX2 variant found or VX2 variant 1 found will appear.
" Press Clean and a dialog box with text The first phase completed. Please reboot and perform a Smart Scan will appear.
" Reboot your computer
" Run Ad-Aware and Click on the Scan Now Button
o Choose Perform Smart System Scan
o DESELECT Search for negligible risk entries, as negligible risk entries (MRU's) are not considered to be a threat. (make it show a red X)
Click Next to begin the scan. When the scan is completed, the Performing System Scan screen will change name to Scan Complete.

Click the Next Button to get to the Scanning Results Window where more information about the objects detected during the scan is available. Click the Critical Objects Tab. In general all of the items listed will be bad. To fix all the bad critical objects, right click on one of them, click the Select All entry in the pop-up menu to mark all entries. Click Next and then OK in the dialog box to confirm the removal.
Repeat this until the VX2 Cleaner reports System clean. Press Close to exit.

Run Ad-Aware one more time and perform a Perform Full System Scan of your computer to make sure VX2 has been found and removed.

======================================================

Restart your computer in Safe Mode following my earlier instructions.

======================================================

Scan with HijackThis and put a checkmark against the following entries:

R3 - Default URLSearchHook is missing

O4 - HKLM\..\Run: [DSKEY] C:\WINDOWS\system32\DsKey.exe

O4 - HKLM\..\Run: [win.exe] C:\WINDOWS\system32\win.exe
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSIns ... ml350.html

O20 - Winlogon Notify: Hints - C:\WINDOWS\system32\guard.tmp (file missing)

O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)


Close all other browsers/windows/applications, except HijackThis, and click on "fix checked". Exit HijackThis but stay in Safe mode.

======================================================

Make sure that you can see hidden files
" Click Start
" Open My Computer
" Select the Tools menu and click Folder Options
" Select the View Tab
" Under the Hidden files and folders heading select Show hidden files and folders
" Uncheck the Hide protected operating system files (recommended) option
" Click Yes to confirm
" Click OK
======================================================

Press on Windows key and E key at the same time to bring up the Windows Explorer. Using Windows Explorer, expand, navigate, find and delete the following files and folders, if found:

C:\WINDOWS\system32\DsKey.exe
C:\WINDOWS\system32\win.exe

C:\Program Files\Media Access
C:\Program Files\View Point
C:\Program Files\View Point Media


======================================================

Still in Safe Mode, run ATF again.

======================================================

Still in Safe Mode run Ewido and save the report.

======================================================

Restart your computer in Normal Mode, and run Panda online scan.

======================================================

Rescan with HijackThis and save the report.

======================================================

Finally, post back, please:

Ewido report
Panda scan results
New HijackThis log
Last edited by amateur on February 15th, 2006, 11:44 am, edited 2 times in total.
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby breeze » February 15th, 2006, 11:41 am

Cheers,

Am going through it now.

B.
breeze
Regular Member
 
Posts: 41
Joined: February 10th, 2006, 10:08 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 497 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware