Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Wierd Stuff

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Wierd Stuff

Unread postby jush » July 2nd, 2006, 6:50 am

Hi, Our PC keeps switching itself off, locking and even switched itself back on again from standby. Have tried running spybot, which freezes at 'Hippy Notify', Adaware, that freezes when was 'Scanning the browser cache', have also tried TrojanHunter which doesnt find anything wrong...
Any thoughts?
Cheers Rich & Jus

here is the HijackThis output:
Logfile of HijackThis v1.99.1
Scan saved at 11:10:39, on 02/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
C:\WINDOWS\SM1BG.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\USR WLAN\USR 22Mbps WLAN Adapter\USRWLAN.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\blueyonder IST\bin\mpbtn.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeserve.co.uk
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-040BCAF82AD6} - C:\WINDOWS\Downloaded Program Files\SbCIe02a.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\RunOnce: [DELDIR0.EXE] "C:\DOCUME~1\Jus\LOCALS~1\Temp\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Guardian\"
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: blueyonder Instant Support Tool.lnk = C:\Program Files\blueyonder IST\bin\matcli.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: U.S.Robotics WLAN Adapter Configuration Utility.lnk = C:\Program Files\USR WLAN\USR 22Mbps WLAN Adapter\USRWLAN.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINDOWS\Downloaded Program Files\SbCIe02a.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.co.uk
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.c ... mplete.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
jush
Active Member
 
Posts: 9
Joined: June 26th, 2006, 4:38 am
Advertisement
Register to Remove

Unread postby taffhelen » July 3rd, 2006, 7:43 am

hi my name is taff and i would be glad to help you with your log,please be patient as these logs take a while to research,i will get back to you as soon as possible

cheers
User avatar
taffhelen
Regular Member
 
Posts: 134
Joined: July 7th, 2005, 6:42 pm

Unread postby taffhelen » July 4th, 2006, 6:06 pm

hi jush sorry for the delay as an undergraduate in training i have to have my reply verified by an expert hence the delay, can`t see much wrong in your log so lets try these

We need to make sure all hidden files are showing...
  • Open "My Computer".
  • Click on "Tools" and from the drop down menu select "Folder Options".
  • Select the "View" tab.
  • Under the "Hidden files and folders" heading SELECT "Show hidden files and folders".
  • UNCHECK the "Hide file extensions for known types option".
  • UNCHECK the "Hide protected operating system files (recommended) option".
  • Click "Yes" to confirm.
  • Click "OK".




Now, please print these instructions. Then close all programs (especially your internet browser!!)

Doubleclick on HijackThis.
Then click on the button that says run a system scan
Then place a check next to the following items and click "fix"

O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-040BCAF82AD6} - C:\WINDOWS\Downloaded Program Files\SbCIe02a.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\RunOnce: [DELDIR0.EXE] "C:\DOCUME~1\Jus\LOCALS~1\Temp\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Guardian\"
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINDOWS\Downloaded Program Files\SbCIe02a.dll

this is an optional fix
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe [color=red] (resource hog ,can be started manually)



Use Explorer to navigate to and delete the following files and/or folders (if they are present):

C:\WINDOWS\Downloaded Program Files\SbCIe02a.dll
C:\DOCUME~1\Jus\LOCALS~1\Temp\DELDIR0.EXE
now open your internet browser


Delete the older versions of Java and download the newest
Please follow these steps to remove older version Java components.
  1. Close any programmes you may have running, ESPECIALLY your web browser
  2. Click Start > Control Panel.
  3. Click Add/Remove Programs.
  4. Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  5. Click the Remove or Change/Remove button.
  6. Repeat as many times as necessary to remove all versions of Java.
  7. Reboot your computer once all Java components are removed.
Then download the latest version of Java Runtime Environment, and install it to your computer.

download ewido antispyware

Ewido antispyware can be downloaded here.

After it's downloaded and installed, it should aumatically update itself; however, if it doesn't, you should do it manually. It should be set up like this...
Close ALL open Windows / Programs / Folders. Please start Ewido and run a full scan.
  • Click on Scanner
  • Click on the Settings tab.
    • Under How to act?
      Click on Recommended Action and choose Quarantine from the popup menu.
    • Under How to scan?
      All checkboxes should be ticked.
    • Under Possibly unwanted software:
      All checkboxes should be ticked.
    • Under Reports:
      Select Automatically generate report after every scan and uncheck Only if threats were found.
    • Under What to scan?
      Select Scan every file.
  • Click on the Scan tab.
  • Click on Complete System Scan to start the scan process.
  • Let the program scan the machine.
  • When the scan has finished:
    • Make sure that Set all elements to: shows Quarantine (1), if not click on the link and choose Quarantine from the popup menu. (2)
    • At the bottom of the window click on the Apply all Actions button. (3)
      Image
  • When done, click the Save Scan Report button.
    • Click the Save Report as button.
    • Save the report to your Desktop.
  • Right-click the Ewido Tray Icon and select Exit. Confirm by clicking Yes.



run an online scan
Run an online virus scan called Kapersky from HERE.

1. Click on "Kapersky Online Scanner"
2. A new smaller window will pop up. Press on "Accept". After reading the contents.
3. Now Kapersky will update the anti-virus database. Let it run.
4. Click on "Next">"Scan Settings", and make sure the database is set to "extended". And check both the scan options. Then click OK.
5. Then click on "My Computer". And the scan will start.
6. Once finished, save a log as ".txt" to the desktop. And restart.


rerun hijack this

then post a new hijack log
kapersky log
and the ewido log in your next reply/reply to this post and do not start another post

cheers
User avatar
taffhelen
Regular Member
 
Posts: 134
Joined: July 7th, 2005, 6:42 pm

Unread postby jush » July 6th, 2006, 12:12 pm

Hi taff

The help is hugely appreciated (PC novice, me!) so no concerns here about needing to wait a little for a reply...

Couldn't find the two files/folders you mention just before the java instructions, but otherwise followed all the instructions in your message...however, hit the same problem with Ewido as with the other virus checkers I've used ie it stalled completely after a while and the PC froze - have to switch off at the mains to sort it out ie it won't even alt control delete out at that point. Since I've had the PC freezing problem every virus checker I've used has jammed half way through the scan, including trojan hunter (other half wrote the initial message and got it wrong when he said trojan hunter found nothing). Don't know if the details are relevant but here they are: scanned for 36 mins 33 secs, was scanning 'filesystem' when it froze, on the following: C\WINDOWS\AppPatch\acgenral.dll.

I've not done anything beyond that in your instructions since thought you might wish to know whats happened so far. Here is the hijack this log done after turning the PC off and on again:

Logfile of HijackThis v1.99.1
Scan saved at 16:51:19, on 06/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
C:\WINDOWS\SM1BG.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\blueyonder IST\bin\mpbtn.exe
C:\Program Files\USR WLAN\USR 22Mbps WLAN Adapter\USRWLAN.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeserve.co.uk
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunOnce: [DELDIR0.EXE] "C:\DOCUME~1\Jus\LOCALS~1\Temp\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Guardian\"
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: blueyonder Instant Support Tool.lnk = C:\Program Files\blueyonder IST\bin\matcli.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: U.S.Robotics WLAN Adapter Configuration Utility.lnk = C:\Program Files\USR WLAN\USR 22Mbps WLAN Adapter\USRWLAN.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.co.uk
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.c ... mplete.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe

Had a quick nosey at the above log and have spotted one of those files i couldn't see (the temp\DELDIRO one) so can have another go at tracking it down and deleting it if need be...? Thanks again for your help.

Justine
jush
Active Member
 
Posts: 9
Joined: June 26th, 2006, 4:38 am

Unread postby taffhelen » July 6th, 2006, 3:05 pm

hi jush lets carry on from here

please download crapcleaner


Download CCleaner from here to clean temp files from your computer.
  • Double click on the file to start the installation of the program.
  • Select your language and click OK, then next.
  • Read the license agreement and click I Agree.
  • Click next to use the default install location. Click Install then finish to complete installation.
  • Double click the CCleaner shortcut on the desktop to start the program.
  • On the "Windows" tab, under "Internet Explorer," uncheck "Cookies" if you do not want them deleted. (If deleted, you will likely need to reenter your passwords at all sites where a cookie is used to recognize you when you visit).
  • If you use either the Firefox or Mozilla browsers, the box to uncheck for "Cookies" is on the Applications tab, under Firefox/Mozilla.
  • Click on the "Options" icon at the left side of the window, then click on "Advanced."
    deselect "Only delete files in Windows Temp folders older than 48 hours."
  • Click on the "Cleaner" icon on the left side of the window, then click Run Cleaner to run the program.
  • Caution: It is not recommended that you use the "Issues" feature unless you are very familiar with the registry as it has been known to find legitimate items.
  • After CCleaner has completed its process, click Exit.


next we need to go into safe mode to run ewido again


Please print the instructions below.
Then reboot your computer
As soon as it starts to boot, rapidly press the f8 key.
select safe mode from the menu
If you are still unsure, see here

now scan with ewido as you did before

next we have to get an uninstall list from hijack this to see whats running on your computer


Make a uninstall list using HijackThis
To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

Image
5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.


in your next reply

post the ewido log
post the hijack uninstall list

cheers taff
User avatar
taffhelen
Regular Member
 
Posts: 134
Joined: July 7th, 2005, 6:42 pm

Re: Wierd stuff

Unread postby jush » July 7th, 2006, 2:08 pm

Hiya Taff

Followed instructions (tho didn't get rid of all the cookies)and all seemed to go smoothly this time. Here is the ewido log followed by the hijackthis list:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 09:11:51 07/07/2006

+ Scan result:



C:\Program Files\HijackThis\backups\backup-20060706-111147-726.dll -> Adware.SideStep : No action taken.
C:\WINDOWS\Downloaded Program Files\SbCIe02a.dll -> Adware.SideStep : No action taken.
:mozilla.141:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.145:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.568:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.11:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.12:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.13:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.14:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.16:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.176:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.17:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.18:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.19:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.20:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.21:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.22:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.23:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.24:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.25:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.26:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.27:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.28:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.29:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.30:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.31:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.32:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.33:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.34:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.35:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.36:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.37:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.39:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.40:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.41:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.426:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.93:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@122.2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@chicagosuntimes.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@snapfish.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.177:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.178:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.179:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.180:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@adrevolver[2].txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.573:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.574:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.71:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.72:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
:mozilla.146:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.147:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.148:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.63:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.64:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.65:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.66:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.67:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.73:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Adviva : No action taken.
:mozilla.91:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adviva : No action taken.
:mozilla.59:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.60:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Richard\Cookies\richard@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.237:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Bfast : No action taken.
:mozilla.498:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Bfast : No action taken.
:mozilla.220:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.250:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@www.burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@casalemedia[2].txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.269:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Centrport : No action taken.
:mozilla.270:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Centrport : No action taken.
:mozilla.654:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Centrport : No action taken.
:mozilla.282:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Clickbank : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@clickbank[2].txt -> TrackingCookie.Clickbank : No action taken.
:mozilla.458:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.459:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.371:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Commission-junction : No action taken.
:mozilla.372:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Commission-junction : No action taken.
:mozilla.108:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
:mozilla.132:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
:mozilla.151:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
:mozilla.414:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.43:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Richard\Cookies\richard@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.261:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.281:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.293:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.306:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.358:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.467:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.470:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.473:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.474:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.475:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.476:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.484:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.485:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.490:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.495:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@e-2dj6wflosoc5abq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@e-2dj6wgkygodpeao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@e-2dj6wgmygidpieo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@e-2dj6wjloqkdzckp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Richard\Cookies\richard@e-2dj6wfliakdjsap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Richard\Cookies\richard@e-2dj6wgkyapajilp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.119:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.216:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.138:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.292:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@as-us.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@as1.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
:mozilla.507:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.165:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.111:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.160:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.161:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.316:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.344:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.400:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.401:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.402:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.481:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.54:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.58:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.228:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.229:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.230:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.231:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.287:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.288:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.292:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.293:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitslink : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@hypertracker[1].txt -> TrackingCookie.Hypertracker : No action taken.
:mozilla.455:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.456:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.288:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.52:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : No action taken.
:mozilla.204:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.205:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Onestat : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@stat.onestat[1].txt -> TrackingCookie.Onestat : No action taken.
:mozilla.85:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.86:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@overture[2].txt -> TrackingCookie.Overture : No action taken.
:mozilla.108:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.109:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.110:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.111:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.115:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.116:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.117:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.118:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.197:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Pro-market : No action taken.
:mozilla.269:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.271:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Qksrv : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@qksrv[1].txt -> TrackingCookie.Qksrv : No action taken.
C:\Documents and Settings\Richard\Cookies\richard@qksrv[1].txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.184:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.185:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.186:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Richard\Cookies\richard@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@web4.realtracker[1].txt -> TrackingCookie.Realtracker : No action taken.
:mozilla.12:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.13:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.14:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.15:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.16:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.576:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.318:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@edge.ru4[2].txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.212:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.213:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.214:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.215:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.25:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.26:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.27:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.29:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.30:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Richard\Cookies\richard@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.378:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.494:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.561:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.581:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.584:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.585:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.577:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.233:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.236:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.237:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.238:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.239:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.240:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.241:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@statcounter[2].txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@anad.tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@anat.tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.575:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Targetnet : No action taken.
:mozilla.123:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.124:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.125:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.249:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.250:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.251:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.252:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.253:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.254:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.172:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.422:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.224:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.226:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.367:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.369:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Valueclick : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.516:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.638:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.639:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.343:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.177:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.178:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.184:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.222:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.283:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.284:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.403:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.492:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.560:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.605:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.615:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.616:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.618:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.619:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.620:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.623:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.625:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.626:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.627:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.628:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.629:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.630:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.671:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.511:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Zedo : No action taken.
C:\Documents and Settings\Jus\Cookies\jus@zedo[2].txt -> TrackingCookie.Zedo : No action taken.


::Report end


Hijackthis list:

ACDSee
Ad-Aware SE Personal
Adobe Acrobat 5.0
Adobe Reader 7.0.8
ArcSoft Panorama Maker 3
a-squared Anti-Malware 2.0
BigFix
blueyonder Instant Support Tool
Books That Work 3DLAND2 version 2.03bEUR
Books That Work Garden Encyclopedia 2 Deluxe version 3.0
CA eTrust EZ Antivirus
CCleaner (remove only)
CompuServe 2000 Version 6
Conexant SoftK56 Modem(M)
Copy Utility
Cypress USB Mass Storage Driver Installation
Easy CD Creator 5 Basic
Encyclopaedia Britannica 2005 Deluxe Edition CD-ROM
EPSON Photo Print
EPSON Smart Panel
EPSON TWAIN 5
ewido anti-spyware 4.0
Google Earth
Google Toolbar for Internet Explorer
Growing Plants Encyclopedia
HijackThis 1.99.1
iTunes
J2SE Runtime Environment 5.0 Update 7
Macromedia Shockwave Player
Microsoft Data Access Components KB870669
Microsoft Money
Microsoft Money System Pack
Microsoft Office 97, Professional Edition
Microsoft Works 6.0
Mozilla Firefox (1.0.7)
MSN Toolbar
Multimedia Keyboard Driver
Napster
Nikon FotoShare
Nikon Message Center
NVIDIA Windows 2000/XP Display Drivers
PC Coach
PictureProject
PowerDVD
QuickTime
RealPlayer
Realtek AC'97 Audio
Roxio Burn Engine
ScanToWeb
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Severn Bore Times 2002
Severn Bore Times 2003
Severn Bore Times 2004
Severn Bore Times 2005
Shockwave
SideStep
Skies Screensaver
Skype 2.0
Spybot - Search & Destroy 1.3
TextBridge Pro 8.0
Trillian
TrojanHunter 4.5
U.S.Robotics 22M Wireless LAN Adapter
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
USB Storage Adapter FX (SM1)
Viewpoint Media Player (Remove Only)
Virtual Garden
Virtual_Garden
Visual Home Deluxe version 1,1EUR
Windows Backup Utility
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WOW
Yahoo! Address AutoComplete
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Messenger Explorer Bar
Yahoo! Toolbar

Many thanks again for your time.

Justine
jush
Active Member
 
Posts: 9
Joined: June 26th, 2006, 4:38 am

Unread postby taffhelen » July 8th, 2006, 2:21 pm

hi jush
we need to run ewido again unfortunately the settings were not right,follow these actions exactly

in safe mode again

Close ALL open Windows / Programs / Folders. Please start Ewido and run a full scan.
Click on Scanner
Click on the Settings tab.
Under How to act?
Click on Recommended Action and choose Quarantine from the popup menu.
please note click on "apply all actions" before saving report

then scan again

go to start>control panel>add remove programs and delete

sidestep
viewpoint

then follow these steps
On the AOL menu bar at the top of the AOL screen, click HELP, then click ABOUT AMERICA ONLINE. Then press CTRL and D keys from your keyboard.
Then put a bullet on all the options that you will see there. And click Save.


your spybot is out of date1.3

Download Spybot - Search & Destroy 1.4. See here

1. Downloaded and Install Spybot S&D, accepting the Default Settings

2. In the Menu Bar at the top of the Spybot window you will see 'Mode'. Make certain that 'default mode' has a check mark beside it.

3. Close ALL windows except Spybot S&D

4. Click the button to ‘Search for Updates’ then download and install the Updates.

5. Next click the button ‘Check for Problems'

6. When Spybot is complete, it will be showing ‘RED’ entries bold 'Black' entries and ‘GREEN’ entries in the window

7. Make certain there is a check mark beside all of the RED entries ONLY.

8. Choose ‘Fix Selected Problems’ and allow Spybot to fix the RED entries.

9. REBOOT to complete the scan and clear memory.





post the new ewido log and a new hijack this log in your next post

cheers
User avatar
taffhelen
Regular Member
 
Posts: 134
Joined: July 7th, 2005, 6:42 pm

Re: Wierd stuff

Unread postby jush » July 9th, 2006, 7:40 am

Hi Taff

I've got problems following the ewido instructions exactly, which in retrospect I think may have been what happened last time too. Two things - firstly, I can't see how to reduce the size of the ewido window that opens when you start the program, so I lose the edge of the ewido screen including some of the tabs which isn't ideal! Secondly, when I click on the 'How to act?' tab there isn't a 'Recommended action' tab, but rather it just offers me 'Set default for detected malware to:' and then it offers 'Quarantine'. I think I asssumed last time that this must be the right option, but since I clearly got it wrong before thought I'd better pass it by you before going any further...

Thanks for your patience with this!

Justine
jush
Active Member
 
Posts: 9
Joined: June 26th, 2006, 4:38 am

Unread postby taffhelen » July 9th, 2006, 1:56 pm

hi jush thats correct set it to quarantine see pic

Image



be sure to run scan in safe mode

cheers
User avatar
taffhelen
Regular Member
 
Posts: 134
Joined: July 7th, 2005, 6:42 pm

Re:Wierd Stuff

Unread postby jush » July 10th, 2006, 7:58 am

Taff

So sorry that this is dragging on a bit...but stuck again. Firstly, Sidestep appears to be undeletable...it just doesn't go when you try to get rid of it. Is there another way rather than through 'add/remove programs' ? Secondly, where do I look for an AOL menu bar/AOL screen...? Will await further instructions before going any further. Many thanks.

Jus
jush
Active Member
 
Posts: 9
Joined: June 26th, 2006, 4:38 am

Unread postby taffhelen » July 10th, 2006, 5:22 pm

hi jush
please don`t worry about anything we will sort it out eventually for now forget about the AOL we really need to see some logs,as for SIDESTEP try going into safe mode then add/remove programsand delete it

then post

1 ewido log (safe mode)
2 kapersky log (normal)
3 new hijack this log (normal)

cheers
User avatar
taffhelen
Regular Member
 
Posts: 134
Joined: July 7th, 2005, 6:42 pm

Re:Wierd Stuff

Unread postby jush » July 11th, 2006, 4:25 am

Hiya Taff

Sidestep won't delete in safe mode either. Spybot stalled again and had to turn machine off at mains to get out. But here are the ewido and hijack logs (don't know what the Kapersky log is..?)

Ewido:
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:21:05 10/07/2006

+ Scan result:



C:\Program Files\HijackThis\backups\backup-20060706-111147-726.dll -> Adware.SideStep : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\SbCIe02a.dll -> Adware.SideStep : Cleaned with backup (quarantined).
:mozilla.141:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.145:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.577:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.107:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.108:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.109:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.111:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.176:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.22:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.23:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.27:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.28:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.29:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.30:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.32:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.33:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.34:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.35:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.37:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.38:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.39:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.39:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.40:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.40:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.41:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.41:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.42:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.43:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.93:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@chicagosuntimes.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@snapfish.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.100:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.101:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.102:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.103:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.582:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.583:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.71:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.72:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.146:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.147:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.148:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.44:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.45:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.46:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.47:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.48:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.141:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Adviva : Cleaned with backup (quarantined).
:mozilla.73:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Adviva : Cleaned with backup (quarantined).
:mozilla.59:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.9:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Richard\Cookies\richard@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.237:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
:mozilla.507:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
:mozilla.237:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
:mozilla.250:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.269:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
:mozilla.270:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
:mozilla.663:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
:mozilla.299:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@clickbank[2].txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
:mozilla.467:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.468:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.384:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Commission-junction : Cleaned with backup (quarantined).
:mozilla.385:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Commission-junction : Cleaned with backup (quarantined).
:mozilla.108:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined).
:mozilla.151:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined).
:mozilla.173:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined).
:mozilla.427:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.43:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Richard\Cookies\richard@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.261:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.281:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.310:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.323:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.371:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.476:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.479:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.482:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.483:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.484:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.485:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.493:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.494:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.499:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.504:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@e-2dj6wfloqoajigo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@e-2dj6wflosoc5abq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@e-2dj6wgkygodpeao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@e-2dj6wgmygidpieo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@e-2dj6wjloqkdzckp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\Richard\Cookies\richard@e-2dj6wfliakdjsap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\Richard\Cookies\richard@e-2dj6wgkyapajilp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.119:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.233:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
:mozilla.138:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.309:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.516:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.111:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.186:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.357:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.413:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.414:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.415:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.490:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.54:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.58:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.73:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.74:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.75:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.245:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.246:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.247:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.248:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.287:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.288:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.292:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
:mozilla.293:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned with backup (quarantined).
:mozilla.464:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.465:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.305:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.52:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup (quarantined).
:mozilla.204:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.205:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@stat.onestat[1].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.135:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.136:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.115:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.116:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.117:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.118:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.158:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.159:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.160:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.161:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.197:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup (quarantined).
:mozilla.286:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.288:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
C:\Documents and Settings\Richard\Cookies\richard@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
:mozilla.82:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.83:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.84:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Richard\Cookies\richard@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@web4.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned with backup (quarantined).
:mozilla.12:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.13:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.14:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.15:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.16:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
:mozilla.585:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
:mozilla.331:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.229:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.230:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.231:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.232:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.26:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.27:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.29:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.30:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Richard\Cookies\richard@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.391:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
:mozilla.503:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
:mozilla.570:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
:mozilla.590:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
:mozilla.593:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
:mozilla.594:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
:mozilla.586:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.250:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.253:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.254:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.255:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.256:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.257:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.258:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.584:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
:mozilla.123:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.124:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.125:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.266:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.267:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.268:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.269:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.270:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.271:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.172:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.435:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.224:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.226:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.380:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.382:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.525:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
:mozilla.647:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
:mozilla.648:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
:mozilla.356:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
:mozilla.177:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.178:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.184:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.239:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.283:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.284:C:\Documents and Settings\Jus\Application Data\Mozilla\Firefox\Profiles\default.nld\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.416:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.501:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.569:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.614:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.624:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.625:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.627:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.628:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.629:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.632:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.634:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.635:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.636:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.637:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.638:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.639:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.680:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.520:C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\default.b99\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\Jus\Cookies\jus@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).


::Report end

Hijack This:

Logfile of HijackThis v1.99.1
Scan saved at 09:19:25, on 11/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
C:\WINDOWS\SM1BG.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\USR WLAN\USR 22Mbps WLAN Adapter\USRWLAN.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\blueyonder IST\bin\mpbtn.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeserve.co.uk
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunOnce: [DELDIR0.EXE] "C:\DOCUME~1\Jus\LOCALS~1\Temp\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Guardian\"
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: blueyonder Instant Support Tool.lnk = C:\Program Files\blueyonder IST\bin\matcli.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: U.S.Robotics WLAN Adapter Configuration Utility.lnk = C:\Program Files\USR WLAN\USR 22Mbps WLAN Adapter\USRWLAN.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.co.uk
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.c ... mplete.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe

Many thanks.

Justine
jush
Active Member
 
Posts: 9
Joined: June 26th, 2006, 4:38 am

Unread postby taffhelen » July 12th, 2006, 5:06 am

hi jush
If you`re still having problems with the ewido screen being too large, you should go to the right upper corner and click on the middle icon (between the - and the X) that should resize the screen back to normal.

now we need to go back into safe mode

i would like you to try and remove these two files using hijack this uninstaller

sidestep
viewpoint

if they are there

To access the Uninstall Manager you would do the following:

Start HijackThis
Click on the Config button
Click on the Misc Tools button
Click on the Open Uninstall Manager button.
You will now be presented with a screen similar to the one below:
Image


Figure 12: HijackThis Uninstall Manager


To delete an entry simply click on the entry you would like to remove and then click on the Delete this entry button.
note do not delete any other programs
close hijack this

still in safemode try to run spybot search and destroy

reboot your computer
then go to add/remove programs and see if they have gone

let me know how you get on in next post
cheers
User avatar
taffhelen
Regular Member
 
Posts: 134
Joined: July 7th, 2005, 6:42 pm

Re:Wierd stuff

Unread postby jush » July 12th, 2006, 6:51 am

Hiya

That went fine - appears to have got rid of sidestep (deleted viewpoint yesterday) and spybot ran this time and found a few things to fix etc. I guess that now only time will tell if the problem is sorted...the PC was driving me mad switching itself off yesterday. But maybe thats a separate mechanical issue even...? No idea. Thanks again for all your help.

Justine
jush
Active Member
 
Posts: 9
Joined: June 26th, 2006, 4:38 am

Unread postby taffhelen » July 12th, 2006, 3:22 pm

hi jush
hows it running now?
just one last scan to make sure its not malware thats causing your problem,

Please RIGHT-CLICK HERE and Save As (in IE it's "Save Target As") to download Silent Runners.

  • Save it to the desktop.
  • Run Silent Runner's by doubleclicking the "Silent Runners" icon on your desktop.
  • You will see a text file appear on the desktop - it's not done, let it run (it won't appear to be doing anything!)
  • Once you receive the prompt "All Done!", double-click the new text file on the desktop, copy that entire log, and paste it here.

*NOTE* If you receive any warning message about scripts, please choose to allow the script to run.

cheers
User avatar
taffhelen
Regular Member
 
Posts: 134
Joined: July 7th, 2005, 6:42 pm
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 296 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware