Jump to content
Sign in to follow this  
Mithos Kionisu

My log

Recommended Posts

Logfile of HijackThis v1.99.1

Scan saved at 4:32:14 AM, on 11/21/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe

C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\ewido\security suite\ewidoctrl.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe

C:\WINDOWS\Explorer.EXE

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\System32\keyhook.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\ps2.exe

C:\WINDOWS\ALCMTR.EXE

C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe

C:\WINDOWS\System32\WDBtnMgr.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\igfxpers.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\MsMovies\MsMovies.exe

C:\WINDOWS\System32\winlogi.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

C:\Documents and Settings\HP_Owner\My Documents\My Downloads\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: wb - {55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC} - C:\WINDOWS\System32\nsb2E.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: IRiras Class - {95C60327-8E17-44D6-98EB-7EB70CC606DD} - C:\WINDOWS\System32\irasucwm.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe

O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [AVG7_CC] K:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] K:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe

O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto

O4 - HKLM\..\Run: [eTrust PestPatrol Active Protection] none

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [MsMovies] C:\Program Files\MsMovies\MsMovies.exe /auto

O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\ywiwkq.exe reg_run

O4 - HKLM\..\Run: [virtual-ie] winlogi.exe

O4 - HKLM\..\RunServices: [virtual-ie] winlogi.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [CMAPP] "C:\Program Files\CMAPP\Client\cmappclient.exe"

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"

O4 - HKCU\..\Run: [irassync] C:\WINDOWS\System32\irasyncd.exe

O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {0878B424-1F95-4E26-B5AB-F0D349D89650} - http://download.bargain-buddy.net/download...MARKETING11.cab

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_adult/18...e/bridge-c9.cab

O16 - DPF: {26098EA2-C95D-48EA-89B4-63C5A63BD42F} - http://www.pacimedia.com/install/pcs_0002.exe

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.apple...iTunesSetup.exe

O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.tbcode.com/ist/softwares/v4.0/ysb_regular.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1129352599921

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab

O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab

O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://winfixer.com/pages/scanner/releases/WFXScanR.cab

O18 - Filter: text/html - {6793D547-38DD-4325-B35A-F1817EDFA567} - (no file)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - K:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - K:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\rrwblkb.exe (file missing)

Edited by Mithos Kionisu

Share this post


Link to post
Share on other sites

First of all, you will need to print out this post or save a copy as a text file in Notepad so that you have a hard copy of these instructions; you can not have IE/Firefox/any browser open during the fix

 

Please download Brute Force Uninstaller.

Unzip it to it’s own folder (c:\BFU)

 

 

RIGHT-CLICK HERE and choose "Save As" (in IE it's "Save Target As") in order to download Alcra Remover. Save it in the same folder as BFU. (c:\BFU)

 

Start the Brute Force Uninstaller by double clicking BFU.exe

 

In the line scriptfile to execute copy and paste

c:\bfu\p2pnetwork.bfu

Check the box for Show log after script ends. (Both boxes will now be checked)

Press execute and let it do it’s job.

Note that there should be a progress bar when the script is executed by BFU

 

Wait for the complete script execution box to pop up and press OK.

 

Once done the log will pop up. Click SAVE and enter name (eg. bfu.txt) you must type the .txt on the end..for some reason it will NOT automatically make a txt file unless you type in .TXT

 

Press exit to leave BFU.

 

 

Next, please enable viewing of hidden files as follows:

1) Go to My Computer, and click on the "Tools" menu

2) Click "Folder options"

3) Select the "View" tab

4) Make sure "Show hidden files and folders" is selected

5) Make sure "Hide extensions for known file types" is unchecked

6) Make sure "Hide protected operating system files (recommended)" is unchecked

 

Please run HijackThis and click "Scan." Place checks next to the following entries:

[*]O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\rrwblkb.exe (file missing)

 

 

Close all browser and other windows except for HijackThis, and click "Fix Checked".

 

Next, please reboot your computer in Safe Mode by doing the following:

1) Restart your computer

2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.

3) Instead of Windows loading as normal, a menu should appear

4) Select the first option, to run Windows in Safe Mode.

 

For additional help in booting into Safe Mode, see the following site:

http://www.pchell.com/support/safemode.shtml

 

 

 

Next, delete the following folders (if they exist):

C:\Program Files\winupdates

C:\Program Files\MsMovies\

 

Also, delete the following files (if they exist):

C:\Program Files\CMAPP\Client\cmappclient.exe

C:\Program Files\CMAPP\Client\cmappclient.dll

C:\Program Files\CMAPP\cmappstub.exe

C:\WINDOWS\System32\ywiwkq.exe reg_run

 

Delete files/folder from the following directories (But not the directory itself, for example delete all files/folder IN temp; but not temp itself!)

[*]C:\Windows\Temp\

[*]C:\Documents and Settings\<Your Profile>\Local Settings\Temp\

[*]C:\Documents and Settings\<All other users Profile>\Local Settings\Temp\

[*]C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <---This will delete your internet cache--including cookies. This is recommended and strongly suggested.

[*]C:\Documents and Settings\<All other users Profile>\Local Settings\Temporary Internet Files\

[*]Empty your "Recycle Bin"

 

There are always a couple of files that you will not be able to delete..this is normal and expected

 

 

 

 

Restart your computer Please run this online virus scan: ActiveScan

  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button

    - Enter your Country

    - Enter your State/Province

    - Enter your e-mail address and click send(*NOTE it's perfectly safe to do so..You will NOT be spammed from this)

    - Select either Home User or Company

  • Click the big Scan Now button
  • If/when you get a notice that Panda wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on Local Disks to start the scan
  • When the scan completes, if anything is detected, click the See Report button, then Save Report and save it to a convenient location like your desktop.
You may have to rerun the script with BFU if CTRL_ALT_DEL is not working yet.

 

After a reboot please post

  • BFU log
  • results of Panda scan
  • new HijackThis log
in a reply to this thread

Share this post


Link to post
Share on other sites

Understand...please go ahead and post a HijackThis log here, as it will be easier for me and it will take me a little to get/go throughthe other logs. (Flakey internet connmection)

Share this post


Link to post
Share on other sites

Logfile of HijackThis v1.99.1

Scan saved at 4:26:32 PM, on 11/21/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe

C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\ewido\security suite\ewidoctrl.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe

C:\WINDOWS\Explorer.EXE

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\System32\keyhook.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\ps2.exe

C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe

C:\WINDOWS\System32\WDBtnMgr.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\igfxpers.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\MSN\MSNCoreFiles\msn.exe

C:\Documents and Settings\HP_Owner\My Documents\My Downloads\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe

O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [AVG7_CC] K:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] K:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe

O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

O4 - HKLM\..\Run: [eTrust PestPatrol Active Protection] none

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\ywiwkq.exe reg_run

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"

O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.apple...iTunesSetup.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1129352599921

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab

O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab

O18 - Filter: text/html - {6793D547-38DD-4325-B35A-F1817EDFA567} - (no file)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - K:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - K:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

Share this post


Link to post
Share on other sites

4 questtion for you.

1) Is your computer running any better

2) You ran BFU the 2nd time, correct??

3) Are you getting any errosr on start up about missing files??

4) Did the first part go smooth for you?

 

First of all, you may want to print out this post or save a copy as a text file in Notepad so that you have a hard copy of these instructions; you can not have IE/Firefox/any browser open during the fix

 

Next, please enable viewing of hidden files as follows:

1) Go to My Computer, and click on the "Tools" menu

2) Click "Folder options"

3) Select the "View" tab

4) Make sure "Show hidden files and folders" is selected

5) Make sure "Hide extensions for known file types" is unchecked

6) Make sure "Hide protected operating system files (recommended)" is unchecked

 

Please run HijackThis and click "Scan." Place checks next to the following entries:

 

O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\ywiwkq.exe reg_run

O18 - Filter: text/html - {6793D547-38DD-4325-B35A-F1817EDFA567} - (no file)

 

Close all browser and other windows except for HijackThis, and click "Fix Checked".

 

 

Next, please reboot your computer in Safe Mode by doing the following:

1) Restart your computer

2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.

3) Instead of Windows loading as normal, a menu should appear

4) Select the first option, to run Windows in Safe Mode.

 

For additional help in booting into Safe Mode, see the following site:

http://www.pchell.com/support/safemode.shtml

 

 

 

Delete the following files (if they exist):

C:\oo.exe

C:\WINDOWS\System32\ywiwkq.exe

C:\Program Files\CMMan\mfhlp.dll

C:\Program Files\CMSystem\plugin.dll

C:\Program Files\System Files\plugin.dll

C:\Documents and Settings\HP_Owner\Complete\video.exe

 

Delete files/folder from the following directories (But not the directory itself, for example delete all files/folder IN temp; but not temp itself!)

  • C:\Windows\Temp\
  • C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
  • C:\Documents and Settings\<All other users Profile>\Local Settings\Temp\
  • C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ But you will have to manually log on to all internet sites the first time you visit them again.
  • C:\Documents and Settings\<All other users Profile>\Local Settings\Temporary Internet Files\
  • Empty your "Recycle Bin"
There are always a couple of files that you will not be able to delete..this is normal and expected

 

Restart your computer, not in Safe Mode, and then Rerun HijackThis and please post a new HijackThis log in a reply to this thread.

Share this post


Link to post
Share on other sites

Logfile of HijackThis v1.99.1

Scan saved at 2:49:25 PM, on 11/22/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe

C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\ewido\security suite\ewidoctrl.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe

C:\WINDOWS\Explorer.EXE

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\System32\keyhook.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\ps2.exe

C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe

C:\WINDOWS\System32\WDBtnMgr.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\igfxpers.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\HP_Owner\My Documents\My Downloads\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe

O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [AVG7_CC] K:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] K:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe

O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

O4 - HKLM\..\Run: [eTrust PestPatrol Active Protection] none

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\ywiwkq.exe reg_run

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"

O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.apple...iTunesSetup.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1129352599921

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab

O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - K:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - K:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

 

 

 

 

 

Everything seems to be working fine excpet for:

When ever I try to run Regedit I get this error message:

Posted Image

 

And when I try to run iTunes or Quicktime nothing happens (sometimes an error message pops up for about half a second then disappears) and when I try running 3DS Max 7 I will get the loading screen but after its done loading nothing happens (the program doesnt open)

Share this post


Link to post
Share on other sites

For the First error

If your operating system is Windows XP Professional click on this link. http://homepage.ntlworld.com/spence.../XPProfiles.exe

If your operating system is Windows XP Home click on this link.

http://homepage.ntlworld.com/spence...XPHomeFiles.exe

 

As far as Itunes and Quicktime...maybe try to reinstall??..do you have a firewall set up that is blocking access for them..I know QuickTime tries to update whe you first open it.

 

BTW your log looks good Let's see if you can resolve the MS-DOS 16bit error..(above links should do it) and I'll post some info to help keep you this way.

 

 

Edit to fix links

Edited by jwbirdsong

Share this post


Link to post
Share on other sites

No, I dont think I have a firewall, I was able to use those programs before :blank:

Also, for that home edition site, I got this

the page cannot be found

The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.

Share this post


Link to post
Share on other sites

Try this while I look into it some more....

 

Go to Start>Run>command and type (or copy/paste) in the following; EXACTLY as below.

set >> c:\value.txt

Now navigate to the C drive and copt the file "value.txt" into a reply here.

Share this post


Link to post
Share on other sites

COMSPEC=C:\WINDOWS\SYSTEM32\COMMAND.COM

ALLUSERSPROFILE=C:\DOCUME~1\ALLUSE~1

APPDATA=C:\DOCUME~1\HP_Owner\APPLIC~1

CLASSPATH=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip

CLIENTNAME=Console

COMMONPROGRAMFILES=C:\PROGRA~1\COMMON~1

COMPUTERNAME=JORDANSCOMPUTER

HOMEDRIVE=C:

HOMEPATH=\Documents and Settings\HP_Owner

LOGONSERVER=\\JORDANSCOMPUTER

NUMBER_OF_PROCESSORS=2

OS=Windows_NT

PATH=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\PROGRA~1\COMMON~1\AUTODE~2\;C:\PROGRA~1\BACKBU~1\;C:

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel

PROCESSOR_LEVEL=15

PROCESSOR_REVISION=0304

PROGRAMFILES=C:\PROGRA~1

PROMPT=$P$G

QTJAVA=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip

SESSIONNAME=Console

SYSTEMDRIVE=C:

SYSTEMROOT=C:\WINDOWS

TEMP=C:\WINDOWS\TEMP

TMP=C:\WINDOWS\TEMP

USERDOMAIN=JORDANSCOMPUTER

USERNAME=HP_Owner

USERPROFILE=C:\DOCUME~1\HP_Owner

BLASTER=A220 I5 D1 P330 T3

COMSPEC=C:\WINDOWS\SYSTEM32\COMMAND.COM

ALLUSERSPROFILE=C:\DOCUME~1\ALLUSE~1

APPDATA=C:\DOCUME~1\HP_Owner\APPLIC~1

CLASSPATH=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip

COMMONPROGRAMFILES=C:\PROGRA~1\COMMON~1

COMPUTERNAME=JORDANSCOMPUTER

FP_NO_HOST_CHECK=NO

HOMEDRIVE=C:

HOMEPATH=\Documents and Settings\HP_Owner

LOGONSERVER=\\JORDANSCOMPUTER

NUMBER_OF_PROCESSORS=2

OS=Windows_NT

PATH=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\PROGRA~1\COMMON~1\AUTODE~2\;C:\PROGRA~1\BACKBU~1\;C:

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel

PROCESSOR_LEVEL=15

PROCESSOR_REVISION=0304

PROGRAMFILES=C:\PROGRA~1

PROMPT=$P$G

QTJAVA=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip

SESSIONNAME=Console

SYSTEMDRIVE=C:

SYSTEMROOT=C:\WINDOWS

TEMP=C:\WINDOWS\TEMP

TMP=C:\WINDOWS\TEMP

USERDOMAIN=JORDANSCOMPUTER

USERNAME=HP_Owner

USERPROFILE=C:\DOCUME~1\HP_Owner

BLASTER=A220 I5 D1 P330 T3

Share this post


Link to post
Share on other sites

Mithos

 

Very sorry for the problems with the forums lately....I understand you had to start a new thread and now we've lost that one.

 

Would you please post another copy of the WinPFind log that Jacee ask you to post:

 

Please Download the following tools to assist us in removing this infection!

  • Download WinPFind
    • Right Click the Zip Folder and Select "Extract All"
    • Extract it somewhere you will remember like the Desktop
    • Dont do anything with it yet!
  • Download Track qoo
    • Save it somewhere you will remember like the Desktop
Reboot into Safe Mode

Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

 

Doubleclick WinPFind.exe

  • Click "Start Scan"
  • It will scan the entire System, so please be patient!
  • Once the Scan is Complete
  • Go to the WinPFind folder
  • Locate WinPFind.txt
  • Place those results in the next post!
Reboot back to Normal Mode!

 

Double Click on "Track qoo.vbs"

 

Note - If your Antivirus has Script Blocking, you will get a Pop Up Windows asking you what to do. Allow this Entire Script to Run, its harmless!

 

Wait a few seconds and a notepad page will pop up, Copy & Paste those results and place them in the next post along with the results of WinPFind!

Share this post


Link to post
Share on other sites

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600

Internet Explorer Version: 6.0.2900.2180

 

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

 

Checking %SystemDrive% folder...

PEC2 8/8/2005 6:44:24 AM 4947968 C:\crash.txt

 

Checking %ProgramFilesDir% folder...

 

Checking %WinDir% folder...

UPX! 7/30/2005 3:04:32 PM 189859 C:\WINDOWS\dsr.exe

web-nex 12/3/2005 5:07:02 PM 1514 C:\WINDOWS\IE4 Error Log.txt

PECompact2 9/19/2005 1:43:30 PM 15851025 C:\WINDOWS\lpt$vpn.849

qoologic 9/19/2005 1:43:30 PM 15851025 C:\WINDOWS\lpt$vpn.849

SAHAgent 9/19/2005 1:43:30 PM 15851025 C:\WINDOWS\lpt$vpn.849

UPX! 3/6/2001 2:27:44 PM 52736 C:\WINDOWS\Nail.exe

PTech 12/3/2005 3:58:42 PM 5632 C:\WINDOWS\pi1_60.exe

UPX! 5/3/2005 10:44:44 AM 25157 C:\WINDOWS\RMAgentOutput.dll

UPX! 1/10/2005 3:17:24 PM 170053 C:\WINDOWS\tsc.exe

PECompact2 9/19/2005 1:43:30 PM 15851025 C:\WINDOWS\VPTNFILE.849

qoologic 9/19/2005 1:43:30 PM 15851025 C:\WINDOWS\VPTNFILE.849

SAHAgent 9/19/2005 1:43:30 PM 15851025 C:\WINDOWS\VPTNFILE.849

UPX! 2/18/2005 5:40:14 PM 1044560 C:\WINDOWS\vsapi32.dll

aspack 2/18/2005 5:40:14 PM 1044560 C:\WINDOWS\vsapi32.dll

UPX! 3/19/2003 3:22:00 AM 79360 C:\WINDOWS\yifhguudsup.exe

 

Checking %System% folder...

UPX! 11/9/2005 5:06:24 PM 150016 C:\WINDOWS\SYSTEM32\202_app13.exe

aspack 3/18/2005 4:19:58 PM 2337488 C:\WINDOWS\SYSTEM32\d3dx9_25.dll

PEC2 8/29/2002 4:00:00 AM 41397 C:\WINDOWS\SYSTEM32\dfrg.msc

PEC2 9/28/2005 1:29:14 PM 693248 C:\WINDOWS\SYSTEM32\DivX.dll

PECompact2 9/28/2005 1:29:14 PM 693248 C:\WINDOWS\SYSTEM32\DivX.dll

PTech 8/20/2004 3:56:24 PM 59914 C:\WINDOWS\SYSTEM32\igfxhcsy.lhp

PTech 7/12/2005 6:04:22 PM 520456 C:\WINDOWS\SYSTEM32\LegitCheckControl.dll

UPX! 12/3/2005 3:58:44 PM 77312 C:\WINDOWS\SYSTEM32\logl_h.exe

PECompact2 11/10/2005 9:17:18 PM 2368864 C:\WINDOWS\SYSTEM32\MRT.exe

aspack 11/10/2005 9:17:18 PM 2368864 C:\WINDOWS\SYSTEM32\MRT.exe

UPX! 4/2/2005 7:11:16 AM 60416 C:\WINDOWS\SYSTEM32\msconfig.exe

UPX! 5/14/2004 10:13:46 AM 56832 C:\WINDOWS\SYSTEM32\mwace.dll

UPX! 5/14/2004 10:13:46 AM 27136 C:\WINDOWS\SYSTEM32\mwacevb.dll

UPX! 10/1/2004 7:41:26 PM 103424 C:\WINDOWS\SYSTEM32\mwdds.dll

UPX! 3/16/2004 5:47:56 PM 49152 C:\WINDOWS\SYSTEM32\mwddsvb.dll

UPX! 9/5/2004 4:18:34 PM 158208 C:\WINDOWS\SYSTEM32\mwgfx.dll

UPX! 9/5/2004 6:21:50 PM 231424 C:\WINDOWS\SYSTEM32\mwgfx24.dll

UPX! 3/26/2004 7:29:56 PM 27648 C:\WINDOWS\SYSTEM32\mwgfxvb.dll

UPX! 3/15/2004 4:44:46 PM 47616 C:\WINDOWS\SYSTEM32\mwtwack.dll

UPX! 10/20/2005 4:53:16 PM 67584 C:\WINDOWS\SYSTEM32\nssA3.dll

aspack 8/3/2004 11:56:36 PM 708096 C:\WINDOWS\SYSTEM32\ntdll.dll

Umonitor 8/3/2004 11:56:44 PM 657920 C:\WINDOWS\SYSTEM32\rasdlg.dll

winsync 8/29/2002 4:00:00 AM 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu

 

Checking %System%\Drivers folder and sub-folders...

UPX! 11/20/2005 12:13:28 AM 726016 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys

FSG! 11/20/2005 12:13:28 AM 726016 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys

PEC2 11/20/2005 12:13:28 AM 726016 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys

aspack 11/20/2005 12:13:28 AM 726016 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys

PTech 8/3/2004 9:41:38 PM 1309184 C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys

UPX! 2/18/2005 5:43:18 PM 962672 C:\WINDOWS\SYSTEM32\drivers\VsapiNT.sys

aspack 2/18/2005 5:43:18 PM 962672 C:\WINDOWS\SYSTEM32\drivers\VsapiNT.sys

 

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts

 

 

Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...

12/3/2005 6:21:02 PM S 2048 C:\WINDOWS\bootstat.dat

11/20/2005 2:38:14 AM H 24 C:\WINDOWS\pzY5Y

12/3/2005 12:47:12 AM H 54156 C:\WINDOWS\QTFont.qfn

10/14/2005 9:05:52 PM H 0 C:\WINDOWS\inf\oem71.inf

11/25/2005 8:35:38 AM H 0 C:\WINDOWS\inf\oem73.inf

11/25/2005 9:22:32 AM RHS 286777 C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_57.cab

10/8/2005 9:52:46 AM HS 337606 C:\WINDOWS\repair\cvsmdvd.bak2

10/8/2005 9:59:32 AM HS 338039 C:\WINDOWS\repair\cvsmdvd.ini2

11/28/2005 6:25:52 AM RHS 401408 C:\WINDOWS\system32\??ool32.exe

10/5/2005 8:33:38 PM S 12849 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896424.cat

12/3/2005 6:20:56 PM H 8192 C:\WINDOWS\system32\config\default.LOG

12/3/2005 6:33:52 PM H 1024 C:\WINDOWS\system32\config\SAM.LOG

12/3/2005 6:21:04 PM H 16384 C:\WINDOWS\system32\config\SECURITY.LOG

12/3/2005 6:34:20 PM H 114688 C:\WINDOWS\system32\config\software.LOG

12/3/2005 6:21:08 PM H 1212416 C:\WINDOWS\system32\config\system.LOG

11/17/2005 3:34:36 PM H 1024 C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG

10/28/2005 5:36:48 AM HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\681f096e-7f65-47eb-a79b-b7ff7e0dd653

10/28/2005 5:36:48 AM HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred

12/3/2005 6:00:04 PM H 278 C:\WINDOWS\Tasks\A8D2888F91ED38EB.job

12/3/2005 6:00:06 PM H 278 C:\WINDOWS\Tasks\AC9C9691918B0B71.job

12/3/2005 6:20:06 PM H 6 C:\WINDOWS\Tasks\SA.DAT

 

Checking for CPL files...

Microsoft Corporation 8/3/2004 11:56:58 PM 68608 C:\WINDOWS\SYSTEM32\access.cpl

Realtek Semiconductor Corp. 5/5/2004 2:05:08 AM 309760 C:\WINDOWS\SYSTEM32\ALSNDMGR.CPL

Microsoft Corporation 8/3/2004 11:56:58 PM 549888 C:\WINDOWS\SYSTEM32\appwiz.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 135168 C:\WINDOWS\SYSTEM32\desk.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 80384 C:\WINDOWS\SYSTEM32\firewall.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 155136 C:\WINDOWS\SYSTEM32\hdwwiz.cpl

Intel Corporation 9/20/2005 9:35:12 AM 77824 C:\WINDOWS\SYSTEM32\igfxcpl.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 358400 C:\WINDOWS\SYSTEM32\inetcpl.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 129536 C:\WINDOWS\SYSTEM32\intl.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 380416 C:\WINDOWS\SYSTEM32\irprops.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 68608 C:\WINDOWS\SYSTEM32\joy.cpl

Sun Microsystems 12/21/2004 9:05:34 PM 61555 C:\WINDOWS\SYSTEM32\jpicpl32.cpl

Microsoft Corporation 8/29/2002 4:00:00 AM 187904 C:\WINDOWS\SYSTEM32\main.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 618496 C:\WINDOWS\SYSTEM32\mmsys.cpl

Microsoft Corporation 8/29/2002 4:00:00 AM 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 114688 C:\WINDOWS\SYSTEM32\powercfg.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 298496 C:\WINDOWS\SYSTEM32\sysdm.cpl

Microsoft Corporation 8/29/2002 4:00:00 AM 28160 C:\WINDOWS\SYSTEM32\telephon.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 94208 C:\WINDOWS\SYSTEM32\timedate.cpl

Microsoft Corporation 8/3/2004 11:56:58 PM 148480 C:\WINDOWS\SYSTEM32\wscui.cpl

Microsoft Corporation 5/26/2005 3:16:30 AM 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl

Microsoft Corporation 8/29/2002 4:00:00 AM 187904 C:\WINDOWS\SYSTEM32\dllcache\main.cpl

Microsoft Corporation 8/29/2002 4:00:00 AM 35840 C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl

Microsoft Corporation 8/29/2002 4:00:00 AM 28160 C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl

Intel Corporation 6/6/2004 6:43:28 PM 94208 C:\WINDOWS\SYSTEM32\ReinstallBackups\0002\DriverFiles\igfxcpl.cpl

Intel Corporation 8/20/2004 3:53:06 PM 94208 C:\WINDOWS\SYSTEM32\ReinstallBackups\0022\DriverFiles\igfxcpl.cpl

Realtek Semiconductor Corp. 5/5/2004 2:05:08 AM 309760 C:\WINDOWS\SYSTEM32\ReinstallBackups\0024\DriverFiles\ALSNDMGR.CPL

Intel Corporation 9/20/2005 9:35:12 AM 77824 C:\WINDOWS\SYSTEM32\ReinstallBackups\0025\DriverFiles\igfxcpl.cpl

 

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

 

Checking files in %ALLUSERSPROFILE%\Startup folder...

12/21/2004 8:25:56 PM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini

12/3/2005 3:58:38 PM 91648 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dnkn.exe

12/3/2005 1:24:40 PM 227328 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\pxhx.exe

 

Checking files in %ALLUSERSPROFILE%\Application Data folder...

12/21/2004 12:18:54 PM HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini

7/31/2005 10:19:14 PM 2138 C:\Documents and Settings\All Users\Application Data\hpzinstall.log

10/19/2005 2:38:04 PM 1755 C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

 

Checking files in %USERPROFILE%\Startup folder...

12/21/2004 8:25:56 PM HS 84 C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\desktop.ini

 

Checking files in %USERPROFILE%\Application Data folder...

12/21/2004 12:18:54 PM HS 62 C:\Documents and Settings\HP_Owner\Application Data\desktop.ini

11/3/2005 7:30:12 AM 157 C:\Documents and Settings\HP_Owner\Application Data\ntl.ini

11/3/2005 7:29:56 AM 2219 C:\Documents and Settings\HP_Owner\Application Data\ntl.nws

 

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]

SV1 =

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

 

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\AVG7 Shell Extension

{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = K:\Program Files\Grisoft\AVG Free\avgse.dll

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\gfnfqsqk

{3af9e240-8136-45bb-802b-c1f3c3ee403a} = C:\WINDOWS\System32\gfefl.dll

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files

{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With

{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu

{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR

{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{48F45200-91E6-11CE-8A4F-0080C81A28D4}

= C:\Program Files\Trend Micro\Internet Security 2005\Tmdshell.dll

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}

Start Menu Pin = %SystemRoot%\system32\SHELL32.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG7 Shell Extension

{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = K:\Program Files\Grisoft\AVG Free\avgse.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR

{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\{48F45200-91E6-11CE-8A4F-0080C81A28D4}

= C:\Program Files\Trend Micro\Internet Security 2005\Tmdshell.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu

{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files

{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing

{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR

{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}

= %SystemRoot%\system32\SHELL32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}

= %SystemRoot%\system32\SHELL32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}

= %SystemRoot%\system32\SHELL32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}

= %SystemRoot%\system32\SHELL32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}

= C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

 

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0000CC75-ACF3-4cac-A0A9-DD3868E06852}

DAPHelper Class = C:\Program Files\DAP\DAPBHO.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6}

CControl Object = C:\Program Files\E2G\IeBHOs.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{392BAF48-A26A-45B5-9263-97128E429268}

ngsh35.clsIS = C:\WINDOWS\system32\ngsh35.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4006DCA3-433D-4FC8-AC36-42DA7797DCB7}

ts = C:\WINDOWS\system32\bho.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}

ST = C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}

MSNToolBandBHO = C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC181A4C-AEA9-AE2D-89DD-A728E1543AC1}

= C:\WINDOWS\system32\qrkgs.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}

&Tip of the Day = %SystemRoot%\System32\shdocvw.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} = HP view : c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

= :

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = MSN : C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

{62999427-33FC-4baf-9C9C-BCE6BD127F08} = DAP Bar : C:\Program Files\DAP\DAPIEBar.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9E248641-0E24-4DDB-9A1F-705087832AD6}

MenuText = Java :

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}

ButtonText = Messenger : C:\Program Files\Messenger\msmsgs.exe

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}

=

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}

File Search Explorer Band = %SystemRoot%\system32\SHELL32.dll

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}

Explorer Band = %SystemRoot%\System32\shdocvw.dll

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser

{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} = HP view : c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser

{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} = HP view : c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll

{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll

{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = :

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = MSN : C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

{40D41A8B-D79B-43D7-99A7-9EE0F344C385} = AIM Search : C:\Program Files\AIM Toolbar\AIMBar.dll

Share this post


Link to post
Share on other sites

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

hpsysdrv c:\windows\system\hpsysdrv.exe

HPHUPD06 c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

Recguard C:\WINDOWS\SMINST\RECGUARD.EXE

VTTimer VTTimer.exe

SiS Windows KeyHook C:\WINDOWS\System32\keyhook.exe

SiSUSBRG C:\WINDOWS\SiSUSBrg.exe

AGRSMMSG AGRSMMSG.exe

SoundMan SOUNDMAN.EXE

PS2 C:\WINDOWS\system32\ps2.exe

AlcWzrd ALCWZRD.EXE

ANIWZCSService C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

D-Link AirPlus Xtreme G C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe

LogonStudio "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM

WD Button Manager WDBtnMgr.exe

AVG7_CC K:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

AVG7_EMC K:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

MimBoot C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe

MMTray "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

eTrust PestPatrol Active Protection none

igfxtray C:\WINDOWS\System32\igfxtray.exe

igfxhkcmd C:\WINDOWS\System32\hkcmd.exe

igfxpers C:\WINDOWS\System32\igfxpers.exe

TkBellExe "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

winsync C:\WINDOWS\system32\klgldx.exe reg_run

UserFaultCheck %systemroot%\system32\dumprep 0 -u

sms_msn C:\WINDOWS\system32\sms_msn.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

ctfmon.exe C:\WINDOWS\system32\ctfmon.exe

msnmsgr "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

PopUpStopperFreeEdition "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"

MSMSGS "C:\Program Files\Messenger\MSMSGS.EXE" /background

Notn "C:\Program Files\apsi\wtta.exe" -vt yazb

logl_h C:\WINDOWS\system32\logl_h.exe

Eaxidur C:\WINDOWS\system32\??ool32.exe

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

logl_h C:\WINDOWS\system32\logl_h.exe

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk

path C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

backup C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

location Common Startup

command C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE

item Adobe Gamma Loader

path C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

backup C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

location Common Startup

command C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE

item Adobe Gamma Loader

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk

path C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

backup C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

location Common Startup

command C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE

item Adobe Reader Speed Launch

path C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

backup C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

location Common Startup

command C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE

item Adobe Reader Speed Launch

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk

path C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

location Common Startup

command C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe

item HP Digital Imaging Monitor

path C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

location Common Startup

command C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe

item HP Digital Imaging Monitor

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DownloadAccelerator

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item DAP

hkey HKLM

command C:\PROGRA~1\DAP\DAP.EXE /STARTUP

inimapping 0

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item DAP

hkey HKLM

command C:\PROGRA~1\DAP\DAP.EXE /STARTUP

inimapping 0

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Component Manager

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item hpcmpmgr

hkey HKLM

command "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

inimapping 0

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item hpcmpmgr

hkey HKLM

command "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

inimapping 0

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item iTunesHelper

hkey HKLM

command "C:\Program Files\iTunes\iTunesHelper.exe"

inimapping 0

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item iTunesHelper

hkey HKLM

command "C:\Program Files\iTunes\iTunesHelper.exe"

inimapping 0

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\pccguide.exe

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item pccguide

hkey HKLM

command "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"

inimapping 0

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item pccguide

hkey HKLM

command "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"

inimapping 0

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item qttask

hkey HKLM

command "C:\Program Files\QuickTime\qttask.exe" -atboottime

inimapping 0

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item qttask

hkey HKLM

command "C:\Program Files\QuickTime\qttask.exe" -atboottime

inimapping 0

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item jusched

hkey HKLM

command C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

inimapping 0

key SOFTWARE\Microsoft\Windows\CurrentVersion\Run

item jusched

hkey HKLM

command C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

inimapping 0

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state

system.ini 0

win.ini 0

bootini 0

services 0

startup 2

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

NoCDBurning 0

LinkResolveIgnoreLinkInfo 0

NoResolveSearch 1

 

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum

{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL

{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =

{0DF44EAA-FF21-4412-828E-260A8728E7F1} =

 

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system

dontdisplaylastusername 0

legalnoticecaption

legalnoticetext

shutdownwithoutlogon 1

undockwithoutlogon 1

DisableRegistryTools 0

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

NoDriveTypeAutoRun 145

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

logl_h C:\WINDOWS\system32\logl_h.exe

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

DisableRegistryTools 0

NoDispAppearancePage 0

NoDispBackgroundPage 0

DisableTaskMgr 0

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll

CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll

WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll

SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

UserInit = C:\WINDOWS\system32\userinit.exe,

Shell = Explorer.exe

System =

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain

= crypt32.dll

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet

= cryptnet.dll

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll

= cscdll.dll

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui

= igfxdev.dll

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp

= wlnotify.dll

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule

= wlnotify.dll

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy

= sclgntfy.dll

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn

= WlNotify.dll

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv

= wlnotify.dll

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB

= C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon

= wlnotify.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path

Debugger = ntsd -d

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

AppInit_DLLs wbsys.dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Share this post


Link to post
Share on other sites

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"

"HPHUPD06"="c:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphupd06.exe"

"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"

"VTTimer"="VTTimer.exe"

"SiS Windows KeyHook"="C:\\WINDOWS\\System32\\keyhook.exe"

"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"

"AGRSMMSG"="AGRSMMSG.exe"

"SoundMan"="SOUNDMAN.EXE"

"PS2"="C:\\WINDOWS\\system32\\ps2.exe"

"AlcWzrd"="ALCWZRD.EXE"

"ANIWZCSService"="C:\\Program Files\\Alpha Networks\\ANIWZCS Service\\WZCSLDR.exe"

"D-Link AirPlus Xtreme G"="C:\\Program Files\\D-Link\\AirPlus Xtreme G\\AirPlusCFG.exe"

"LogonStudio"="\"C:\\Program Files\\WinCustomize\\LogonStudio\\logonstudio.exe\" /RANDOM"

"WD Button Manager"="WDBtnMgr.exe"

"AVG7_CC"="K:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"

"AVG7_EMC"="K:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgemc.exe"

"MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~2\\mimboot.exe"

"MMTray"="\"C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe\""

"eTrust PestPatrol Active Protection"="none"

"igfxtray"="C:\\WINDOWS\\System32\\igfxtray.exe"

"igfxhkcmd"="C:\\WINDOWS\\System32\\hkcmd.exe"

"igfxpers"="C:\\WINDOWS\\System32\\igfxpers.exe"

"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"

"winsync"="C:\\WINDOWS\\system32\\ywiwkq.exe reg_run"

"UserFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,\

6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,75,00

"sms_msn"="C:\\WINDOWS\\system32\\sms_msn.exe"

 

-----------------

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers

 

 

Subkey --- AVG7 Shell Extension

{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}

K:\Program Files\Grisoft\AVG Free\avgse.dll

 

Subkey --- gfnfqsqk

{3af9e240-8136-45bb-802b-c1f3c3ee403a}

C:\WINDOWS\System32\gfefl.dll

 

Subkey --- Offline Files

{750fdf0e-2a26-11d1-a3ea-080036587f03}

C:\WINDOWS\System32\cscui.dll

 

Subkey --- Open With

{09799AFB-AD67-11d1-ABCD-00C04FC30936}

C:\WINDOWS\system32\SHELL32.dll

 

Subkey --- Open With EncryptionMenu

{A470F8CF-A1E8-4f65-8335-227475AA5C46}

C:\WINDOWS\system32\SHELL32.dll

 

Subkey --- WinRAR

{B41DB860-8EE4-11D2-9906-E49FADC173CA}

C:\Program Files\WinRAR\rarext.dll

 

Subkey --- {48F45200-91E6-11CE-8A4F-0080C81A28D4}

 

C:\Program Files\Trend Micro\Internet Security 2005\Tmdshell.dll

 

Subkey --- {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}

Start Menu Pin

C:\WINDOWS\system32\SHELL32.dll

 

=====================

 

HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers

 

 

Subkey --- {0D2E74C4-3C34-11d2-A27E-00C04FC30871}

C:\WINDOWS\system32\SHELL32.dll

 

Subkey --- {24F14F01-7B1C-11d1-838f-0000F80461CF}

C:\WINDOWS\system32\SHELL32.dll

 

Subkey --- {24F14F02-7B1C-11d1-838f-0000F80461CF}

C:\WINDOWS\system32\SHELL32.dll

 

Subkey --- {66742402-F9B9-11D1-A202-0000F81FEDEE}

C:\WINDOWS\system32\SHELL32.dll

 

Subkey --- {F9DB5320-233E-11D1-9F84-707F02C10627}

C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

 

==============================

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

 

desktop.ini

pxhx.exe

==============================

C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup

 

desktop.ini

pxhx.exe

desktop.ini

==============================

C:\WINDOWS\system32 cpl files

 

 

access.cpl Microsoft Corporation

ALSNDMGR.CPL Realtek Semiconductor Corp.

appwiz.cpl Microsoft Corporation

bthprops.cpl Microsoft Corporation

desk.cpl Microsoft Corporation

firewall.cpl Microsoft Corporation

hdwwiz.cpl Microsoft Corporation

igfxcpl.cpl Intel Corporation

inetcpl.cpl Microsoft Corporation

intl.cpl Microsoft Corporation

irprops.cpl Microsoft Corporation

joy.cpl Microsoft Corporation

jpicpl32.cpl Sun Microsystems

main.cpl Microsoft Corporation

mmsys.cpl Microsoft Corporation

ncpa.cpl Microsoft Corporation

netsetup.cpl Microsoft Corporation

nusrmgr.cpl Microsoft Corporation

odbccp32.cpl Microsoft Corporation

powercfg.cpl Microsoft Corporation

sysdm.cpl Microsoft Corporation

telephon.cpl Microsoft Corporation

timedate.cpl Microsoft Corporation

wscui.cpl Microsoft Corporation

wuaucpl.cpl Microsoft Corporation

Share this post


Link to post
Share on other sites

BEFORE BEGINNING, Please read completely through the instructions below and download the files from the links provided. You may want to save or print out these instructions for easier reference.

 

First, download Ewido Security Suite.

 

Next, download Lavasoft's Ad-Aware and the VX2 Cleaner Plug-in. Install Ad-Aware using the default options, then install vx2cleaner_inst.exe, taking all the defaults there as well.

 

Run Ad-Aware, update to the latest definitions, then click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK", then, if something is found, click "Clean" as in the directions given. Click "Close", and exit Ad-Aware.

 

Reboot your PC and run Ad-Aware again. This time, click on the Start button in Ad-Aware, select "Perform smart system scan" and click Next. Once the scan finishes, click "Next" again. Select all objects found (right click anywhere in the list of found objects and click "Select All Objects"). Click "Next" one more time, then "OK" to confirm the removal.

 

You will be prompted to set Ad-Aware to run on reboot, click "OK". Exit Ad-Aware and restart your PC once again.

 

When Ad-Aware starts up, click on "Start", then "Next". Follow the steps above if anything is found, or click "Finish", then exit Ad-Aware.

 

For a final cleanup, please install and run Ewido.

  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • From the main ewido screen, click on update in the left menu, then click the Start update button.
  • After the update finishes (the status bar at the bottom will display "Update successful")
  • Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
  • If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.
  • When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.
Please finish up by rebooting your system once more, and posting a new HijackThis log and the log from the Ewido scan.

Share this post


Link to post
Share on other sites

Logfile of HijackThis v1.99.1

Scan saved at 8:30:59 PM, on 12/4/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe

C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\ewido\security suite\ewidoctrl.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\System32\keyhook.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\ps2.exe

C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe

C:\WINDOWS\system32\WDBtnMgr.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

K:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\igfxpers.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\sms_msn.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

C:\Program Files\apsi\wtta.exe

C:\WINDOWS\system32\logl_h.exe

C:\WINDOWS\system32\??ool32.exe

C:\WINDOWS\system32\logl_h.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe

C:\WINDOWS\system32\l_h_32.exe

C:\Documents and Settings\HP_Owner\My Documents\My Downloads\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...lion&pf=desktop

R3 - Default URLSearchHook is missing

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\Program Files\E2G\IeBHOs.dll

O2 - BHO: ngsh35.clsIS - {392BAF48-A26A-45B5-9263-97128E429268} - C:\WINDOWS\system32\ngsh35.dll (file missing)

O2 - BHO: wb - {55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC} - C:\WINDOWS\system32\nsa4A.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

O2 - BHO: (no name) - {DC181A4C-AEA9-AE2D-89DD-A728E1543AC1} - C:\WINDOWS\system32\qrkgs.dll

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll

O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] C:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe

O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [AVG7_CC] K:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] K:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe

O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

O4 - HKLM\..\Run: [eTrust PestPatrol Active Protection] none

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u

O4 - HKLM\..\Run: [sms_msn] C:\WINDOWS\system32\sms_msn.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\ywiwkq.exe reg_run

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background

O4 - HKCU\..\Run: [Notn] "C:\Program Files\apsi\wtta.exe" -vt yazb

O4 - HKCU\..\Run: [logl_h] C:\WINDOWS\system32\logl_h.exe

O4 - HKCU\..\Run: [Eaxidur] C:\WINDOWS\system32\??ool32.exe

O4 - HKCU\..\RunOnce: [logl_h] C:\WINDOWS\system32\logl_h.exe

O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)

O9 - Extra 'Tools' menuitem: Java - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: *.elitemediagroup.net

O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)

O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendowifi.com/troubleshooting/usbaptest.cab

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.apple...iTunesSetup.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1129352599921

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1132909071296

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} (elitectl.DemoCtl) - http://cabs.elitemediagroup.net/cabs/mediaview.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab

O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - K:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - K:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

Share this post


Link to post
Share on other sites

---------------------------------------------------------

ewido security suite - Scan report

---------------------------------------------------------

 

+ Created on: 8:09:15 PM, 12/4/2005

+ Report-Checksum: 7C4978A0

 

+ Scan result:

 

HKLM\SOFTWARE\Classes\CLSID\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup

HKLM\SOFTWARE\Classes\IeBHOs.Control -> Spyware.E2G : Cleaned with backup

HKLM\SOFTWARE\Classes\IeBHOs.Control\CLSID -> Spyware.E2G : Cleaned with backup

HKLM\SOFTWARE\Classes\IeBHOs.Control\CLSID\\ -> Spyware.E2Give : Cleaned with backup

HKLM\SOFTWARE\Classes\IeBHOs.Control\CurVer -> Spyware.E2G : Cleaned with backup

HKLM\SOFTWARE\Classes\IeBHOs.Control.1 -> Spyware.E2G : Cleaned with backup

HKLM\SOFTWARE\Classes\IeBHOs.Control.1\CLSID\\ -> Spyware.E2Give : Cleaned with backup

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup

HKU\S-1-5-21-2942837424-2029783106-3238098085-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup

[640] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Cleaned with backup

[664] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[708] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[720] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[908] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[992] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1084] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1136] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1272] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1388] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1492] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1508] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1536] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1572] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1620] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1648] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1684] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1772] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1824] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1876] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[1984] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[564] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[2264] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3276] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3344] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3444] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3616] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3704] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3728] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3756] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3764] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3780] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3804] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3824] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3852] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3872] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[4012] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[4048] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[4068] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[988] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[2028] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[2340] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[2612] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[2636] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[2724] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[2752] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[2936] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[936] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3152] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[524] C:\WINDOWS\system32\l_h_32.exe -> TrojanSpy.Agent.gk : Cleaned with backup

[2548] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3108] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

[3476] C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Error during cleaning

:mozilla.6:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup

:mozilla.7:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup

:mozilla.8:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup

:mozilla.9:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup

:mozilla.10:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup

:mozilla.32:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup

:mozilla.35:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup

:mozilla.38:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.39:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.40:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.41:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.42:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.43:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.44:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.45:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.46:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.47:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.48:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.49:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.50:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.51:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.52:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.53:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.54:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.55:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.56:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.57:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.58:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.59:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.60:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.61:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.62:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.63:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.64:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.65:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.66:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.67:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.68:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.70:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

:mozilla.71:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

:mozilla.72:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

:mozilla.73:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

:mozilla.74:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

:mozilla.75:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup

:mozilla.76:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Atdmt : Cleaned with backup

:mozilla.77:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Atdmt : Cleaned with backup

:mozilla.82:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.83:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup

:mozilla.84:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup

:mozilla.85:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup

:mozilla.86:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup

:mozilla.87:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Specificclick : Cleaned with backup

:mozilla.88:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.89:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.91:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.108:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Sexlist : Cleaned with backup

:mozilla.110:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Sexlist : Cleaned with backup

Share this post


Link to post
Share on other sites

:mozilla.123:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Sextracker : Cleaned with backup

:mozilla.124:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Sextracker : Cleaned with backup

:mozilla.127:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Paycounter : Cleaned with backup

:mozilla.144:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Burstnet : Cleaned with backup

:mozilla.145:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Burstnet : Cleaned with backup

:mozilla.146:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Burstnet : Cleaned with backup

:mozilla.152:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.153:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.154:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.155:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.156:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.157:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.158:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.159:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.160:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.161:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.162:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.163:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.164:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.165:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.166:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup

:mozilla.167:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup

:mozilla.168:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup

:mozilla.169:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Ru4 : Cleaned with backup

:mozilla.171:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.172:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.173:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.174:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.176:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup

:mozilla.180:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup

:mozilla.181:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.182:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.183:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.184:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.186:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup

:mozilla.187:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup

:mozilla.188:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup

:mozilla.189:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Pointroll : Cleaned with backup

:mozilla.190:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.192:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Statcounter : Cleaned with backup

:mozilla.203:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.204:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.205:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.206:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.207:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.210:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Com : Cleaned with backup

:mozilla.211:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Com : Cleaned with backup

:mozilla.219:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup

:mozilla.238:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Dbbsrv : Cleaned with backup

:mozilla.250:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Revenue : Cleaned with backup

:mozilla.262:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Valueclick : Cleaned with backup

:mozilla.263:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Valueclick : Cleaned with backup

:mozilla.301:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Euroclick : Cleaned with backup

:mozilla.313:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.314:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.315:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.316:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.321:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Adserver : Cleaned with backup

:mozilla.322:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Adserver : Cleaned with backup

:mozilla.330:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.2o7 : Cleaned with backup

Share this post


Link to post
Share on other sites

:mozilla.340:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup

:mozilla.341:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup

:mozilla.342:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup

:mozilla.343:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Hitslink : Cleaned with backup

:mozilla.353:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Esomniture : Cleaned with backup

:mozilla.354:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Esomniture : Cleaned with backup

:mozilla.358:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Esomniture : Cleaned with backup

:mozilla.359:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Esomniture : Cleaned with backup

:mozilla.362:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup

:mozilla.363:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies-1.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup

:mozilla.16:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup

:mozilla.17:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup

:mozilla.22:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.23:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.24:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.25:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.26:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.27:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.28:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.29:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.30:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.31:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.32:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.33:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.34:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.35:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.36:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.37:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.38:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.39:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.40:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.41:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.42:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.43:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.44:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.45:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.46:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.47:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.48:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.49:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.50:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.51:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.52:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup

:mozilla.57:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.58:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.59:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.60:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.61:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt ->

Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.87:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup

:mozilla.91:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup

:mozilla.99:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.100:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.101:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.102:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.103:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.104:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.105:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

:mozilla.115:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup

:mozilla.116:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup

:mozilla.118:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup

:mozilla.119:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup

:mozilla.135:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup

:mozilla.136:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup

:mozilla.142:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.143:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.144:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.145:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.146:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.156:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup

:mozilla.157:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup

:mozilla.158:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup

:mozilla.160:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

:mozilla.161:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

:mozilla.162:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

:mozilla.163:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

:mozilla.164:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup

:mozilla.165:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup

:mozilla.166:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup

:mozilla.167:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup

:mozilla.168:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt ->

Share this post


Link to post
Share on other sites

Spyware.Cookie.Adserver : Cleaned with backup

:mozilla.173:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.174:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.175:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.176:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.177:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.179:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.180:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.181:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.182:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup

:mozilla.183:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup

:mozilla.184:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup

:mozilla.185:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup

:mozilla.186:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup

:mozilla.197:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup

:mozilla.198:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup

:mozilla.204:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup

:mozilla.220:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup

:mozilla.221:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup

:mozilla.222:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup

:mozilla.223:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup

:mozilla.233:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.234:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.235:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.236:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.237:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.238:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.239:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.240:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup

:mozilla.257:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.258:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.259:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.260:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.261:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.262:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup

:mozilla.265:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup

:mozilla.266:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup

:mozilla.267:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup

:mozilla.268:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup

:mozilla.270:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup

:mozilla.271:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup

:mozilla.287:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup

:mozilla.300:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Hypertracker : Cleaned with backup

:mozilla.308:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup

:mozilla.309:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup

:mozilla.311:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup

:mozilla.312:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup

:mozilla.313:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup

:mozilla.314:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup

:mozilla.315:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup

:mozilla.330:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.331:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.332:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.333:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.334:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.336:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.344:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup

:mozilla.355:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup

:mozilla.356:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup

:mozilla.357:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup

:mozilla.358:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup

:mozilla.372:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup

:mozilla.376:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup

:mozilla.385:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup

:mozilla.386:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup

:mozilla.387:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup

:mozilla.388:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup

:mozilla.389:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup

:mozilla.408:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.409:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.410:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.411:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup

:mozilla.414:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup

:mozilla.417:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup

:mozilla.418:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.419:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt ->

Share this post


Link to post
Share on other sites

Spyware.Cookie.Webtrendslive : Cleaned with backup

:mozilla.420:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup

:mozilla.426:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup

:mozilla.433:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup

:mozilla.434:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup

:mozilla.437:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup

:mozilla.468:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup

:mozilla.469:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup

:mozilla.470:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup

:mozilla.471:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup

:mozilla.499:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup

:mozilla.500:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup

:mozilla.510:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup

:mozilla.520:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup

:mozilla.533:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup

:mozilla.546:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Dbbsrv : Cleaned with backup

:mozilla.580:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup

:mozilla.600:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup

:mozilla.601:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup

:mozilla.602:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup

:mozilla.603:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup

:mozilla.606:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup

:mozilla.607:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup

:mozilla.611:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup

:mozilla.612:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup

:mozilla.614:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\36jva740.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup

:mozilla.9:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Profiles\default\id6gkp0j.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup

:mozilla.10:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Profiles\default\id6gkp0j.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

:mozilla.11:C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Profiles\default\id6gkp0j.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup

C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup

C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Paypopup : Cleaned with backup

C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup

C:\Documents and Settings\HP_Owner\Local Settings\Temp\ei.exe -> TrojanDownloader.Small.bgl : Cleaned with backup

C:\Documents and Settings\HP_Owner\Local Settings\Temp\f9603406.exe -> TrojanDownloader.Qoologic.ac : Cleaned with backup

C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\OZKJURGJ\mm[1].js -> Spyware.Chitika : Cleaned with backup

C:\Program Files\asys\VFX8.0-1.exe -> TrojanDropper.Agent.ym : Cleaned with backup

C:\Program Files\SurfAccuracy -> Adware.SurfAccuracy : Cleaned with backup

C:\WINDOWS\system32\l_h_32.dll -> TrojanSpy.Agent.gk : Cleaned with backup

C:\WINDOWS\system32\l_h_32.exe -> TrojanSpy.Agent.gk : Cleaned with backup

C:\WINDOWS\system32\qpapv.dat -> TrojanDownloader.Qoologic.ai : Cleaned with backup

 

 

::Report End

Share this post


Link to post
Share on other sites

I'll get you a reply posted soon,, I just got home from work so after I eat I'll work you up a reply..Can you answer a question while you are waiting...when you ran the first part of the AdAware speech in above post....the VX2 plugin/addon; do you recall what if any type of msg you got? It just doesn't seem to have done what I expected and was wondering if you got an error or something??..There are other means to do the same I was just curious

Share this post


Link to post
Share on other sites
Sign in to follow this  

×
×
  • Create New...