Hi! Thanks for replying. This is my second attempt to reply back. I had the same popups come up and my mouse and keyboard froze. Luckily, I was able to complete this message this time. Here are my two logs. I look forward to our next steps. Thanks again for the timely response.
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 6:42:24 PM, 3/27/2006
+ Report-Checksum: F92BD99D
+ Scan result:
HKLM\SOFTWARE\Classes\CLSID\{E1412445-4FF8-410e-8D24-F2CF86B171A4} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\DLMaxDll.DLMaxDllObj -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\DLMaxDll.DLMaxDllObj\CLSID -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\DLMaxDll.DLMaxDllObj\CurVer -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\DLMaxDll.DLMaxDllObj.1 -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control -> Adware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control\CLSID -> Adware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control\CurVer -> Adware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control.1 -> Adware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IObjSafety.DemoCtl -> Adware.MediaMotor : Cleaned with backup
HKLM\SOFTWARE\Classes\IObjSafety.DemoCtl\Clsid -> Adware.MediaMotor : Cleaned with backup
HKLM\SOFTWARE\Classes\VCCPGDATAACCESS.PgDataAccessCtrl.1 -> Adware.Delfin : Cleaned with backup
HKLM\SOFTWARE\Classes\Wbho.Band -> Adware.IEPlugin : Cleaned with backup
HKLM\SOFTWARE\Classes\Wbho.Band\CLSID -> Adware.IEPlugin : Cleaned with backup
HKLM\SOFTWARE\Classes\Wbho.Band\CurVer -> Adware.IEPlugin : Cleaned with backup
HKLM\SOFTWARE\Classes\Wbho.Band.1 -> Adware.IEPlugin : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1412445-4FF8-410e-8D24-F2CF86B171A4} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\media-motor -> Adware.MediaMotor : Cleaned with backup
HKLM\SOFTWARE\motoin -> Adware.Delfin : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick2 -> Adware.SurfSide : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick2\Internet Explorer -> Adware.SurfSide : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1412445-4FF8-410E-8D24-F2CF86B171A4} -> Adware.Generic : Cleaned with backup
HKU\S-1-5-21-4258524743-2358251293-2545204170-1008\Software\Ceres -> Adware.BetterInternet : Cleaned with backup
HKU\S-1-5-21-4258524743-2358251293-2545204170-1008\Software\DLMax -> Adware.BetterInternet : Cleaned with backup
HKU\S-1-5-21-4258524743-2358251293-2545204170-1008\Software\intexp -> Adware.IEPlugin : Cleaned with backup
HKU\S-1-5-21-4258524743-2358251293-2545204170-1008\Software\intexp\Config -> Adware.IEPlugin : Cleaned with backup
HKU\S-1-5-21-4258524743-2358251293-2545204170-1008\Software\intexp\MyFileSystem2 -> Adware.IEPlugin : Cleaned with backup
HKU\S-1-5-21-4258524743-2358251293-2545204170-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1412445-4FF8-410E-8D24-F2CF86B171A4} -> Adware.Generic : Cleaned with backup
HKU\S-1-5-21-4258524743-2358251293-2545204170-1008\Software\SurfSideKick2 -> Adware.SurfSide : Cleaned with backup
HKU\S-1-5-21-4258524743-2358251293-2545204170-1008\Software\SurfSideKick2\Internet Explorer -> Adware.SurfSide : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1412445-4FF8-410E-8D24-F2CF86B171A4} -> Adware.Generic : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.217.73.66.16 : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@abetterinternet[2].txt -> TrackingCookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@ad-logics[2].txt -> TrackingCookie.Ad-logics : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Clickhype : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Specificpop : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.X10 : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Casinolasvegas : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Clubdicecasino : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Searchingbooth : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@bfast[1].txt -> TrackingCookie.Bfast : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Counted : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Porngraph : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@casinolasvegas[1].txt -> TrackingCookie.Casinolasvegas : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@centrport[2].txt -> TrackingCookie.Centrport : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Gamingpromo : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@cliks[2].txt -> TrackingCookie.Cliks : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@clubdicecasino[1].txt -> TrackingCookie.Clubdicecasino : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@dbbsrv[1].txt -> TrackingCookie.Dbbsrv : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Wegcash : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@gamingpromo[1].txt -> TrackingCookie.Gamingpromo : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@internetfuel[1].txt -> TrackingCookie.Internetfuel : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Mx-targeting : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Top-banners : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Valuead : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@pro-market[2].txt -> TrackingCookie.Pro-market : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Wegcash : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Realtracker : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Casinotropez : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Valuead : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@sexcounter[1].txt -> TrackingCookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@specificpop[1].txt -> TrackingCookie.Specificpop : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Onestat : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@trafic[1].txt -> TrackingCookie.Trafic : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@valuead[1].txt -> TrackingCookie.Valuead : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Realtracker : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@webstat[1].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][2].txt -> TrackingCookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Epilot : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Infinite-ads : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\
[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\Brandy\Cookies\brandy@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][1].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][1].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@linksynergy[1].txt -> TrackingCookie.Linksynergy : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@paycounter[1].txt -> TrackingCookie.Paycounter : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][2].txt -> TrackingCookie.Realtracker : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][1].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@sexlist[1].txt -> TrackingCookie.Sexlist : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][1].txt -> TrackingCookie.Coremetrics : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\
[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\Brandy\Local Settings\Temp\Cookies\brandy@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Program Files\DIGStream\digstream.exe -> Not-A-Virus.Downloader.Win32.DigStream.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP730\A0026830.ocx -> Adware.DelphinMediaViewer : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP738\A0026966.exe -> Trojan.Small.ev : Cleaned with backup
C:\WINDOWS\SYSTEM32\nfomon\nfom.dll -> Adware.DelphinMediaViewer : Cleaned with backup
C:\WINDOWS\SYSTEM32\nfomon\nfomon.exe -> Adware.DelphinMediaViewer : Cleaned with backup
C:\WINDOWS\SYSTEM32\vidmon\vidmon.exe -> Adware.DelphinMediaViewer : Cleaned with backup
::Report End
Logfile of HijackThis v1.99.1
Scan saved at 8:02:25 PM, on 3/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\System32\msvcmm32.exe
C:\Program Files\USB Disk Tool\USNDISKT.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
C:\PROGRA~1\MOVIEL~1\MOVIEL~1\MOVIEL~2.EXE
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\HJT\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/mywayR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ws1.appswebse...=10292&ttid=104R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...=ie&ar=iesearchR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft...er=6&ar=msnhomeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft...=ie&ar=iesearchR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...=ie&ar=iesearchR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell4me.com/mywayR0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchasst.htmR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.r5.attbi.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RawExecAction Object - {18898424-E3AB-4BA9-8E8D-5434B1CECA75} - C:\WINDOWS\system32\awtqp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: IEListener Class - {911A1534-8E65-448E-92AE-E22D49F870C4} - C:\PAE_BHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [LoadMSvcmm] C:\WINDOWS\System32\msvcmm32.exe
O4 - HKLM\..\Run: [STOPzilla] C:\Program Files\STOPzilla!\Stopzilla.exe /autostart
O4 - HKLM\..\Run: [USB Disk Tool] C:\Program Files\USB Disk Tool\USNDISKT.EXE
O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [inmmeo] C:\DOCUME~1\Brandy\LOCALS~1\Temp\app1C93.tmp
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKCU\..\Run: [aircity] C:\WINDOWS\System32\aircity.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Dataviz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....467&clcid=0x409O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by101fd.bay10...es/MsnPUpld.cabO16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} (Snapfish File Upload ActiveX Control) -
http://www.snapfish....pfishUpload.cabO16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.h.../qdiagh.cab?326O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: awtqp - C:\WINDOWS\system32\awtqp.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Thanks!
This topic is locked
Sign In
Create Account
