Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Notbar problem with Popups...

Started by rynoos , Apr 24 2006 05:30 PM

  • Please log in to reply

#1
rynoos
Posted 24 April 2006 - 05:30 PM

rynoos

    New Member

  • Member
  • Pip
  • 6 posts
Hi,

Just moved to London and the share computer has been seriously neglected. I have downloaded Ad-aware and AVG and cleaned up some of the mess, but i am still getting pop-ups and there is a hotbar toolbar present in internet explorer... p.s SP2 had not been installed..... 7 hours later this is where I am at....

Any help is appreciated, cheers Ryan...

Below is he HJT log.....

------------------------------------------------------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 12:24:23 AM, on 4/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_05\bin\jucheck.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\D-Tools\daemon.exe
C:\program files\common files\system\mplay64.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ntl\broadband medic\bin\mpbtn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User1\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster...omeLeftPane.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://bbmedic.ntlwo...tour/bbdemo.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.7.0\HbtHostIE.dll
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.7.0\HbtHostIE.dll
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [Ldjja] C:\Program Files\Iuhbb\Amnst.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Emurayden PSX Emulator] C:\GAMES\Emurayden PSX AutoLauncher.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [MPlay64] c:\program files\common files\system\mplay64.exe /noerrorinfo
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://kl.bar.need2f...earch.html?p=KL
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movi.../altpmtscab.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1145815044623
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1145814874618
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.spam...ckerutility.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn....FreeInstall.cab
O16 - DPF: {FAF10F23-0AC1-1213-A139-0F032B2112CA} - http://uk.global-acc...dpower/nat2.exe
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spys...rcabinstall.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  • 0

Advertisements

#2
Flrman1
Posted 24 April 2006 - 07:11 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Hi rynoos

Welcome to G2G! :whistling:

* Download the trial version of Ewido Security Suite here.
  • Install ewido.
  • During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Launch ewido
  • It will prompt you to update click the OK button and it will go to the main screen
  • On the left side of the main screen click update
  • Click on Start and let it update.
  • If you cannot download the updates, update manuallly according to the directions here.
  • DO NOT run a scan yet. You will do that later in safe mode.

* Click here for info on how to boot to safe mode if you don't already know how.


* Click here to download Brute Force Uninstaller (bfu.zip) and save it to your C:\ drive.
  • Next you must unzip the bfu.zip file to its own folder on C:\ so that the path to it is C:\BFU.
  • The file path must be C:\BFU for the removal to work.
* Next download the alcanshorty.bfu script and save it to the C:\BFU folder.
  • RIGHT-CLICK HERE and choose "Save As" (in Internet Explorer it's "Save Target As") to download alcanshorty.bfu.
  • Set the "Save as type" box to "All Files".
  • Save it in the C:\BFU folder you made earlier

* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.


* Restart your computer into safe mode now. Perform the following steps in safe mode:


* Run Ewido:
  • Click on scanner
  • Click Complete System Scan and the scan will begin.
  • During the scan it will prompt you to clean files, click OK
  • When the scan is finished, look at the bottom of the screen and click the Save report button.
  • Save the report to your desktop

* Run the alcanshorty.bfu script:
  • Start the Brute Force Uninstaller by doubleclicking the BFU.exe in the C:\BFU folder.
  • In the scriptline to execute copy and paste this line:

    c:\bfu\alcanshorty.bfu

  • Press execute and let it run.
  • Wait for the complete script execution box to popup and press OK.
  • Press exit to terminate the BFU program.

* * Restart back into Windows normally now.


* Come back here and post a new HijackThis log, as well as the log from the Ewido scan.
  • 0

#3
rynoos
Posted 25 April 2006 - 11:11 AM

rynoos

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi Flrman1, thanks for looking at my issues....

I have followed your instruction above, and below are the HJT and Ewido logs.. Cheers for your help...

---------------------------------------------------------------------------------------

Ewido Log

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 5:59:03 PM, 4/24/2006
+ Report-Checksum: A7DFA59

+ Scan result:

HKLM\SOFTWARE\Altnet -> Adware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Altnet\TopSearch -> Adware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup
HKLM\SOFTWARE\Classes\Contact.Contacts -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Contact.Contacts\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Contact.Contacts\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Contact.Contacts.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Adware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Adware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Adware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Adware.Altnet : Cleaned with backup
HKLM\SOFTWARE\HbTools -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\Icons -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\Links -> Adware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\Common -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\Common\Time -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\Common\Updates -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\dynamic -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\EUI -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\init -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Install -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\links -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\options -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\PI -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg852 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg853 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg912 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg914 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg915 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg926 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\Sample\Hist\sg927 -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\updates -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HostOI -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HostOI\Updates -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HostOL -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\HostOL\Updates -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\Time -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\Time\HostIE -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\Time\HostIE\updates -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\Time\HostOI -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\Time\HostOL -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Hotbar -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Hotbar\Hotbar -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Hotbar\Hotbar\SF -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1074 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4492 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4496 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4543 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1074 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1068 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1074 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1116 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1524 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1553 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1641 -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Queue -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Status -> Adware.Cydoor : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\ShopperReports -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\ShopperReports\ShopperReports -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-436374069-1580818891-839522115-1003\Software\ShopperReports\ShopperReports\PostInstaller -> Adware.HotBar : Cleaned with backup
:mozilla.9:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.23:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.27:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.28:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.29:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.30:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.31:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.33:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.35:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.36:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.37:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.38:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.39:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.40:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.41:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.42:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.43:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.44:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.45:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.46:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.47:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.48:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.49:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.50:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.51:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.54:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.55:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.61:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.66:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.67:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.68:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.72:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.73:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.76:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.78:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.79:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.110:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.111:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.115:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.116:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.117:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.118:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.119:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.122:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.123:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.129:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.143:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup
:mozilla.144:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup
:mozilla.154:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.155:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.156:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.157:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.158:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.170:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.180:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.184:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.185:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.186:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.189:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Adviva : Cleaned with backup
:mozilla.190:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.206:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.207:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.208:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.209:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.210:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.211:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.212:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.213:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.214:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.215:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.216:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.242:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.243:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.244:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.245:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.246:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.247:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.248:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.249:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.250:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.251:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.252:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.253:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.254:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.255:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.256:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.257:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.258:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.268:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.269:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.283:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.284:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.285:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.286:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.287:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.288:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.289:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.300:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.320:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.321:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.322:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.323:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.343:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.344:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.359:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.360:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.361:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.366:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.367:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.372:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.373:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.374:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.386:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.388:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.392:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.394:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.395:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.404:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.420:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.436:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.437:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.440:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.441:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.446:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.447:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.448:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.463:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.471:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.473:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.477:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.504:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.505:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.520:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.521:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.522:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.523:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.524:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.525:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.543:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.549:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.567:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.568:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.569:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.570:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.573:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.603:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
:mozilla.614:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.615:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.616:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.617:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.621:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.622:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.623:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.624:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.637:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.638:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.639:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.640:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.641:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.666:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.670:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.674:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.684:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.686:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.709:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.710:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hypertracker : Cleaned with backup
:mozilla.711:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.717:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.721:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.735:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.736:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.756:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.757:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.775:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.788:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.828:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.832:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.864:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.868:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.869:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.870:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.871:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.872:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.879:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.881:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.892:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.900:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.908:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.916:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.917:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.925:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.941:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.942:C:\Documents and Settings\User1\Application Data\Mozilla\Firefox\Profiles\y74ljq3l.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Da
  • 0

#4
rynoos
Posted 25 April 2006 - 11:14 AM

rynoos

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\res1 -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\cs\res1\WhiteList.dbs -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Application Data\ShopperReports\shprrprt_1137637426.log -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@abetterinternet[1].txt -> TrackingCookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@cliks[2].txt -> TrackingCookie.Cliks : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@cliks[3].txt -> TrackingCookie.Cliks : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@need2find[2].txt -> TrackingCookie.Need2find : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Wegcash : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\User1\Cookies\user1@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Abcsearch : Cleaned with backup
C:\Documents and Settings\User1\Cookies\[email protected][1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\User1\Desktop\Incomplete\Preview-T-187450-_HonkyTonk_ deamon tools.rar/Setup_toolBar.exe -> Downloader.IstBar.nj : Cleaned with backup
C:\Documents and Settings\User1\Local Settings\Temp\lf_B78.tmp -> Downloader.Agent.wp : Cleaned with backup
C:\Documents and Settings\User1\Local Settings\Temp\temp.fr041D -> Adware.Altnet : Cleaned with backup
C:\Downloads\FamilyFeudSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup
C:\Program Files\HbTools\Bin\4.7.7.0\HbtGuard.exe -> Adware.HotBar : Cleaned with backup
C:\Program Files\HbTools\Bin\4.7.7.0\HbtHostIE.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\HbTools\Bin\4.7.7.0\HbtHostOE.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\HbTools\Bin\4.7.7.0\HbtInstIE.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\HbTools\Bin\4.7.7.0\HbtOEAddOn.exe -> Adware.HotBar : Cleaned with backup
C:\Program Files\HbTools\Bin\4.7.7.0\HbtSrv.exe -> Adware.HotBar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\Cml.exe -> Adware.HotBar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\Contact.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\SbAds.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\SbCoreSrv.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\SbGuard.exe -> Adware.HotBar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\SbHostIE.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\SbHostOE.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\SbInstIE.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\SbOEAddOn.exe -> Adware.Hotbar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\SbToolbar.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\SpamBlockerUtility\bin\4.7.1.0\SbWallpaper.dll -> Adware.HotBar : Cleaned with backup
C:\Program Files\TBONBin -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\TBONBin\tbon.exe -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\TBONBin\tboninst.cfg -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\TBONBin\TBONWnd.EXE -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\YourSiteBar -> Adware.YourSiteBar : Cleaned with backup
C:\Program Files\YourSiteBar\imagemap_normal.bmp -> Adware.YourSiteBar : Cleaned with backup
C:\Program Files\YourSiteBar\imagemap_over.bmp -> Adware.YourSiteBar : Cleaned with backup
C:\Program Files\YourSiteBar\version.txt -> Adware.YourSiteBar : Cleaned with backup
C:\Program Files\YourSiteBar\yoursitebar.xml -> Adware.YourSiteBar : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\HbInstIE.dll -> Adware.HotBar : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\UWFX5_0001_N53L1025NetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.f : Cleaned with backup
C:\WINDOWS\system32\gaallwtc.exe -> Adware.HotBar : Cleaned with backup


::Report End

--------------------------------------------------------------------------------------------

HJT Log

Logfile of HijackThis v1.99.1
Scan saved at 6:11:01 PM, on 4/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jucheck.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\D-Tools\daemon.exe
C:\program files\common files\system\mplay64.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ntl\broadband medic\bin\mpbtn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HiJack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster...omeLeftPane.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://bbmedic.ntlwo...tour/bbdemo.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.7.0\HbtHostIE.dll (file missing)
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.7.0\HbtHostIE.dll (file missing)
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [Ldjja] C:\Program Files\Iuhbb\Amnst.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Emurayden PSX Emulator] C:\GAMES\Emurayden PSX AutoLauncher.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [MPlay64] c:\program files\common files\system\mplay64.exe /noerrorinfo
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://kl.bar.need2f...earch.html?p=KL
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movi.../altpmtscab.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1145815044623
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1145814874618
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.spam...ckerutility.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn....FreeInstall.cab
O16 - DPF: {FAF10F23-0AC1-1213-A139-0F032B2112CA} - http://uk.global-acc...dpower/nat2.exe
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spys...rcabinstall.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  • 0

#5
Flrman1
Posted 25 April 2006 - 04:56 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
* Click here to download ATF Cleaner by Atribune and save it to your desktop.


* Click Here and download Killbox and save it to your desktop.


* Click here for info on how to boot to safe mode if you don't already know how.


* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to.



* Go to Add/Remove programs and uninstall SpySpotter 3.

Reference:

http://spywarewarrio...nti-spyware.htm



* Run Hijack This again and put a check by these. Close ALL windows except HijackThis and click "Fix checked"

O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.7.0\HbtHostIE.dll (file missing)

O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.7.0\HbtHostIE.dll (file missing)

O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H

O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup

O4 - HKLM\..\Run: [Ldjja] C:\Program Files\Iuhbb\Amnst.exe

O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto

O4 - HKLM\..\Run: [MPlay64] c:\program files\common files\system\mplay64.exe /noerrorinfo

O8 - Extra context menu item: &Search - http://kl.bar.need2f...earch.html?p=KL

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -

O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movi.../altpmtscab.cab

O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn....FreeInstall.cab

O16 - DPF: {FAF10F23-0AC1-1213-A139-0F032B2112CA} - http://uk.global-acc...dpower/nat2.exe

O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spys...rcabinstall.cab

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll


* Restart your computer into safe mode now. Perform the following steps in safe mode:


* Double-click on Killbox.exe to run it.
  • Put a tick by Standard File Kill.
  • In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time:

    C:\Program Files\HbTools

    C:\Program Files\p2pnetworks

    C:\Program Files\Iuhbb

    C:\Program Files\winupdates

    c:\program files\common files\system\mplay64.exe

    C:\Program Files\RXToolBar

  • Click on the button that has the red circle with the X in the middle after you enter each file.
  • It will ask for confimation to delete the file.
  • Click Yes.
  • Continue with that procedure until you have pasted all of these in the "Paste Full Path of File to Delete" box.
  • Killbox may tell you that one or more files do not exist.
  • If that happens, just continue on with all the files. Be sure you don't miss any.
  • Exit the Killbox.
* Run ATF Cleaner:
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.
  • If you use Firefox:
  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera:
  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
[*]Click Exit on the Main menu to close the program.
[/list]* Restart back into Windows normally now.


* Go here and do the BitDefender online virus scan.
  • Click "I Agree" to agree to the EULA.
  • Allow the ActiveX control to install when prompted.
  • Click "Click here to scan" to begin the scan.
  • Please refrain from using the computer until the scan is finished.
  • When the scan is finished, click on "Click here to export the scan results"
  • Save the report to your desktop then come back here and attach it to your next reply along with a new Hijack This log..

  • 0

#6
rynoos
Posted 27 April 2006 - 10:31 AM

rynoos

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi Flrman1,

Cheers again for your help. Below is the HJT log and I have also attached the Bitdefender report as requested....


Cheers, Ryan...


---------------------------------------------------------------------------------------------------------
HJT Log

Logfile of HijackThis v1.99.1
Scan saved at 5:28:02 PM, on 4/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\D-Tools\daemon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\ntl\broadband medic\bin\mpbtn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\HiJack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster...omeLeftPane.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://bbmedic.ntlwo...tour/bbdemo.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Emurayden PSX Emulator] C:\GAMES\Emurayden PSX AutoLauncher.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: broadband medic.lnk = C:\Program Files\ntl\broadband medic\bin\matcli.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1145815044623
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1145814874618
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.spam...ckerutility.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

--------------------------------------------------------------------------------------------------------------------

Attached Files

  • Attached File  aa.html   18.81KB   20 downloads

  • 0

#7
Flrman1
Posted 27 April 2006 - 07:40 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
* Run Hijack This again and put a check by this entry. Close ALL windows except HijackThis and click "Fix checked"

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster...omeLeftPane.htm


* Restart your computer.


* Open Hijack This and click on the "Open the Misc Tools section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here.
  • 0

#8
rynoos
Posted 28 April 2006 - 05:32 AM

rynoos

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi Flrman1.

Yet again, cheers for your help....

"Open Uninstall Manager" list is below...

----------------------------------------------------------------------------------------------------


Ad-Aware SE Personal
Adobe Reader 7.0.5
Adobe® Photoshop® Album Starter Edition 3.0
AVG Free Edition
AviSynth 2.5
broadband medic
ewido anti-malware
FastTrack Accelerator 1.2.5
Google Earth
HijackThis 1.99.1
J2SE Runtime Environment 5.0 Update 5
J2SE Runtime Environment 5.0 Update 6
Macromedia Flash Player 8
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft XML Parser and SDK
Mozilla Firefox (1.5.0.2)
MPlay64
ms1src
MSN Messenger 7.5
My DSC
Panda ActiveScan
QuickTime
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Sony Ericsson PC Suite
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
WinAce Archiver
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinZip

-------------------------------------------------------------------------------------------------------
  • 0

#9
Flrman1
Posted 28 April 2006 - 04:28 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
* Go to Add/Remove programs and uninstall these:

J2SE Runtime Environment 5.0 Update 5
MPlay64

How is the computer running now?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP