Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

D'oh! SpyFalcon still on my machine? [CLOSED]

Started by bfranci , May 25 2006 11:54 PM

  • This topic is locked This topic is locked

#1
bfranci
Posted 25 May 2006 - 11:54 PM

bfranci

    New Member

  • Member
  • Pip
  • 3 posts
I've downloaded any number of tools trying to completely get rid of this problem, but haven't had total success. Any thoughts?

Logfile of HijackThis v1.99.1
Scan saved at 7:58:45 PM, on 5/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\DOCUME~1\Brad\APPLIC~1\DOBE~1\mshta.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\W?nSxS\?xplorer.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...sario&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.h...sario&pf=laptop
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C85D40B7-8F2F-9FA9-5074-F93AF05D2797} - C:\WINDOWS\system32\tsrspma.dll (file missing)
O2 - BHO: Nothing - {f79fd28e-36ee-4989-aa61-9dd8e30a82fa} - C:\WINDOWS\system32\hp100.tmp
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [Tbsa] "C:\DOCUME~1\Brad\APPLIC~1\DOBE~1\mshta.exe" -vt yax
O4 - HKCU\..\Run: [Pgxlc] C:\Program Files\W?nSxS\?xplorer.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\samnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\samnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop
O20 - Winlogon Notify: wingdm32 - wingdm32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  • 0

Advertisements

#2
Daemon
Posted 25 May 2006 - 11:55 PM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Click here to download SmitfraudFix (by S!Ri). Extract all the files to your Destop. A folder named SmitfraudFix will be created on your Desktop.

Click here to download System Security Suite. Extract it from the zip file into a folder.

Click here to download ewido security suite - it is a trial version of the program.
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Launch ewido, there should be an icon on your desktop double-click it.
  • The program will now go to the main screen
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Then click on Start Update
The update will start and a progress bar will show the updates being installed. Do NOT run a scan yet. Exit the program.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press Enter
This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log in your next reply.

IMPORTANT: Do NOT run any other options until you are asked to do so!
  • 0

#3
bfranci
Posted 26 May 2006 - 12:17 AM

bfranci

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
SmitFraudFix v2.48

Scan done at 21:06:10.18, Thu 05/25/2006
Run from C:\Documents and Settings\Brad\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]
Fix ran in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\hp????.tmp Deleted
C:\WINDOWS\system32\simpole.tlb Deleted
C:\WINDOWS\system32\stdole3.tlb Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End

Thanks,
Brad
  • 0

#4
Daemon
Posted 26 May 2006 - 12:46 AM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Hmmm... didn't follow the instructions - you ran option 2.

Launch ewido again:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin (do not open any folders or open the windows control panel while the scan is in progress).
  • While the scan is in progress you will be prompted to clean files, click OK
  • When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop.
Now close ewido.

Click Start>Settings>Control Panel>Display>Desktop>Customize Desktop>Web and uncheck "Security Info" if present.

Open System Security Suite and doubleclick on sss.exe. Check the boxes under the 'Items to Clear' tab and click 'Clear Selected Items'. You will be prompted to reboot, do so.

Please post a new HijackThis Log and the Ewido Log in your next reply.
  • 0

#5
bfranci
Posted 26 May 2006 - 01:42 AM

bfranci

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Logfile of HijackThis v1.99.1
Scan saved at 12:40:40 AM, on 5/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\W?nSxS\?xplorer.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\Brad\APPLIC~1\DOBE~1\mshta.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Outlook Express\msimn.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\hijackthis\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C85D40B7-8F2F-9FA9-5074-F93AF05D2797} - C:\WINDOWS\system32\tsrspma.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [Tbsa] "C:\DOCUME~1\Brad\APPLIC~1\DOBE~1\mshta.exe" -vt ndrv
O4 - HKCU\..\Run: [Pgxlc] C:\Program Files\W?nSxS\?xplorer.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\samnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\neoteris\secure application manager\samnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop
O20 - Winlogon Notify: wingdm32 - wingdm32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:35:00 AM, 5/26/2006
+ Report-Checksum: DE65D12A

+ Scan result:

[3364] C:\DOCUME~1\Brad\APPLIC~1\DOBE~1\mshta.exe -> Downloader.PurityScan.cn : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.245:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.250:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.251:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.276:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.277:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.278:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.279:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.280:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.283:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.295:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.296:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.332:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.336:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.337:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.338:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.339:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.340:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.341:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.342:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.350:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.351:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.352:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.353:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.354:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.356:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.357:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.376:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.390:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.396:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.397:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.398:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.399:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.402:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.403:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.404:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.405:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.406:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.407:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.408:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.409:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.418:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.427:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.428:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.440:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.441:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.471:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.472:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.474:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.491:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.499:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.500:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.512:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.513:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.515:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.520:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.521:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.522:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.570:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.573:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.588:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.606:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.608:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.609:C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\z2wrsrs4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Brad\Application Data\Аdobe\mshta.exe -> Downloader.PurityScan.cn : Cleaned with backup


::Report End
  • 0

#6
Daemon
Posted 26 May 2006 - 10:02 AM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Look in your control panels add/remove programs for PuritySCAN By OIN, OuterInfo, OIN or similar , click on it and click remove.
Reboot and delete this folder if found:
C:\Program Files\PurityScan

If not listed, download and run this uninstaller:
http://www.outerinfo...Uninstaller.exe

Tutorial for the uninstaller if needed

Reboot when done and delete this folder if found:
C:\Program Files\PurityScan

Post a fresh HJT log.
  • 0

#7
Daemon
Posted 02 June 2006 - 12:32 AM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP