error signature
AppName: explorer.exe AppVer: 6.0.2900.2180 ModName: lmpgspl.ax
ModVer: 4.0.0.81 Offset: 00011a0b
following files will be included in this error report
C:\DOCUME~1\Bob\LOCALS~1\Temp\18d6_appcompat.txt
Here is my Hijackthis log BEFORE I followed the instructions posted under "You must read this before posting a hijack this log:
Logfile of HijackThis v1.99.1
Scan saved at 2:17:11 AM, on 2/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
R3 - URLSearchHook: (no name) - _{269B6797-664E-48AA-B283-B012BDF6E525} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\dtv\EXPLBAR.DLL (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com...p/PCPitStop.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1126211233790
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1126211205699
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
Now after following the instructions under You must read this before posting a hijack this log, here is my Hijackthis log and my Pandascan log and my AVG Anti-Spyware - Scan Report. Any help would be greatly appreciated.
Logfile of HijackThis v1.99.1
Scan saved at 12:55:08 PM, on 2/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
R3 - URLSearchHook: (no name) - _{269B6797-664E-48AA-B283-B012BDF6E525} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\dtv\EXPLBAR.DLL (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com...p/PCPitStop.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.h...staller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1126211233790
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1126211205699
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing)
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
Incident Status Location
Adware:adware/cashsaver Not disinfected c:\windows\system32\CSUninstall.exe
Adware:adware/searchrelevancy Not disinfected c:\program files\SearchRelevant
Adware:adware/cydoor Not disinfected c:\windows\cdmxtras
Adware:adware/emediacodec Not disinfected Windows Registry
Potentially unwanted tool:application/mywebsearch Not disinfected hkey_classes_root\clsid\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Potentially unwanted tool:application/altnet Not disinfected hkey_local_machine\software\microsoft\windows\currentversion\app management\arpcache\AltnetDM
Adware:adware/savenow Not disinfected Windows Registry
Adware:adware/sqwire Not disinfected Windows Registry
Adware:adware/wupd Not disinfected Windows Registry
Potentially unwanted tool:application/funweb Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Potentially unwanted tool:application/myway Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Documents and Settings\Bob\Application Data\Uniblue\SpyEraser\Quarantine\Popular Screensavers_29_01_2007_16_13_57.asq23271
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Bob\Application Data\Uniblue\SpyEraser\Quarantine\Tracking Cookie_29_01_2007_16_13_57.asq10112
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Bob\Application Data\Uniblue\SpyEraser\Quarantine\Tracking Cookie_29_01_2007_16_13_57.asq13022
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Bob\Cookies\bob@advertising[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Bob\Cookies\bob@doubleclick[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Bob\Cookies\bob@questionmarket[1].txt
Virus:Generic Trojan Disinfected Archive Folders\Snowman screensaver\frostys2.zip[frostyski.exe][SETUP_POWERSEARCH_KV.EXE]
Adware:Adware/SaveNow Not disinfected C:\Drivers\stuff\address.exe[SAVENOWINST.EXE]
Spyware:Cookie/Maxserving Not disinfected C:\Program Files\Yahoo!\YPSR\Quarantine\ppqEB.tmp
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 7:13:16 PM 2/1/2007
+ Scan result:
C:\Documents and Settings\Bob\Application Data\Uniblue\SpyEraser\Quarantine\KaZaA_29_01_2007_16_13_34.asq3728 -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Bob\Application Data\Uniblue\SpyEraser\Quarantine\WeatherBug_29_01_2007_16_13_54.asq22850 -> Adware.Aws : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-1580436667-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-1580436667-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-1580436667-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{736B5468-BDAD-41BE-92D0-22AE2DDF7BCB} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1417001333-1580436667-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BF5B8FC-11CB-409F-8C91-4D4CA04A1B6D} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03 -> Adware.IntCodec : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\Program Files\Common Files\Microsoft Shared\TextConv\avupdate.exe -> Adware.Winad : Cleaned with backup (quarantined).
C:\Program Files\Common Files\ozzi\ozzid\vocabulary -> Downloader.TSUpdate.j : Cleaned with backup (quarantined).
:mozilla.147:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDC.tmp -> TrackingCookie.2o7 : Cleaned.
:mozilla.224:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.226:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.227:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.141:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.198:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.199:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.200:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.201:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.202:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.203:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.204:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.166:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.169:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.170:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Adserver : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2E.tmp -> TrackingCookie.Adserver : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq27.tmp -> TrackingCookie.Advertising : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2D.tmp -> TrackingCookie.Advertising : Cleaned.
:mozilla.43:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15.tmp -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq28.tmp -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDF.tmp -> TrackingCookie.Bfast : Cleaned.
:mozilla.171:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.270:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE0.tmp -> TrackingCookie.Casalemedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE1.tmp -> TrackingCookie.Centrport : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE2.tmp -> TrackingCookie.Clickagents : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2B.tmp -> TrackingCookie.Com : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE4.tmp -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.10:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.86:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq29.tmp -> TrackingCookie.Doubleclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE5.tmp -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.137:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.138:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2A.tmp -> TrackingCookie.Fastclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE7.tmp -> TrackingCookie.Fastclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE6.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE8.tmp -> TrackingCookie.Hitbox : Cleaned.
:mozilla.228:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE9.tmp -> TrackingCookie.Hitslink : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqEA.tmp -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.127:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.128:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.129:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.153:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.64:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.65:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqEC.tmp -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Bob\Application Data\Uniblue\SpyEraser\Quarantine\myaffiliateprogram_29_01_2007_16_13_57.asq24423 -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF2.tmp -> TrackingCookie.Onestat : Cleaned.
:mozilla.160:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.161:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.162:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.163:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE3.tmp -> TrackingCookie.Pro-market : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqED.tmp -> TrackingCookie.Qksrv : Cleaned.
:mozilla.50:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.51:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.52:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqEE.tmp -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.115:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.116:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.117:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.118:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2C.tmp -> TrackingCookie.Realmedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqEF.tmp -> TrackingCookie.Realmedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF0.tmp -> TrackingCookie.Realtracker : Cleaned.
:mozilla.69:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.70:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.100:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.101:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.102:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.97:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.98:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.99:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF1.tmp -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.222:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.223:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF3.tmp -> TrackingCookie.Trafficmp : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF4.tmp -> TrackingCookie.Tribalfusion : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF5.tmp -> TrackingCookie.Valueclick : Cleaned.
:mozilla.235:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.236:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.237:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.238:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.239:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.240:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.167:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.168:C:\Documents and Settings\Bob\Application Data\Mozilla\Profiles\default\8xk2q9v2.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF6.tmp -> TrackingCookie.Zedo : Cleaned.
C:\Program Files\eMedia Codec -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined).
::Report end