Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

FireFox Popups

Started by NoiseTank , May 08 2008 04:02 PM

This topic is locked

#1
NoiseTank

Posted 08 May 2008 - 04:02 PM

Member

Member
11 posts

I started to get popups when I use Firefox. When they come up I get a message displayed in the bottom right hand corner of the computer saying "ad served by fbrowsing advisor" and then the popup opens up in another window.

I don't know how I could have gotten it but help would be greatly appreciated.

Thank you.

My HijackThis log is:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:01:40 PM, on 5/8/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\MtRepair1.exe
C:\WINDOWS\System32\MtRepair2.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SurfingEnhancer - {57636FBF-8C24-0D22-E203-3D4DFA59E2A4} - C:\Program Files\SurfingEnhancer\SurfingEnhancer-1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4778 bytes

#2
sage5

Posted 08 May 2008 - 04:33 PM

RIP 10/2009

Retired Staff
2,646 posts

Hi NoiseTank,

Welcome to Geeks to Go!
My name is sage5, and I will be helping you with this problem.

Please download the following & save to your Desktop:
Malwarebytes' Anti-Malware from Here or Here
Deckard's System Scanner

Run Malwarebytes' Anti-Malware:
Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Save the entire report as C:\mbam.txt

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Run Deckard's System Scanner:

Close all other windows before proceeding.
Double click on the dss.exe file on your Desktop and follow the prompts.
Scans will run, and 2 text files will open in Notepad.
Close both of the text files.

These files are C:\Deckard\System Scanner\main.txt & extra.txt.
I will need you to copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of

main.txt
extra.txt
C:\mbam.txt

in your next reply.

The text from these files may exceed the maximum post length for this forum, and may need to be sent over 2 or more posts. Please ensure all text is posted.

Cheers,

sage5

#3
NoiseTank

Posted 08 May 2008 - 05:03 PM

Member

Topic Starter
Member
11 posts

This is main.txt

Deckard's System Scanner v20071014.68
Run by Adalsteinn on 2008-05-08 15:59:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
52: 2008-05-08 23:00:00 UTC - RP185 - Deckard's System Scanner Restore Point
51: 2008-05-07 23:53:06 UTC - RP184 - Installed Windows XP KB909394.
50: 2008-05-07 23:52:59 UTC - RP183 - Installed Windows Media Player 10 KB894476.
49: 2008-05-07 23:49:09 UTC - RP182 - Unsigned driver install
48: 2008-05-07 22:51:50 UTC - RP181 - ComboFix created restore point

-- First Restore Point --
1: 2008-04-01 17:41:26 UTC - RP134 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

System Drive C: has 13.25 GiB (less than 15%) free.

-- HijackThis (run as Adalsteinn.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:00:30 PM, on 5/8/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Adalsteinn\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Adalsteinn.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SurfingEnhancer - {57636FBF-8C24-0D22-E203-3D4DFA59E2A4} - C:\Program Files\SurfingEnhancer\SurfingEnhancer-1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 4830 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 atksgt - c:\windows\system32\drivers\atksgt.sys
R2 lirsgt - c:\windows\system32\drivers\lirsgt.sys

S3 catchme - c:\combofix\catchme.sys (file missing)
S3 lac97inf - c:\docume~1\adalst~1\locals~1\temp\lac97inf.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S4 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Network Controller
Device ID: PCI\VEN_1814&DEV_0201&SUBSYS_0B541432&REV_01\4&3B1D9AB8&0&3040
Manufacturer:
Name: Network Controller
PNP Device ID: PCI\VEN_1814&DEV_0201&SUBSYS_0B541432&REV_01\4&3B1D9AB8&0&3040
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200014F1&REV_00\4&3B1D9AB8&0&4040
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200014F1&REV_00\4&3B1D9AB8&0&4040
Service:

-- Files created between 2008-04-08 and 2008-05-08 -----------------------------

2008-05-08 15:43:54 0 d-------- C:\Documents and Settings\Adalsteinn\Application Data\Malwarebytes
2008-05-08 15:43:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-08 15:43:49 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-07 16:29:53 0 d-------- C:\Program Files\Trend Micro
2008-05-07 15:50:59 68096 --a------ C:\WINDOWS\zip.exe
2008-05-07 15:50:59 49152 --a------ C:\WINDOWS\VFind.exe
2008-05-07 15:50:59 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-05-07 15:50:59 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-05-07 15:50:59 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-05-07 15:50:59 98816 --a------ C:\WINDOWS\sed.exe
2008-05-07 15:50:59 80412 --a------ C:\WINDOWS\grep.exe
2008-05-07 15:50:59 73728 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-05-06 21:11:36 0 d-------- C:\Documents and Settings\Adalsteinn\.housecall6.6
2008-05-05 14:13:37 372736 --a------ C:\WINDOWS\System32\MtRepair2.exe <Not Verified; M i r a r; M i r a r ATD RPT RPSVC>
2008-05-05 14:13:37 372736 --a------ C:\WINDOWS\System32\MtRepair1.exe <Not Verified; M i r a r; M i r a r ATD RPT RPSVC>
2008-05-05 14:13:27 385024 --a------ C:\WINDOWS\System32\WinNB54.dll <Not Verified; ; MBar AFF ATD IESC>
2008-05-05 14:13:19 0 d-------- C:\Program Files\SurfingEnhancer
2008-04-20 20:05:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-04-19 18:19:29 0 d-------- C:\Program Files\Bethesda Softworks
2008-04-19 16:23:52 679936 --a------ C:\WINDOWS\System32\ijjiSetup.exe <Not Verified; NHN USA; ijjiSetup Application>
2008-04-19 16:23:52 0 d-------- C:\Program Files\NHN USA
2008-04-15 13:55:19 0 d-------- C:\WINDOWS\System32\Adobe
2008-04-10 01:25:37 0 d-------- C:\Documents and Settings\Adalsteinn\Application Data\iPodder
2008-04-10 01:25:26 0 d-------- C:\Program Files\Juice
2008-04-08 16:10:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Ableton
2008-04-08 16:10:19 0 d-------- C:\Documents and Settings\Adalsteinn\Application Data\Ableton
2008-04-08 16:09:50 368640 --a------ C:\WINDOWS\System32\ReWire.dll <Not Verified; Propellerhead Software AB; ReWire>
2008-04-08 16:09:17 0 d-------- C:\Program Files\Ableton

-- Find3M Report ---------------------------------------------------------------

2008-05-08 15:56:18 0 d-------- C:\Documents and Settings\Adalsteinn\Application Data\AVG7
2008-05-08 15:42:04 0 d-------- C:\Program Files\Common Files\Download Manager
2008-05-08 15:01:00 0 d-------- C:\Documents and Settings\Adalsteinn\Application Data\uTorrent
2008-05-07 20:57:58 0 d-------- C:\Documents and Settings\Adalsteinn\Application Data\LimeWire
2008-05-07 16:53:00 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-04-26 22:06:01 0 d-------- C:\Program Files\Steam
2008-04-19 18:19:17 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-15 14:10:46 2777 --a------ C:\WINDOWS\mozver.dat
2008-04-15 13:55:48 0 d-------- C:\Documents and Settings\Adalsteinn\Application Data\Adobe
2008-04-15 13:55:47 0 d-------- C:\Documents and Settings\Adalsteinn\Application Data\Macromedia
2008-04-13 20:05:19 0 d-------- C:\Program Files\iDump
2008-04-13 20:04:34 0 d-------- C:\Program Files\Media Widget
2008-04-11 20:06:37 0 d-------- C:\Program Files\Common Files
2008-04-11 19:57:31 0 d-------- C:\Program Files\Creative
2008-04-03 18:15:09 0 d-------- C:\Program Files\Audible
2008-04-03 18:12:25 0 d-------- C:\Program Files\Opera
2008-04-03 18:04:13 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-01 20:38:35 0 d-------- C:\Program Files\ScummVM
2008-03-29 16:31:59 0 d-------- C:\Documents and Settings\Adalsteinn\Application Data\ScummVM
2008-03-29 14:41:05 0 d-------- C:\Program Files\Project64 1.6
2008-03-29 14:08:22 0 d-------- C:\Program Files\Project64 v1.5
2008-03-22 02:17:43 0 d-------- C:\Documents and Settings\Adalsteinn\Application Data\dvdcss
2008-03-22 02:16:52 0 d-------- C:\Program Files\InterActual
2008-03-15 18:09:05 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-03-05 22:05:07 43520 --a------ C:\WINDOWS\System32\CmdLineExt03.dll

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{57636FBF-8C24-0D22-E203-3D4DFA59E2A4}]
12/30/2007 01:48 PM 1019904 --a------ C:\Program Files\SurfingEnhancer\SurfingEnhancer-1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [06/03/2004 08:51 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [04/18/2008 09:02 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 05:00 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [06/20/2006 10:36 PM]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [06/22/2007 05:45 AM]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [12/22/2007 12:23 AM]
"Aim6"="" []
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [06/12/2006 02:32 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Adalsteinn^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Adalsteinn^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
"C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
"C:\Program Files\DAEMON Tools\daemon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QdrPack10]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMC_AutoUpdate]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"StarWindServiceAE"=2 (0x2)
"Adobe LM Service"=3 (0x3)

*Newly Created Service* - ALG
*Newly Created Service* - IPNAT

-- End of Deckard's System Scanner: finished at 2008-05-08 16:00:57 ------------

#4
NoiseTank

Posted 08 May 2008 - 05:05 PM

Member

Topic Starter
Member
11 posts

This is extra.txt

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 1.0
Architecture: X86; Language: English

CPU 0: AMD Athlon™ XP 3200+
Percentage of Memory in Use: 51%
Physical Memory (total/avail): 511.48 MiB / 250.14 MiB
Pagefile Memory (total/avail): 1250.14 MiB / 1037.89 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1950.96 MiB

C: is Fixed (NTFS) - 149.04 GiB total, 13.25 GiB free.
D: is CDROM (UDF)
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST3160021A - 149.05 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 149.04 GiB - C:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device

-- Security Center -------------------------------------------------------------

AUOptions is disabled.

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Adalsteinn\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=SUPERCOMPUTER-X
ComSpec=C:\WINDOWS\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Adalsteinn
LOGONSERVER=\\SUPERCOMPUTER-X
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADALST~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADALST~1\LOCALS~1\Temp
USERDOMAIN=SUPERCOMPUTER-X
USERNAME=Adalsteinn
USERPROFILE=C:\Documents and Settings\Adalsteinn
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Adalsteinn (admin)
Administrator (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DF9BF77-7E10-4973-965E-3B7013ABEA6D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DF9BF77-7E10-4973-965E-3B7013ABEA6D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player ActiveX --> C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Setup --> MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver --> rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
CDisplay 1.8 --> "C:\Program Files\CDisplay\unins000.exe"
Creative Removable Disk Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Creative ZEN Vision M Series --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31C44235-A613-4E95-B297-207BF6C6A8C1}\SETUP.EXE" -l0x9 /remove
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Fable - The Lost Chapters --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
Francesco's leveled creatures-items mod 4.5b --> "C:\Program Files\Bethesda Softworks\Oblivion\data\Francesco's mod\Unistall data\Main files\unins000.exe"
GameTap --> C:\Program Files\InstallShield Installation Information\{67E158AF-8856-4337-B483-EA21930786AF}\setup.exe -runfromtemp -l0x0009 -removeonly
Half-Life 2 --> "C:\Program Files\Steam\steam.exe" steam://uninstall/220
Half-Life 2: Episode One --> "C:\Program Files\Steam\steam.exe" steam://uninstall/380
Half-Life 2: Episode Two --> "C:\Program Files\Steam\steam.exe" steam://uninstall/420
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iDump (Backing up your iPod) --> C:\Program Files\iDump\uninstall.exe
ijji - Gunz --> C:\ijji\ENGLISH\Gunz\Uninstall.exe
ijji Auto Installer --> "C:\Program Files\InstallShield Installation Information\{1DCC7418-2089-4BDD-B321-3771956160FC}\setup.exe" -runfromtemp -l0x0009 -removeonly
iTunes --> MsiExec.exe /I{B8A204BC-7177-470E-BBDD-47256D05B325}
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Juice 2.2 --> C:\Program Files\Juice\uninst.exe
LimeWire PRO 4.16.0 --> "C:\Program Files\LimeWire\uninstall.exe"
Live 6.0.9 --> C:\PROGRA~1\Ableton\LIVE60~1.9\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE60~1.9\Install\INSTALL.LOG
Logitech Gaming Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C1DA723-24FC-48AD-93BA-925695C3EF26}\setup.exe" -l0x9 -removeonly
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Widget 3.0 --> "C:\Program Files\Media Widget\unins000.exe"
Microsoft ActiveSync 4.0 --> MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nokia Connectivity Cable Driver --> RUNDLL32.EXE nsesetup.dll,DoNTUninst
NVIDIA Drivers --> C:\WINDOWS\System32\NVUNINST.EXE UninstallGUI
NvMixer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall
Oblivion --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x9 -removeonly
Oblivion mod manager 1.1.9 --> "C:\Program Files\Bethesda Softworks\Oblivion\obmm\uninstall\unins000.exe"
Photo Viewer 2.4 --> "C:\Program Files\Photo Viewer\uninstall.exe"
Portal --> "C:\Program Files\Steam\steam.exe" steam://uninstall/400
Project64 1.6 --> MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Registry Mechanic 7.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
ScummVM 0.10.0 --> "C:\Program Files\ScummVM\unins000.exe"
Spyware Doctor 5.0 --> C:\Program Files\Spyware Doctor\unins000.exe
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
STK014_V2.01 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7C401C6-B490-4C92-9E6D-F6A862A27B65}\Setup.exe" -l0x9
SurfingEnhancer --> C:\Program Files\SurfingEnhancer\uninstall.exe
Team Fortress 2 --> "C:\Program Files\Steam\steam.exe" steam://uninstall/440
The Sims 2 --> C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
Unofficial Oblivion Patch v2.2.0 --> "C:\Program Files\Bethesda Softworks\Oblivion\Unofficial Oblivion Patch\unins000.exe"
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Videora iPod Converter 3.06 --> C:\Program Files\Red Kawa\Video Converter 3\uninstaller.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
ViewSonic Monitor Drivers --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48963B63-7A10-49D6-8B08-61E6132453D0}\Setup.exe" -l0x9
ViewSonic Windows XP Signed Files --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}\Setup.exe" -l0x9
Warcraft III: All Products --> C:\WINDOWS\War3Unin.exe C:\WINDOWS\War3Unin.dat
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type911 / Error
Event Submitted/Written: 05/06/2008 08:37:47 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application vlc.exe, version 0.8.6.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type904 / Error
Event Submitted/Written: 05/05/2008 02:18:55 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 165456457.

Event Record #/Type903 / Error
Event Submitted/Written: 05/05/2008 02:18:53 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application LimeWire.exe, version 1.0.0.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type896 / Error
Event Submitted/Written: 04/28/2008 05:18:30 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application svcum 3rd be v2.0.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x0167416b.

Event Record #/Type890 / Error
Event Submitted/Written: 04/27/2008 03:23:49 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application OblivionModManager.exe, version 1.1.9.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type6697 / Error
Event Submitted/Written: 05/08/2008 03:56:14 PM
Event ID/Source: 59 / SideBySide
Event Description:
Generate Activation Context failed for C:\Program Files\DAEMON Tools Pro\MFC80U.DLL.
Reference error message: The operation completed successfully.
.

Event Record #/Type6696 / Error
Event Submitted/Written: 05/08/2008 03:56:14 PM
Event ID/Source: 59 / SideBySide
Event Description:
Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.

Event Record #/Type6695 / Error
Event Submitted/Written: 05/08/2008 03:56:14 PM
Event ID/Source: 32 / SideBySide
Event Description:
Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

Event Record #/Type6694 / Error
Event Submitted/Written: 05/08/2008 03:56:10 PM
Event ID/Source: 59 / SideBySide
Event Description:
Generate Activation Context failed for C:\Program Files\DAEMON Tools Pro\MFC80U.DLL.
Reference error message: The operation completed successfully.
.

Event Record #/Type6693 / Error
Event Submitted/Written: 05/08/2008 03:56:10 PM
Event ID/Source: 59 / SideBySide
Event Description:
Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.

-- End of Deckard's System Scanner: finished at 2008-05-08 16:00:57 ------------

#5
NoiseTank

Posted 08 May 2008 - 05:07 PM

Member

Topic Starter
Member
11 posts

This is C:\mbam.txt

Malwarebytes' Anti-Malware 1.12
Database version: 731

Scan type: Quick Scan
Objects scanned: 34823
Time elapsed: 5 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\program files\fbrowsingadvisor\xpcomevents.dll (Trojan.FBrowsingAdvisor) -> No action taken.

Registry Keys Infected:
HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> No action taken.
HKEY_CURRENT_USER\Software\Mirar (AdWare.Mirar) -> No action taken.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlayMP3 (Adware.PlayMP3Z) -> No action taken.
HKEY_CURRENT_USER\Software\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Documents and Settings\Adalsteinn\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> No action taken.

Files Infected:
c:\program files\fbrowsingadvisor\xpcomevents.dll (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Documents and Settings\Adalsteinn\Start Menu\Programs\PlayMP3z\Run PlayMP3z.lnk (Adware.PlayMP3Z) -> No action taken.
C:\WINDOWS\system32\kcopt.dll (Stolen.Data) -> No action taken.

#6
sage5

Posted 08 May 2008 - 06:15 PM

RIP 10/2009

Retired Staff
2,646 posts

Hi NoiseTank,

Did you

Make sure that everything is checked, and click Remove Selected.

in the Malwarebytes scan?
It doesn't seem to have removed anything.
Can you please rescan & make sure you perform Item 6

Run Malwarebytes' Anti-Malware:
Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy & Paste the entire report in your next reply.

#7
NoiseTank

Posted 08 May 2008 - 07:01 PM

Member

Topic Starter
Member
11 posts

Well I did the Anti-Malware scan twice and it did not detect anything.

But this is the log I got for them

1st:

Malwarebytes' Anti-Malware 1.12
Database version: 731

Scan type: Quick Scan
Objects scanned: 34593
Time elapsed: 4 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

2nd:

Malwarebytes' Anti-Malware 1.12
Database version: 731

Scan type: Quick Scan
Objects scanned: 34594
Time elapsed: 4 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#8
sage5

Posted 08 May 2008 - 07:14 PM

RIP 10/2009

Retired Staff
2,646 posts

Hi NoiseTank,

My apologies for that, your log returned a

-> No action taken.

after each line. Normally this would indicate a removal failure. Perhaps there is an issue with the tool itself.
Clearly those lines were dealt with.

Please download the following & save to your Desktop:
OTMoveIt2 by OldTimer.

Delete bad services
Please copy (Ctrl+C) and paste (Ctrl+V) the following text in the quote to Notepad. Save it as "All Files" and name it FixServices.bat Please save it on your desktop.

@echo off
sc stop lac97inf
sc stop catchme
sc delete lac97inf
sc delete catchme
exit

Double click FixServices.bat. A window will open and close. This is normal.

Fix File Associations:

Go to Start > Run and type or paste "%userprofile%\desktop\dss.exe" /daft
Click on the Scan button.
Place a checkmark next to all the entries that appear in red
Click the Fix button.
Re-scan and save the logfile. This will default to daft.txt
Save it to your C:\ drive, I'll need that log later.

If everything is ok again, it should display the "all associations ok message"

I see you have/have had µTorrent & LimeWire installed on your system.
While these programs themselves are legal, most of the files downloaded with them, are not.
These programs can also be some of the major infection routes for an otherwise secure PC, because you might be unknowingly downloading infected files.
I highly recommend uninstalling µTorrent & LimeWire as outlined below.

Remove folders & files:

Please go to Start > Control Panel > Add/Remove Programs and remove the following, (if present):
µTorrent
LimeWire PRO 4.16.0
SurfingEnhancer
Viewpoint Media Player
Please take note of any other programs that you don't recognise in that list, and include them in your next response

Run OTMoveIt2:

Please double-click OTMoveIt2.exe to run it.

Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

C:\Program Files\SurfingEnhancer
C:\Program Files\uTorrent
C:\Program Files\LimeWire
C:\Program Files\SurfingEnhancer
C:\Program Files\Viewpoint
C:\WINDOWS\System32\msdxm.ocx
C:\WINDOWS\System32\MtRepair2.exe
C:\WINDOWS\System32\MtRepair1.exe
C:\WINDOWS\System32\WinNB54.dll

Return to OTMoveIt, right click on the "Paste list of Files/Folders to be moved" window (under the Yellow bar) and choose Paste.
Make sure that there is a tick next to Unregister Dll's and OCX's
Click the red Moveit! button.
Open Notepad
Copy everything on the Results window to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy).
Paste the text into the Notepad file, click in the window and press Ctrl + V.
Click "Exit" to close OTMoveIt.
Save the text file as C:\otmove.txt

(If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.)

Shut down & Reboot normally:

Run HijackThis again:

Select the Run a system scan and save a logfile button. The logfile will open in Notepad.
Start your Web browser and navigate back to this thread.
Click the Add Reply button
Copy and Paste the text into the Reply window.
Also include the text from C:\otmove.txt

Please include a note to tell me how your PC is running now.

Cheers,

sage5

#9
NoiseTank

Posted 08 May 2008 - 07:47 PM

Member

Topic Starter
Member
11 posts

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:44:37 PM, on 5/8/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

--
End of file - 4248 bytes

File/Folder C:\Program Files\SurfingEnhancer not found.
File/Folder C:\Program Files\LimeWire not found.
File/Folder C:\Program Files\SurfingEnhancer not found.
File/Folder C:\Program Files\Viewpoint not found.
C:\WINDOWS\System32\msdxm.ocx unregistered successfully.
C:\WINDOWS\System32\msdxm.ocx moved successfully.
C:\WINDOWS\System32\MtRepair2.exe moved successfully.
C:\WINDOWS\System32\MtRepair1.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\System32\WinNB54.dll
C:\WINDOWS\System32\WinNB54.dll NOT unregistered.
C:\WINDOWS\System32\WinNB54.dll moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05082008_183904

#10
NoiseTank

Posted 08 May 2008 - 07:49 PM

Member

Topic Starter
Member
11 posts

Well the popups don't seem to come anymore.
And it feels like the computer is a bit faster.

Thank you for helping me with this.
I really appreciate it.

-NoiseTank

#11
sage5

Posted 08 May 2008 - 08:38 PM

RIP 10/2009

Retired Staff
2,646 posts

Hi NoiseTank,

Please go HERE to run Panda's TotalScan

Select the bubble for Full scan
It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
Then the scan will begin
When the scan completes, click the Save button on the right of Scan details
Save it to C:\active_scan.txt
Post the contents of the TotalScan report

You don't appear to be running a 3rd party firewall. These are essential to protect from trojans, viruses, spyware etc.

You should check out:- Comodo Firewall Pro or Sunbelt Personal Firewall

User manuals are available for both:
Comodo's manual is built in and accessable from the Help Menu.

Sunbelt Manual Here

Both are simple to install & free to use.
Please install only 1

I need you to post me a fresh HijackThis log to confirm correct installation of the Firewall.

Cheers,

sage5

#12
NoiseTank

Posted 08 May 2008 - 11:43 PM

Member

Topic Starter
Member
11 posts

I cannot download Comodo Firewall Pro because I do not have Windows Service Pack 2.
I have tried downloading WSP2 once before but I don't really know how to do it.

Active Scan:

;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-05-08 22:40:55
PROTECTIONS: 0
MALWARE: 34
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.trafficmp.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.casalemedia.com/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.atdmt.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.tradedoubler.com/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.fastclick.net/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.tribalfusion.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.mediaplex.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.mediaplex.com/]
00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.findwhat.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.com.com/]
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.yadro.ru/]
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.yadro.ru/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.statcounter.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[ad.yieldmanager.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.apmebf.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.burstnet.com/]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[server.iad.liveperson.net/]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[server.iad.liveperson.net/hc/19452074]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\c4vzrr73.default\cookies.txt[.advertising.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[statse.webtrendslive.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.ads.pointroll.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.realmedia.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.questionmarket.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.zedo.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.adrevolver.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.adultfriendfinder.com/]
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.target.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.did-it.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.atwola.com/]
00274284 Adware/Cres Adware No 0 Yes No C:\Program Files\STK014_V2.01\STK014K.exe
00382013 Trj/Agent.DIL Virus/Trojan No 0 Yes Yes C:\WINDOWS\system32\secwin.006
00584338 Adware/SaveNow Adware No 0 Yes No C:\Documents and Settings\Adalsteinn\Desktop\Folders\Downloads!!\BSINSTALL.exe
01176994 Bck/VB.XB Virus/Trojan No 0 No No C:\System Volume Information\_restore{D3EC660F-6512-4B48-83F7-C9074666548F}\RP185\A0020599.exe[327882R2FWJFW\NirCmdC.cfexe]
01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.enhance.com/]
01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Adalsteinn\Application Data\Mozilla\Firefox\Profiles\jcnic3w8.default\cookies.txt[.enhance.com/]
02649837 Application/Playmp3z HackTools No 0 Yes No C:\System Volume Information\_restore{D3EC660F-6512-4B48-83F7-C9074666548F}\RP181\A0020362.exe
02649837 Application/Playmp3z HackTools No 0 Yes No C:\QooBox\Quarantine\C\Program Files\PlayMP3z\PlayMP3.exe.vir
02928486 Adware/Mirar Adware No 1 Yes No C:\_OTMoveIt\MovedFiles\05082008_183904\WINDOWS\System32\WinNB54.dll
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location ThN\i
3
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description ThN\i
3
;===============================================================================
=================================================================================
===================
133387 MEDIUM MS06-065 ThN\i
3
133386 MEDIUM MS06-064 ThN\i
3
133385 MEDIUM MS06-063 ThN\i
3
133379 HIGH MS06-057 ThN\i
3
131654 HIGH MS06-055 ThN\i
3
129977 MEDIUM MS06-053 ThN\i
3
129976 MEDIUM MS06-052 ThN\i
3
126093 HIGH MS06-051 ThN\i
3
126092 MEDIUM MS06-050 ThN\i
3
126087 HIGH MS06-046 ThN\i
3
126086 MEDIUM MS06-045 ThN\i
3
126083 HIGH MS06-042 ThN\i
3
126082 HIGH MS06-041 ThN\i
3
126081 HIGH MS06-040 ThN\i
3
123421 HIGH MS06-036 ThN\i
3
123420 HIGH MS06-035 ThN\i
3
120825 MEDIUM MS06-032 ThN\i
3
120823 MEDIUM MS06-030 ThN\i
3
120818 HIGH MS06-025 ThN\i
3
120815 HIGH MS06-022 ThN\i
3
120814 HIGH MS06-021 ThN\i
3
117384 MEDIUM MS06-018 ThN\i
3
114666 HIGH MS06-015 ThN\i
3
114664 HIGH MS06-013 ThN\i
3
111790 MEDIUM MS06-011 ThN\i
3
108744 MEDIUM MS06-008 ThN\i
3
108743 MEDIUM MS06-007 ThN\i
3
108742 MEDIUM MS06-006 ThN\i
3
104567 HIGH MS06-002 ThN\i
3
104237 HIGH MS06-001 ThN\i
3
101055 HIGH MS05-054 ThN\i
3
96574 HIGH MS05-053 ThN\i
3
93396 HIGH MS05-052 ThN\i
3
93395 HIGH MS05-051 ThN\i
3
93394 HIGH MS05-050 ThN\i
3
93454 MEDIUM MS05-049 ThN\i
3
;===============================================================================
=================================================================================
===================

#13
NoiseTank

Posted 08 May 2008 - 11:50 PM

Member

Topic Starter
Member
11 posts

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:24 PM, on 5/8/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

--
End of file - 4717 bytes

#14
sage5

Posted 09 May 2008 - 12:58 AM

RIP 10/2009

Retired Staff
2,646 posts

Hi NoiseTank,

We really need to get you up to date with your Service Packs.

Install SP1a:
Go to Here, select the correct Language & click the Go button.
Save the file to the Desktop & when the download is complete, double click the file to install the Service Pack.

Once that is done, go to Start > Help & Support & click the link to Windows Update.
(This is a much leaner download than the manual download & update file)
Follow the prompts to get the Update, but be prepared for a bit of a wait, it may be 200+Mb.

When that is done, run the Windows Update until you have all the Critical Updates installed.
This may take at least 2 sessions.

Cheers,

sage5

#15
NoiseTank

Posted 09 May 2008 - 01:05 AM

Member

Topic Starter
Member
11 posts

Well there might be a problem with that.
A while ago I went through a ( I cant remember the word right now) but it is when you erase everything off of your computer, including windows, and I didn't have my restore CD with windows on it so I had to download a fake version and I don't know if it will update service packs.

What do you think?