Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Dr. Watson Postmortem Debugger error [CLOSED]

Started by cantstopspinning , Jun 20 2008 10:04 PM

  • This topic is locked This topic is locked

#1
cantstopspinning
Posted 20 June 2008 - 10:04 PM

cantstopspinning

    New Member

  • Member
  • Pip
  • 4 posts
I am having problems when I work in some folders and try and open, delete, move, etc, files inside those folders. The folder freezes when I click on any file and in the task manager I find drwtsn32.exe not responding, then the folder I was working in closes. Then I get an error message which is stated in the post title. I performed everything outlined in the "read this first before posting" thread. Heres my hijack this log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:48:25 PM, on 6/20/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1202650166921
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1202865603895
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) - http://images.kodakg...647111_0_SM.jpg

--
End of file - 2915 bytes

Heres my uninstall list

Adobe Flash Player ActiveX
Adobe Reader 8.1.2
Adobe Shockwave Player
AIM 6
Apple Mobile Device Support
Apple Software Update
AVI Codec Pack
Bonjour
Codec 8.2 build 8
Data Lifeguard Tools
HijackThis 2.0.2
Java™ 6 Update 3
LimeWire PRO 4.16.6
Malwarebytes' Anti-Malware
Microsoft Compression Client Pack 1.0 for Windows XP
Mozilla Firefox (2.0.0.14)
Netflix Movie Viewer
Panda ActiveScan 2.0
PolderbitS Sound Recorder and Editor
QuickTime
Viewpoint Media Player
VoDi
VoDi4.0
Winamp
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Internet Mail
Yahoo! Messenger

Please lmk what steps to take.
-Eric
  • 0

Advertisements

#2
koko_crunch
Posted 25 June 2008 - 09:31 PM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Hello cantstopspinning and Welcome to Geeks to Go!

Sorry for the delay.
We've been quite busy this week.

After checking your log, I found signs of malware on your system.
Please stick with me until we get you cleaned up. :)

Let's begin.

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**
  • 0

#3
cantstopspinning
Posted 26 June 2008 - 12:41 AM

cantstopspinning

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Combofix report:

ComboFix 08-06-20.4 - joe 2008-06-26 2:31:43.1 - NTFSx86
Running from: C:\Documents and Settings\joe\Desktop\ComboFix.exe
* Created a new restore point

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\outlook
C:\WINDOWS\b.exe
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\cmd.com
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tasklist.com
C:\WINDOWS\system32\tracert.com

.
((((((((((((((((((((((((( Files Created from 2008-05-26 to 2008-06-26 )))))))))))))))))))))))))))))))
.

2008-06-24 22:12 . 2008-06-24 22:13 <DIR> d-------- C:\Program Files\Rolling Madness 3D
2008-06-23 20:02 . 2008-06-23 20:02 <DIR> d-------- C:\Program Files\Alcatel
2008-06-21 18:04 . 2008-06-21 18:04 1,501 --a------ C:\WINDOWS\EReg515.dat
2008-06-21 17:57 . 2008-06-21 17:57 187 --a------ C:\WINDOWS\disneysy.ini
2008-06-21 17:57 . 2008-06-24 20:44 157 --a------ C:\WINDOWS\disney.ini
2008-06-20 23:47 . 2008-06-20 23:47 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-20 16:15 . 2008-06-20 16:16 <DIR> d-------- C:\Program Files\Panda Security
2008-06-20 16:07 . 2008-06-20 16:08 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-20 16:07 . 2008-06-20 16:07 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-06-20 16:07 . 2008-06-20 16:07 <DIR> d-------- C:\Documents and Settings\joe\Application Data\Malwarebytes
2008-06-20 16:07 . 2008-06-20 16:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-20 16:07 . 2008-06-19 17:48 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-20 16:07 . 2008-06-19 17:47 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-19 13:59 . 2008-06-19 13:59 <DIR> d-------- C:\Documents and Settings\joe\WINDOWS
2008-06-19 13:59 . 1998-01-23 12:22 304,128 --a------ C:\WINDOWS\IsUninst.exe
2008-06-17 20:08 . 2008-06-20 13:02 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-17 20:08 . 2008-06-17 20:08 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-16 15:45 . 2008-06-16 15:45 <DIR> d-------- C:\Program Files\AVI Codec Pack
2008-06-16 15:44 . 2008-06-16 15:44 <DIR> d-------- C:\WINDOWS\system32\quicktime
2008-06-16 15:37 . 2008-06-16 15:37 <DIR> d-------- C:\Program Files\Codec
2008-06-14 22:43 . 2008-06-14 22:44 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-14 11:34 . 2008-06-14 11:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-12 13:13 . 2008-06-12 13:13 <DIR> d-------- C:\WINDOWS\48B8222675E34E9092CCD30F79EA6380.TMP
2008-06-12 13:12 . 2008-03-19 18:26 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-06-12 13:12 . 2008-03-19 18:29 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-06-12 13:11 . 2008-06-20 16:47 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-06-11 18:08 . 2008-06-11 18:08 <DIR> d--h----- C:\Documents and Settings\joe\Application Data\yahoo!
2008-06-10 14:50 . 2008-06-11 18:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-10 14:49 . 2008-06-11 18:10 <DIR> d-------- C:\Program Files\Yahoo!
2008-06-08 07:26 . 2008-04-14 05:42 151,552 --a------ C:\WINDOWS\system32\irftp.exe
2008-06-08 07:26 . 2008-04-14 05:42 151,552 --a--c--- C:\WINDOWS\system32\dllcache\irftp.exe
2008-06-08 07:26 . 2008-04-14 05:41 28,160 --a------ C:\WINDOWS\system32\irmon.dll
2008-06-08 07:26 . 2008-04-14 05:41 28,160 --a--c--- C:\WINDOWS\system32\dllcache\irmon.dll
2008-06-08 07:26 . 2008-04-14 05:42 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2008-06-08 07:26 . 2008-04-14 05:42 8,192 --a--c--- C:\WINDOWS\system32\dllcache\wshirda.dll
2008-06-08 07:14 . 2008-06-08 07:14 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-06-08 07:04 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\005151_.tmp
2008-06-08 05:02 . 2008-06-08 05:02 <DIR> d-------- C:\Program Files\Netflix

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-26 06:27 --------- d-----w C:\Documents and Settings\joe\Application Data\LimeWire
2008-06-25 21:48 --------- d-----w C:\Program Files\Common Files\AOL
2008-06-25 02:55 --------- d-----w C:\Program Files\LimeWire
2008-06-25 00:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-25 00:43 --------- d-----w C:\Program Files\Winamp
2008-06-24 00:35 --------- d-----w C:\Documents and Settings\joe\Application Data\Winamp
2008-06-23 21:58 --------- d-----w C:\Documents and Settings\joe\Application Data\MSN6
2008-06-10 17:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-05-11 04:16 --------- d-----w C:\Documents and Settings\joe\Application Data\Apple Computer
2008-05-11 04:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-11 04:11 --------- d-----w C:\Program Files\QuickTime
2008-05-11 04:02 --------- d-----w C:\Program Files\Common Files\Apple
2008-04-14 09:55 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 09:46 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 09:43 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 09:43 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 09:43 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll
2008-04-14 09:43 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 09:41 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
2008-04-14 09:40 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 09:40 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 09:40 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
2008-04-14 09:40 102,912 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 05:00 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 04:57 2,188,928 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 04:15 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-14 04:13 9,728 ------w C:\WINDOWS\system32\comsdupd.exe
2008-04-14 04:13 12,800 ------w C:\WINDOWS\system32\spiisupd.exe
2008-04-14 04:01 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-14 04:01 2,065,792 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 04:00 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
2008-04-14 03:45 76,800 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 03:09 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
2008-04-14 03:09 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-14 03:09 187,392 ------w C:\WINDOWS\system32\xpsp1res.dll
2008-04-14 03:08 306,176 ----a-w C:\WINDOWS\system32\slbcsp.dll
2008-04-14 03:08 169,984 ----a-w C:\WINDOWS\system32\sccbase.dll
2008-04-14 03:07 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
2008-04-14 03:07 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
2008-04-14 02:57 79,872 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 02:56 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
2008-04-14 02:56 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
2008-04-14 02:56 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
2008-04-14 02:54 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
2008-04-14 02:51 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
2008-04-14 02:39 4,096 ------w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 02:33 63,488 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 02:33 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 02:24 68,768 ----a-w C:\WINDOWS\system32\mmsystem.dll
2008-04-14 02:24 53,840 ----a-w C:\WINDOWS\system32\dosx.exe
2008-04-14 02:23 92,224 ----a-w C:\WINDOWS\system32\krnl386.exe
2008-04-14 02:22 3,338 ----a-w C:\WINDOWS\system32\redir.exe
2008-04-14 02:20 42,537 ----a-w C:\WINDOWS\system32\keyboard.sys
2008-04-14 02:19 35,648 ----a-w C:\WINDOWS\system32\ntio411.sys
2008-04-14 02:19 35,424 ----a-w C:\WINDOWS\system32\ntio412.sys
2008-04-14 02:19 34,560 ----a-w C:\WINDOWS\system32\ntio804.sys
2008-04-14 02:19 34,560 ----a-w C:\WINDOWS\system32\ntio404.sys
2008-04-14 02:19 33,840 ----a-w C:\WINDOWS\system32\ntio.sys
2008-04-14 02:18 1,647,616 ------w C:\WINDOWS\system32\winbrand.dll
2008-04-14 02:15 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
2008-04-14 01:56 56,832 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-04-14 01:53 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
2008-04-14 01:52 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 01:09 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
2008-04-12 11:41 180,224 ----a-w C:\WINDOWS\system32\xvidvfw.dll
2008-04-12 11:30 765,952 ----a-w C:\WINDOWS\system32\xvidcore.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^svchost.exe]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe
backup=C:\WINDOWS\pss\svchost.exeCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
--a------ 2008-04-12 13:17 288576 C:\Program Files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\outlook]
C:\Program Files\outlook\outlook.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics]
--a------ 2001-03-23 15:57 995328 C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a--c--- 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wscsvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=

R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-26 02:34:49
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-26 2:37:56
ComboFix-quarantined-files.txt 2008-06-26 06:37:52

Pre-Run: 2,277,801,984 bytes free
Post-Run: 2,333,999,104 bytes free

188 --- E O F --- 2008-05-19 23:11:55

Hijackthis log after combofix:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:40:33 AM, on 6/26/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1202650166921
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1202865603895
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) - http://images.kodakg...647111_0_SM.jpg

--
End of file - 2966 bytes

Edited by cantstopspinning, 26 June 2008 - 12:42 AM.

  • 0

#4
koko_crunch
Posted 26 June 2008 - 02:38 AM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Next,

1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

File::
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe
C:\WINDOWS\pss\svchost.exe

Registry::
[-HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^svchost.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000



3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image


5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
  • A new HijackThis log.

  • 0

#5
cantstopspinning
Posted 29 June 2008 - 10:25 PM

cantstopspinning

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
ComboFix 08-06-20.4 - joe 2008-06-30 0:17:51.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.67 [GMT -4:00]
Running from: C:\Documents and Settings\joe\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\joe\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe
C:\WINDOWS\pss\svchost.exe
.

((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-30 )))))))))))))))))))))))))))))))
.

2008-06-24 22:12 . 2008-06-24 22:13 <DIR> d-------- C:\Program Files\Rolling Madness 3D
2008-06-23 20:02 . 2008-06-23 20:02 <DIR> d-------- C:\Program Files\Alcatel
2008-06-21 18:04 . 2008-06-21 18:04 1,501 --a------ C:\WINDOWS\EReg515.dat
2008-06-21 17:57 . 2008-06-21 17:57 187 --a------ C:\WINDOWS\disneysy.ini
2008-06-21 17:57 . 2008-06-24 20:44 157 --a------ C:\WINDOWS\disney.ini
2008-06-20 23:47 . 2008-06-20 23:47 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-20 16:15 . 2008-06-20 16:16 <DIR> d-------- C:\Program Files\Panda Security
2008-06-20 16:07 . 2008-06-20 16:08 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-20 16:07 . 2008-06-20 16:07 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-06-20 16:07 . 2008-06-20 16:07 <DIR> d-------- C:\Documents and Settings\joe\Application Data\Malwarebytes
2008-06-20 16:07 . 2008-06-20 16:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-20 16:07 . 2008-06-19 17:48 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-20 16:07 . 2008-06-19 17:47 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-19 13:59 . 2008-06-19 13:59 <DIR> d-------- C:\Documents and Settings\joe\WINDOWS
2008-06-19 13:59 . 1998-01-23 12:22 304,128 --a------ C:\WINDOWS\IsUninst.exe
2008-06-17 20:08 . 2008-06-20 13:02 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-17 20:08 . 2008-06-17 20:08 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-16 15:45 . 2008-06-16 15:45 <DIR> d-------- C:\Program Files\AVI Codec Pack
2008-06-16 15:44 . 2008-06-16 15:44 <DIR> d-------- C:\WINDOWS\system32\quicktime
2008-06-16 15:37 . 2008-06-16 15:37 <DIR> d-------- C:\Program Files\Codec
2008-06-14 22:43 . 2008-06-14 22:44 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-06-14 11:34 . 2008-06-14 11:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-12 13:13 . 2008-06-12 13:13 <DIR> d-------- C:\WINDOWS\48B8222675E34E9092CCD30F79EA6380.TMP
2008-06-12 13:12 . 2008-03-19 18:26 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-06-12 13:12 . 2008-03-19 18:29 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-06-12 13:11 . 2008-06-20 16:47 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-06-11 18:08 . 2008-06-11 18:08 <DIR> d--h----- C:\Documents and Settings\joe\Application Data\yahoo!
2008-06-10 14:50 . 2008-06-11 18:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-10 14:49 . 2008-06-11 18:10 <DIR> d-------- C:\Program Files\Yahoo!
2008-06-08 07:26 . 2008-04-14 05:42 151,552 --a------ C:\WINDOWS\system32\irftp.exe
2008-06-08 07:26 . 2008-04-14 05:42 151,552 --a--c--- C:\WINDOWS\system32\dllcache\irftp.exe
2008-06-08 07:26 . 2008-04-14 05:41 28,160 --a------ C:\WINDOWS\system32\irmon.dll
2008-06-08 07:26 . 2008-04-14 05:41 28,160 --a--c--- C:\WINDOWS\system32\dllcache\irmon.dll
2008-06-08 07:26 . 2008-04-14 05:42 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2008-06-08 07:26 . 2008-04-14 05:42 8,192 --a--c--- C:\WINDOWS\system32\dllcache\wshirda.dll
2008-06-08 07:14 . 2008-06-08 07:14 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-06-08 07:04 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\005151_.tmp
2008-06-08 05:02 . 2008-06-08 05:02 <DIR> d-------- C:\Program Files\Netflix
2008-05-21 21:02 . 2008-06-24 22:55 <DIR> d-------- C:\Program Files\LimeWire
2008-05-21 19:05 . 2008-05-21 19:05 37 --a------ C:\WINDOWS\Viewer.ini
2008-05-21 17:19 . 2008-05-21 17:19 <DIR> d-------- C:\SIERRA
2008-05-21 17:19 . 2008-05-21 17:19 135 --a------ C:\WINDOWS\SIERRA.IN~
2008-05-21 17:18 . 2008-05-21 17:20 202 --a------ C:\WINDOWS\SIERRA.INI
2008-05-11 00:16 . 2008-05-11 00:16 <DIR> d-------- C:\Documents and Settings\joe\Application Data\Apple Computer
2008-05-11 00:09 . 2008-05-11 00:11 <DIR> d-------- C:\Program Files\QuickTime
2008-05-11 00:08 . 2008-05-11 00:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-11 00:03 . 2008-05-11 00:03 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-05-11 00:02 . 2008-05-11 00:02 <DIR> d-------- C:\Program Files\Common Files\Apple

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-29 01:13 --------- d-----w C:\Documents and Settings\joe\Application Data\LimeWire
2008-06-25 21:48 --------- d-----w C:\Program Files\Common Files\AOL
2008-06-25 00:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-25 00:43 --------- d-----w C:\Program Files\Winamp
2008-06-24 00:35 --------- d-----w C:\Documents and Settings\joe\Application Data\Winamp
2008-06-23 21:58 --------- d-----w C:\Documents and Settings\joe\Application Data\MSN6
2008-06-10 17:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-04-14 09:55 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 09:46 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 09:43 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 09:43 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 09:43 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll
2008-04-14 09:43 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 09:41 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
2008-04-14 09:40 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 09:40 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 09:40 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
2008-04-14 09:40 102,912 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 05:00 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 04:57 2,188,928 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 04:15 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-14 04:13 9,728 ------w C:\WINDOWS\system32\comsdupd.exe
2008-04-14 04:13 12,800 ------w C:\WINDOWS\system32\spiisupd.exe
2008-04-14 04:01 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-14 04:01 2,065,792 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 04:00 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
2008-04-14 03:45 76,800 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 03:09 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
2008-04-14 03:09 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-14 03:09 187,392 ------w C:\WINDOWS\system32\xpsp1res.dll
2008-04-14 03:08 306,176 ----a-w C:\WINDOWS\system32\slbcsp.dll
2008-04-14 03:08 169,984 ----a-w C:\WINDOWS\system32\sccbase.dll
2008-04-14 03:07 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
2008-04-14 03:07 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
2008-04-14 02:57 79,872 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 02:56 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
2008-04-14 02:56 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
2008-04-14 02:56 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
2008-04-14 02:54 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
2008-04-14 02:51 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
2008-04-14 02:39 4,096 ------w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 02:33 63,488 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 02:33 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 02:24 68,768 ----a-w C:\WINDOWS\system32\mmsystem.dll
2008-04-14 02:24 53,840 ----a-w C:\WINDOWS\system32\dosx.exe
2008-04-14 02:23 92,224 ----a-w C:\WINDOWS\system32\krnl386.exe
2008-04-14 02:22 3,338 ----a-w C:\WINDOWS\system32\redir.exe
2008-04-14 02:20 42,537 ----a-w C:\WINDOWS\system32\keyboard.sys
2008-04-14 02:19 35,648 ----a-w C:\WINDOWS\system32\ntio411.sys
2008-04-14 02:19 35,424 ----a-w C:\WINDOWS\system32\ntio412.sys
2008-04-14 02:19 34,560 ----a-w C:\WINDOWS\system32\ntio804.sys
2008-04-14 02:19 34,560 ----a-w C:\WINDOWS\system32\ntio404.sys
2008-04-14 02:19 33,840 ----a-w C:\WINDOWS\system32\ntio.sys
2008-04-14 02:18 1,647,616 ------w C:\WINDOWS\system32\winbrand.dll
2008-04-14 02:15 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
2008-04-14 01:56 56,832 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-04-14 01:53 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
2008-04-14 01:52 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 01:09 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
2008-04-12 11:41 180,224 ----a-w C:\WINDOWS\system32\xvidvfw.dll
2008-04-12 11:30 765,952 ----a-w C:\WINDOWS\system32\xvidcore.dll
2008-03-22 01:30 524,288 ----a-w C:\WINDOWS\system32\divxsm.exe
2008-03-22 01:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-03-22 01:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
.

((((((((((((((((((((((((((((( snapshot@2008-06-26_ 2.37.33.89 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-25 21:46:44 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-30 04:13:33 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2007-11-20 21:52:00 2,884,992 -c--a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2008-03-25 03:21:18 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
- 2007-11-20 21:52:00 218,496 -c--a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-06-30 04:14:22 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-06-30 04:13:46 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6b0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
--a------ 2008-04-12 13:17 288576 C:\Program Files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\outlook]
C:\Program Files\outlook\outlook.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics]
--a------ 2001-03-23 15:57 995328 C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a--c--- 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wscsvc"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=

R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-30 00:20:27
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-30 0:22:58
ComboFix-quarantined-files.txt 2008-06-30 04:22:43
ComboFix2.txt 2008-06-26 06:37:57

Pre-Run: 2,576,224,256 bytes free
Post-Run: 2,618,687,488 bytes free

191 --- E O F --- 2008-05-19 23:11:55


________________________________________________________________________________
_____________________


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:25:37 AM, on 6/30/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1202650166921
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1202865603895
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) - http://images.kodakg...647111_0_SM.jpg

--
End of file - 2960 bytes

Edited by cantstopspinning, 29 June 2008 - 10:26 PM.

  • 0

#6
koko_crunch
Posted 30 June 2008 - 07:54 AM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Looks good.
Now for some scans.

First,

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Next,

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

Logs required on next post
- MBAM log
- SuperAntispyware log
  • 0

#7
cantstopspinning
Posted 30 June 2008 - 08:00 PM

cantstopspinning

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
I'm still having the problem after doing all this. Just a little FYI.

Malwarebytes' Anti-Malware 1.18
Database version: 872

8:04:16 PM 6/30/2008
mbam-log-6-30-2008 (20-04-15).txt

Scan type: Quick Scan
Objects scanned: 34962
Time elapsed: 20 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

___________________________________________

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/30/2008 at 09:13 PM

Application Version : 4.15.1000

Core Rules Database Version : 3494
Trace Rules Database Version: 1485

Scan type : Complete Scan
Total Scan Time : 00:52:14

Memory items scanned : 309
Memory threats detected : 0
Registry items scanned : 3644
Registry threats detected : 0
File items scanned : 26730
File threats detected : 32

Adware.Tracking Cookie
C:\Documents and Settings\joe\Cookies\joe@advertising[1].txt
C:\Documents and Settings\joe\Cookies\[email protected][1].txt
C:\Documents and Settings\joe\Cookies\joe@adlegend[1].txt
C:\Documents and Settings\joe\Cookies\joe@adserver[1].txt
C:\Documents and Settings\joe\Cookies\[email protected][1].txt
C:\Documents and Settings\joe\Cookies\[email protected][2].txt
C:\Documents and Settings\joe\Cookies\joe@insightexpressai[1].txt
C:\Documents and Settings\joe\Cookies\joe@2o7[1].txt
C:\Documents and Settings\joe\Cookies\joe@apmebf[2].txt
C:\Documents and Settings\joe\Cookies\[email protected][2].txt
C:\Documents and Settings\joe\Cookies\joe@trafficmp[1].txt
C:\Documents and Settings\joe\Cookies\joe@bluestreak[1].txt
C:\Documents and Settings\joe\Cookies\joe@interclick[1].txt
C:\Documents and Settings\joe\Cookies\joe@specificclick[1].txt
C:\Documents and Settings\joe\Cookies\joe@doubleclick[2].txt
C:\Documents and Settings\joe\Cookies\joe@mediaplex[1].txt
C:\Documents and Settings\joe\Cookies\joe@html[2].txt
C:\Documents and Settings\joe\Cookies\joe@media6degrees[2].txt
C:\Documents and Settings\joe\Cookies\joe@revsci[1].txt
C:\Documents and Settings\joe\Cookies\joe@gadget[2].txt
C:\Documents and Settings\joe\Cookies\joe@tacoda[1].txt
C:\Documents and Settings\joe\Cookies\joe@atwola[1].txt
C:\Documents and Settings\joe\Cookies\[email protected][1].txt
C:\Documents and Settings\joe\Cookies\joe@atdmt[2].txt
C:\Documents and Settings\joe\Cookies\[email protected][1].txt
C:\Documents and Settings\joe\Cookies\joe@realmedia[2].txt
C:\Documents and Settings\joe\Cookies\joe@tribalfusion[1].txt
C:\Documents and Settings\joe\Cookies\joe@zedo[1].txt
C:\Documents and Settings\joe\Cookies\[email protected][1].txt
C:\Documents and Settings\joe\Cookies\[email protected][1].txt
C:\Documents and Settings\joe\Cookies\joe@casalemedia[2].txt
C:\Documents and Settings\joe\Cookies\joe@fastclick[1].txt
.mediaplex.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ad.yieldmanager.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ad.yieldmanager.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
ads.revsci.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.bluestreak.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.dynamic.media.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.dynamic.media.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.youporn.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
ads-dev.youporn.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
media.mtvnservices.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
media.mtvnservices.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.sixapart.adbureau.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
cache.trafficmp.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
cache.trafficmp.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
adopt.euroclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.googleadservices.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
adserving.autotrader.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.atwola.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
mediamgr.ugo.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.hearstugo.112.2o7.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.hitbox.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ehg-myspaceinc.hitbox.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.hitbox.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ehg-myspaceinc.hitbox.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.zillow.adbureau.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.network.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.upload2.youporn.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.upload2.youporn.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.videoegg.adbureau.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.adlegend.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.precisionclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.precisionclick.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
www.burstbeacon.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
www.burstnet.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
ads.bridgetrack.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
ads.bridgetrack.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
ads.bridgetrack.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
ar.atwola.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
tremor.adbureau.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.tremor.adbureau.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.bs.serving-sys.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
anad.tacoda.net [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ehg-dig.hitbox.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ehg-dig.hitbox.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ehg-dig.hitbox.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ehg-dig.hitbox.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.ehg-dig.hitbox.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
data.coremetrics.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.perf.overture.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Profiles\rho1xyoz.default\cookies.txt ]
.nextag.com [ C:\Documents and Settings\joe\Application Data\Mozilla\Firefox\Prof
  • 0

#8
koko_crunch
Posted 30 June 2008 - 10:54 PM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
I'm still not seeing any Antivirus software installed on your system.

Anti-virus is a necessity this days.
Please choose one from these free Anti-Virus softwares.

Note: Installing more than one anti-virus software can lead to system hang ups and conflicts, providing less protection, not more!.

INSTALL
Then
UPDATE


Next,

Please download Deckard's System Scanner (DSS) and save it to your Desktop.

Close all other windows before proceeding.

Click on Start, click on Run
copy and paste the following in bold in the open window and then click OK
"%userprofile%\desktop\dss.exe" /config
This will open up DSS configuration
click on Check All
click Scan
DSS will now run again when finished
Please post back both logs that open in notepad
Main txt and extra txt

Please be sure that the logs don't get cut off.

Edited by koko_crunch, 30 June 2008 - 10:54 PM.

  • 0

#9
koko_crunch
Posted 11 July 2008 - 12:57 AM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP