Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Dr. Watson Postmortem debugger problem [RESOLVED]


  • This topic is locked This topic is locked

#1
garce

garce

    New Member

  • Member
  • Pip
  • 4 posts
Hi,
Every time I right click or try to delete a file on my computer I get a Dr. Watson Postmortem debugger error message. The computer freezes and the only way to move ahead is to kill the dr watson32 process. This is happening now 100% of the time, before it seemed to be intermitent. I've tried scaning with a series of antivirus/antispyware with no luck.
I would really appreciate help with this annoying problem.

Gabriel
///
I am including the HJT log file

Logfile of HijackThis v1.99.1
Scan saved at 8:26:30 AM, on 8/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\TrojanHunter 4.2\THGuard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Dell\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\SYSTEM32\RAMASST.exe
C:\PROGRA~1\Dell\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll (file missing)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVD43] "C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe" /hidden
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\SYSTEM32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell....iler/SysPro.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://di.imgag.com/...stall/AxCtp.cab
O16 - DPF: {5242A5A1-EF1E-11D5-B3EE-0050DAC5EBD0} (printQuick Browser Add In (Ver4)) - http://www.pqpc.com/...ntquick1410.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
  • 0

Advertisements


#2
kool808

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
Hello and welcome to Geeks to Go! :tazz: I'm kool808 and I will be helping you today.

I am working on your log. As soon as I made a good fix for this, I will post a reply. Thank you for your patience.
  • 0

#3
kool808

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts

uninstall Trojan Hunter through add/remove programs for a moment, this consumes much of the resources and put us in a drag. We will use it later.

Right click on the Microsoft AntiSpyware icon (looks like a target) and click on Security Agents Status (Enabled) and click on Disable Real-time Protection. To re enable it, you follow the same steps but click on Enable Real-time Protection.
(NOTE: We will re-enable this later after everything is clean)


Please read through the instructions before you start (you may want to print this out).

Please download and install these programs - do NOT run them yet!!

1.) Please download and unzip
About:Buster to a folder. Inside the folder is a readme file that has instructions on the use of the program.
AboutBuster MUST be updated before you use it.
Start AboutBuster, click the update button, check for update, drag the box to the side and hit download updates, close the box . Do NOT run it yet.

2.) Please download and install AD-Aware.
Please follow these download and setup instructions, otherwise, check for updates: Ad-Aware SE Setup
Do NOT run the scan yet!

3.) Download and unzip HSfix to your desktop. HERE (It will extract a file called cwsserviceremove.reg)

4.) Please Download the stand-alone version of CoolWebShredder

Be sure to View Hidden and System Files.

For anyone using Windows XP, 'Search' will not automatically show hidden files even if your folder options settings are set to do that. Do this so you can see hidden files and folders - click HERE to download xphidden.zip. Extract xphidden.reg from the zip file and save it to the desktop. When done, double-click the xphidden.reg and when asked to merge say yes.

+++++++++++++++++++++++++++++++++++++++++++++++++

Here's the fix:

Reboot in SAFE MODE. (How to boot in Safe Mode...)

We will now fix the remaining problems with HijackThis. Please close all remaining windows, disconnect from the internet, open HijackThis then click SCAN. Please put a check on the following items listed below:


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html

O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll (file missing)

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab


Make sure to double check the items you have selected, then click Fix Checked.


Through Windows Explorer, delete the following folder(s) or files(s) if they exist (in bold):
  • C:\WINDOWS\pxwma.dll
Finally, Empty Recycle Bin

Run AboutBuster . This will scan your computer for the bad files and delete them. Save the report (copy and paste into notepad or wordpad and save as a .txt file) and post a copy back here when you are done with all the steps.

In the event you get an error message then do the following:
Start > Run then paste this in the dialog box

regsvr32 C:\Windows\System32\COMCTL32.OCX


Scan with AdAware and let it remove any bad files found.

Clean out temporary and TIF files. Go to Start > Run and type in the box: cleanmgr. Let it scan your system for files to remove. Make sure these 3 are checked and then press *ok* to remove:

Temporary Files
Temporary Internet Files
Recycle Bin


Double click on the cwsserviceremove and when asked to merge say yes.

Run CW-Shredder - Hit the FIX button - let it run and fix what it finds.

Reboot into normal mode.

Download the Hoster http://www.funkytoad.com/download/hoster.zip
DO NOT run the program yet.

Unzip Host to your desktop

Open up the Host program folder then double-clicking Hoster.exe.
  • Make sure that the instruction found on the upper right corner is labeled "Your Host file is editable. Click button to right to make your Hosts file Read-only" and must be in green. Otherwise, if the label is RED click the button just right beside it to change the label and color back to GREEN.
  • Click back-up Host files
  • then click Restore orginal host files
  • close program
13. Download and run this online virus scan:
http://housecall.trendmicro.com/housecall/start_corp.asp
Make sure you check "AutoClean"
===================================================

To make sure it is perfectly clean let us have the final check.
  • Close all windows, open HijackThis then SCAN.
  • Post a NEW HijackThis Log.
  • Please tell me how your system is working now.

  • 0

#4
garce

garce

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Hi,
Thanks for your help. Yet problem still exists
I did all mentioned. Some comments
-HSFix unzip was called HSFix.reg
-HJT: O2 - BHO: CInter... entry was not there anymore. I dont know how dissapear
-I could not find pxwma.dll either
-Trend micro found a Virus and cleaned it. See attachment.

HJT log after this included:
Logfile of HijackThis v1.99.1
Scan saved at 11:47:03 PM, on 8/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Dell\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Dell\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\SYSTEM32\RAMASST.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVD43] "C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe" /hidden
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\SYSTEM32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell....iler/SysPro.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://di.imgag.com/...stall/AxCtp.cab
O16 - DPF: {5242A5A1-EF1E-11D5-B3EE-0050DAC5EBD0} (printQuick Browser Add In (Ver4)) - http://www.pqpc.com/...ntquick1410.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Unfortunately, problem still there. I can not right click anything or else I get the Dr. Watson Postmortem Error.

Attached Thumbnails

  • Trend_Micro_Scan_081005.jpg

  • 0

#5
kool808

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts

-HSFix unzip was called HSFix.reg
Sorry for the bad link, the site must have updated their file.

-HJT: O2 - BHO: CInter... entry was not there anymore. I dont know how dissapear
It was already removed from the registry fix of HSFix.reg. This was just a verification

-I could not find pxwma.dll either
This was just a verification that the file was really deleted.

-Trend micro found a Virus and cleaned it. See attachment.
Good work! Next time do NOT post attachments instead post the whole log normally even if it is very long.


Please download the trial version of Ewido Security Suite 3.5 here:
http://www.ewido.net/en/download/

Please read Ewido Setup Instructions
Install it, and update the definitions to the newest files. Do NOT run a scan yet.

Reboot in safe mode, be sure to view hidden and system files:
Search for this file then delete it

C:\windows\system32\cisvc32.exe

empty the recycle bin

Run Ewido:
  • Click on scanner
  • Click Complete System Scan and the scan will begin.
  • During the scan it will prompt you to clean files, click OK
  • When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
  • When the scan is finished, click the Save report button at the bottom of the screen.
  • Save the report to your desktop
Close Ewido

reboot again in NORMAL MODE.

post a new hijackthis log as well as the log from Ewido.

Lets see how this goes!
  • 0

#6
garce

garce

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Trend Micro deleted the virus and now I can not find that file in the directory anymore. I did found a file called cisvc.exe. Also before posting my problem in the forum I installed ewido (but the nagging problem was still there)
Please let me know if you still want me me to follow procedure. Thanks a lot for your help
  • 0

#7
kool808

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
cisvc.exe - http://castlecops.com/StartupList.html

cisvc32.exe - is a malware which was detected by Trend Micro


Yes follow my instructions, I need the result of the log. From there I can make the conclusion for the fix. :tazz:

can you have an online scan with Panda Scan:

Panda Scan

save the results then post it.
  • 0

#8
garce

garce

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Alright. I run ewido in safe mode. This is the log
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 8:25:03 PM, 8/12/2005
+ Report-Checksum: 56F53F11

+ Scan result:

:mozilla.28:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.240:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.241:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.242:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.287:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Commission-junction : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Commission-junction : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.315:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.323:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.325:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.328:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.351:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.352:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.363:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.364:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.367:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.368:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.369:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.385:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.393:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.418:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.419:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.420:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.421:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.422:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.423:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.425:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.426:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.427:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.428:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.429:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.430:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.439:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.448:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.449:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.461:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.483:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.485:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.487:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.494:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.495:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.503:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.504:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.518:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.519:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.520:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.521:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.522:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.523:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.524:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.525:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.526:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.527:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.528:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.529:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.530:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.531:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.532:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.534:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.535:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.536:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.537:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.538:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.539:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.540:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.541:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.542:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.544:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.568:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.569:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.591:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.601:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
:mozilla.613:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.614:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.623:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.624:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.629:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.630:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.646:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.650:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.651:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.660:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.661:C:\Documents and Settings\Gabriel\Application Data\Mozilla\Firefox\Profiles\rk2osdt1.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Gabriel\Cookies\gabriel@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Gabriel\Cookies\gabriel@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Gabriel\Cookies\gabriel@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Gabriel\Cookies\gabriel@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Gabriel\Cookies\gabriel@rotator.adjuggler[1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Gabriel\Cookies\gabriel@servedby.advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup


::Report End

++++++++++++++++++++++++
After that I reboot in Normal and did a HJT and this is the log
Logfile of HijackThis v1.99.1
Scan saved at 8:31:27 PM, on 8/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Dell\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\SYSTEM32\RAMASST.exe
C:\PROGRA~1\Dell\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVD43] "C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe" /hidden
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\SYSTEM32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell....iler/SysPro.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://di.imgag.com/...stall/AxCtp.cab
O16 - DPF: {5242A5A1-EF1E-11D5-B3EE-0050DAC5EBD0} (printQuick Browser Add In (Ver4)) - http://www.pqpc.com/...ntquick1410.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

++++++++++++++++++++++++++++++++++++++++
After that I tried Panda for around 4 times but was always crashing (closing all explorer windows half way during the process)
I note that at certain point it showed detected one spyware while it was scanning zcfgsvc.exe. I recall this process crashing in the past a lot.
Anyway I ran another HJT and this is the log:
Logfile of HijackThis v1.99.1
Scan saved at 9:44:55 PM, on 8/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Dell\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\SYSTEM32\RAMASST.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVD43] "C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe" /hidden
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\SYSTEM32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\i
  • 0

#9
kool808

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
Your HJT log looks clean. How is your system running? Are there any more problems?

zcfgsvc.exe
http://www.liutiliti...ibrary/zcfgsvc/

Download and install Cleanup.

Now run CleanUp. When you click the Close button you will be prompted to reboot, agree to it.
  • 0

#10
kool808

kool808

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,690 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP