Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

"Sierra Web site" on start menu. [RESOLVED]


  • This topic is locked This topic is locked

#1
Timbydude

Timbydude

    Member

  • Member
  • PipPip
  • 59 posts
I don't understand what's happening. On my start menu a couple weeks ago, I saw an Internet Explorer shortcut for "WON.net Web Site". It's on the top of my start menu and the wierd thing is that I use Firefox, not IE. Now, on my start menu, there's still an IE shortcut, but this time for "Sierra Web Site". Here's the reason I'm posting though: I'ver run Spybot, Ad-Aware, and Norton Antivirus. They're ALL clean. Although in the past, I've been unable to download progams due to the owner of the computer, I am allowed to do so now, so if you would like me to use HijackThis, please just tell me. Thank you for your help.

EDIT: Actually, upon closer inspection of the files, it seems like both of these shortcuts are related to the game: 3D Ultra Pinball: Thrillride. I know it's very old, but it is in fact installed on my computer by me. Still, do you think that Sierra still used those 3 shortcuts as spyware? The shortcuts, although I don't follow them, seem to be accessed very often (like every hour or so).

Edited by Timbydude, 03 September 2005 - 10:35 AM.

  • 0

Advertisements


#2
skate_punk_21

skate_punk_21

    Malware Removal Expert

  • Retired Staff
  • 1,049 posts
Please download HijackThis http://www.greyknigh.../HijackThis.exe - this program will help us determine if there are any spyware/malware on your computer. Create a folder at C:\HJT and move HijackThis.exe there. Double click on the program to run it.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Post the hijackthis.log file here. Do not fix anything in HijackThis since they may be harmless.

Further Scanning
Please run a Scan at the Following site
Panda ActiveScan

Make sure that you choose the "fix" or "clean" option when available
at the end of this scan you will be given then option to save a log from the scan -SAVE THAT LOG- and post it here

Please post a fresh HijackThis log & the Log from Panda so that we can check if your system is clean.
  • 0

#3
Timbydude

Timbydude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
By the way, last time I tried to shut down my computer, I ended up having to end "CCapp" before it shut down. I d'n't know if it's a legit program or not. In case it helps, my computer is an Alienware Area-51. Also, please let me know exactly what the files I might be deleting are, because (as you probably know) Alienwares are EXTREMELY expensive, and I don't want to have to save up for years to buy another one. With that in mind, thank you very much and here is my log.

EDIT: When I ran the Panda ActiveScan, I didn't get a chance to "fix", "clean", or save a log. It simply says "No viruses or other malicious software have been found!" Sorry if this causes any problems.

Logfile of HijackThis v1.99.1
Scan saved at 4:18:53 PM, on 9/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AlienAutopsy\TEKS_Service.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lexmark\Lexmark Precision Photo\MemCard.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Billy\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware...mothership.aspx
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.alienware...mothership.aspx
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {348FE907-249E-4C65-A838-F34A193FE1D1} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LXBSCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MemoryCardManager] C:\Program Files\Lexmark\Lexmark Precision Photo\MemCard.exe -startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.alienware.com/mothership.aspx
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.s...sa/LSSupCtl.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp...ads/sysinfo.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.s...sa/SymAData.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://livenj01.righ...l/java/RntX.cab
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxbs_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbscoms.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProductivIT Service (ProductivITService) - DynTek, Inc. - C:\Program Files\AlienAutopsy\TEKS_Service.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Edited by Timbydude, 07 September 2005 - 03:50 PM.

  • 0

#4
skate_punk_21

skate_punk_21

    Malware Removal Expert

  • Retired Staff
  • 1,049 posts
Please follow the instructions provided, you may want to print out these instructions and use them as a reference.

Please download ewido security suite it is a free version of the program.
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Launch ewido, there should be an icon on your desktop, double-click it.
  • The program will now open to the main screen.
  • When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  • The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

+++++++++++++++++++++++++++++++

Once the updates are installed do the following:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido security suite.

Edited by skate_punk_21, 08 September 2005 - 10:18 PM.

  • 0

#5
Timbydude

Timbydude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
I'd like to apologize, but I don't have a complete ewido log for you. I'm very cautious with my computer, and once I saw that it started deleting files, I panicked and stopped the scan halfway through. I'm very sorry. I can describe it though... :tazz:

There were 123 objects found total.
One was in the registry (Spyware.MiniBug):
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}

The rest all had the same exact path:
C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt

They all started with Spyware.Cookie...and had the following extensions (for example, Spyware.Cookie.Atdmt):
.2o7 (19 of those)
.Atdmt (2 of those)
.Tribalfusion (3 of those)
.QuestionMarket (3 of those)
.Com (8 of those)
.Centrport (2 of those)
.Hitbox (31 of those)
.Statcounter (3 of those)
.Googleadservices (3 of those)
.Fast... (by the way, the "..." is part of the file) (9 of those)
.Webtrendslive (3 of those)
.Doubleclick (3 of those)
.Coremetrics (6 of those)
.Serving-sys (5 of those)
.Adjuggler (2 of those)
.Casalemedia (9 of those)
.Esomniture (9 of those)


OK...Those are pretty accurate, and according to my calculator, I missed 2 somewhere in that list. Anyway, hope that helped, and thanks again for helping me.
  • 0

#6
skate_punk_21

skate_punk_21

    Malware Removal Expert

  • Retired Staff
  • 1,049 posts
if you would like to know the purpose of each file that will be listed from your scan, please use google. I am trying to fix your computer (though it seems alright), but in order to do that i need the scans completed.

Also as you are weary of file deletions -you may choose "ingnore" for the first detected malware item. Then at bottom right check the box labelled, "do this for all infected"

Post THAT log if possible
  • 0

#7
Timbydude

Timbydude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
First, I'd like to say I'm very sorry for giving you the handwritten log. I wasn't thinking; it was entirely my fault and I apologize. Thats said, here is my Ewido log without deleting anything:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 11:09:32 PM, 9/9/2005
+ Report-Checksum: 6EEC1F09

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Ignored
:mozilla.11:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Atdmt : Ignored
:mozilla.12:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Com : Ignored
:mozilla.13:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Com : Ignored
:mozilla.14:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Com : Ignored
:mozilla.23:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Centrport : Ignored
:mozilla.24:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.25:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.26:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.27:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.28:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.29:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.30:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.31:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.32:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.33:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.34:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.35:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.36:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.37:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.2o7 : Ignored
:mozilla.63:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Serving-sys : Ignored
:mozilla.64:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Serving-sys : Ignored
:mozilla.65:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Serving-sys : Ignored
:mozilla.66:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Serving-sys : Ignored
:mozilla.80:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Ignored
:mozilla.84:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Questionmarket : Ignored
:mozilla.92:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.93:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.95:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.96:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.99:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Statcounter : Ignored
:mozilla.106:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.129:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Googleadservices : Ignored
:mozilla.135:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.136:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.137:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Fastclick : Ignored
:mozilla.138:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Fastclick : Ignored
:mozilla.165:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Doubleclick : Ignored
:mozilla.187:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Coremetrics : Ignored
:mozilla.188:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Coremetrics : Ignored
:mozilla.202:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.203:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.217:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Serving-sys : Ignored
:mozilla.228:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Adjuggler : Ignored
:mozilla.233:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.236:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.237:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.238:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Casalemedia : Ignored
:mozilla.240:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Hitbox : Ignored
:mozilla.247:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Esomniture : Ignored
:mozilla.248:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Esomniture : Ignored
:mozilla.249:C:\Documents and Settings\Billy\Application Data\Mozilla\Firefox\Profiles\6t200ybm.default\cookies.txt -> Spyware.Cookie.Esomniture : Ignored


::Report End
  • 0

#8
skate_punk_21

skate_punk_21

    Malware Removal Expert

  • Retired Staff
  • 1,049 posts

First, I'd like to say I'm very sorry for giving you the handwritten log. I wasn't thinking; it was entirely my fault and I apologize. Thats said, here is my Ewido log without deleting anything

1: You dont have to apologize! lol I wont stop trying to help you, 2: I understand you wanting to know the specifics, :) but i do logs at too many forums, and am hard pressed for time (luckily your entries are all the same). 3: Those files are spyware cookies - received from third party sites, if you like you can run Ewido again, and safely remove all the files it comes up with :tazz:

Otherwise I'm afraid your computer is clean my good man!

Edited by skate_punk_21, 09 September 2005 - 10:09 PM.

  • 0

#9
Timbydude

Timbydude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
OK. Thanks a lot for all of your help. I greatly appreciate it. :tazz:
  • 0

#10
skate_punk_21

skate_punk_21

    Malware Removal Expert

  • Retired Staff
  • 1,049 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP