Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Web Nexus Adware Removal and Others


  • Please log in to reply

#1
II Rubio II

II Rubio II

    New Member

  • Member
  • Pip
  • 2 posts
So I stopped using IE about 8 months ago but somehow or another lately I have been getting pop-ups from Web Nexus Network. At the bottom it tells you to "click here" to uninstall, but I don't trust it. I ran hijack this and here is my log.... Any help at this point would be greatly appreciated...........


Logfile of HijackThis v1.99.1
Scan saved at 10:13:52 PM, on 9/21/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Mouse\Amoumain.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\YCDADLL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Ahead\Ahead\data\Xtras\mssysmgr.exe
C:\WINDOWS\System32\dskscard.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\aim\aim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bellsouth.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://rd.yahoo.com/...://my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Boomer Sooner
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - _{8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [WheelMouse] Amoumain.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\aim\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ihhickjg] C:\WINDOWS\apyjyosd.exe
O4 - HKLM\..\Run: [liosuxr] c:\windows\system32\liosuxr.exe
O4 - HKLM\..\Run: [YCDADLL] C:\WINDOWS\YCDADLL.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sys10-859468156] C:\WINDOWS\sys10-859468156.exe
O4 - HKLM\..\Run: [msmc] C:\WINDOWS\System32\msdioo.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [d92j94by] C:\Program Files\d92j94by\d92j94by.exe
O4 - HKLM\..\Run: [BMan] C:\Documents and Settings\All Users\Application Data\msw\BMan1.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [stmzmjgj] C:\WINDOWS\stmzmjgj.exe
O4 - HKLM\..\Run: [SystemCheck] C:\WINDOWS\SysCheckBop32
O4 - HKLM\..\Run: [vgb] C:\WINDOWS\vgb.exe
O4 - HKLM\..\Run: [Jraixu] C:\Program Files\Wkiu\Vvadq.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [2stS3Fh] dsutsdk.exe
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\dudrug.exe reg_run
O4 - HKCU\..\Run: [AIM] C:\Program Files\aim\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\Ahead\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [JB22RPNFS] dskscard.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Boost XP Service] C:\Program Files\Boost XP\bxservice.exe
O4 - HKCU\..\Run: [sf] C:\Program Files\sf\sf.exe
O4 - HKCU\..\Run: [sfita] C:\WINDOWS\sfita.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Atomica... - file:C:\PROGRA~1\Atomica\ATOMIC~1\Html\griemenu.htm
O8 - Extra context menu item: Backward Links - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)
O9 - Extra 'Tools' menuitem: Java - {9E248641-0E24-4DDB-9A1F-705087832AD6} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.bellsouth.net
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: Yahoo! Canasta - http://download.game...nts/y/yt1_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.game...ts/y/dot2_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt1_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/potc_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.co...iliate=MEDIAGEN
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1097539418218
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.googl...g/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9387B9E0-3DA2-436E-88E5-FA09AE3A48C0} (pup.setup) - http://www.lazychest...0014/ph/pup.CAB
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://131.94.13.20/...t/TLIEFlash.CAB
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.c...ymmapi_0727.dll
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfi...ll/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Windows VisFx Components - Unknown owner - C:\WINDOWS\xccwsvc.exe (file missing)

Attached Files


  • 0

Advertisements


#2
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
Download and unzip BFUzip from http://computercops..../Merijn/bfu.zip
Run the program and click the Web button as shown here:
Posted Image

Use this URL to copy into the address bar of the Download script window:
http://metallica.geekstogo.com/qoologic.bfu

Execute the script by clicking the Execute button.

If you have any questions about the use of BFU please read here:
http://metallica.gee...structions.html


Please download ewido security suite it is a free version of the program.
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Launch ewido, there should be an icon on your desktop, double-click it.
  • The program will now open to the main screen.
  • When you run ewido for the first time, you will get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  • The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")
  • Exit ewido. DO NOT scan yet.
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

Now open ewido and do a scan of your system.
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Now scan with HJT and place a checkmark next to each of the following items:

R3 - URLSearchHook: (no name) - _{8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)

O4 - HKLM\..\Run: [ihhickjg] C:\WINDOWS\apyjyosd.exe
O4 - HKLM\..\Run: [liosuxr] c:\windows\system32\liosuxr.exe
O4 - HKLM\..\Run: [YCDADLL] C:\WINDOWS\YCDADLL.EXE

O4 - HKLM\..\Run: [sys10-859468156] C:\WINDOWS\sys10-859468156.exe
O4 - HKLM\..\Run: [msmc] C:\WINDOWS\System32\msdioo.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [d92j94by] C:\Program Files\d92j94by\d92j94by.exe
O4 - HKLM\..\Run: [BMan] C:\Documents and Settings\All Users\Application Data\msw\BMan1.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [stmzmjgj] C:\WINDOWS\stmzmjgj.exe
O4 - HKLM\..\Run: [SystemCheck] C:\WINDOWS\SysCheckBop32
O4 - HKLM\..\Run: [vgb] C:\WINDOWS\vgb.exe
O4 - HKLM\..\Run: [Jraixu] C:\Program Files\Wkiu\Vvadq.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1

O4 - HKLM\..\Run: [2stS3Fh] dsutsdk.exe
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\dudrug.exe reg_run

O4 - HKCU\..\Run: [JB22RPNFS] dskscard.exe

O4 - HKCU\..\Run: [sf] C:\Program Files\sf\sf.exe
O4 - HKCU\..\Run: [sfita] C:\WINDOWS\sfita.exe

O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)

O16 - DPF: {9387B9E0-3DA2-436E-88E5-FA09AE3A48C0} (pup.setup) - http://www.lazychest...0014/ph/pup.CAB

O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -


Close all open windows except for HJT, then click the Fix Checked button. Close HJT.

Reboot and post both the Ewido log and a new HijackThis log.

Regards,
  • 0

#3
II Rubio II

II Rubio II

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Metallica,

Thanks for all the help. Below you'll find the hijack this log as well as the ewido log as you requested. It seems like the problem has been fixed, but your expert opnion would be greatly appreciated.

[B] HIJACK THIS LOG

Logfile of HijackThis v1.99.1
Scan saved at 8:13:11 PM, on 9/27/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Mouse\Amoumain.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\YCDADLL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\aim\aim.exe
C:\PROGRA~1\Ahead\Ahead\data\Xtras\mssysmgr.exe
C:\Program Files\BigFix\BigFix.exe
C:\Palm\HOTSYNC.EXE
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\rtrp.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bellsouth.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://rd.yahoo.com/...://my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Boomer Sooner
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [WheelMouse] Amoumain.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\aim\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [YCDADLL] C:\WINDOWS\YCDADLL.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sys10-859468156] C:\WINDOWS\sys10-859468156.exe
O4 - HKLM\..\Run: [msmc] C:\WINDOWS\System32\msdioo.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\dudrug.exe reg_run
O4 - HKCU\..\Run: [AIM] C:\Program Files\aim\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\Ahead\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Boost XP Service] C:\Program Files\Boost XP\bxservice.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: rtrp.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Atomica... - file:C:\PROGRA~1\Atomica\ATOMIC~1\Html\griemenu.htm
O8 - Extra context menu item: Backward Links - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.bellsouth.net
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: Yahoo! Canasta - http://download.game...nts/y/yt1_x.cab
O16 - DPF: Yahoo! Dominoes - http://download.game...ts/y/dot2_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt1_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/potc_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.co...iliate=MEDIAGEN
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1097539418218
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.googl...g/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://131.94.13.20/...t/TLIEFlash.CAB
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.c...ymmapi_0727.dll
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfi...ll/gtdownls.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Windows VisFx Components - Unknown owner - C:\WINDOWS\xccwsvc.exe (file missing)

[B]EWIDO LOG

ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 7:22:36 AM, 9/27/2005
+ Report-Checksum: 2C0DE508

+ Scan result:

HKLM\SOFTWARE\Classes\AppID\{0DC5CD7C-F653-4417-AA43-D457BE3A9622} -> Spyware.BookedSpace : Cleaned with backup
HKLM\SOFTWARE\Classes\AtBHO.AtBHOObj\CLSID\\ -> Spyware.Atomica : Cleaned with backup
HKLM\SOFTWARE\Classes\AtBHO.AtBHOObj.1\CLSID\\ -> Spyware.Atomica : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\\ -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} -> Spyware.MySearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3392BD0A-A851-4AA4-86E0-4651006F9EA8} -> Spyware.Atomica : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8DA5457F-A8AA-4CCF-A842-70E6FD274094} -> Spyware.HuntBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} -> Spyware.NetNucleus : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B5AB638F-D76C-415B-A8F2-F3CEAC502212} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C0EF89EE-EEC7-4535-A041-F1EBF79560A7} -> Spyware.CashBack : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C0EF89EE-EEC7-4535-A041-F1EBF79560A7}\TypeLib\\ -> Spyware.CashBack : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E004800A-73C6-4587-B855-98D0CE0C16B1} -> Spyware.BrowserAid : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA} -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{BC333116-6EA1-40A1-9D07-ECB192DB8CEA}\ProxyStubClsid32\\ -> Spyware.AproposMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\res -> Spyware.WebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{52CACFDF-9170-46A9-AE2E-E594D324C72A} -> Spyware.CashBack : Cleaned with backup
HKLM\SOFTWARE\Classes\WEBInstaller.CExecute -> Spyware.CashBack : Cleaned with backup
HKLM\SOFTWARE\Classes\WEBInstaller.CExecute\CLSID -> Spyware.CashBack : Cleaned with backup
HKLM\SOFTWARE\Classes\WEBInstaller.CExecute\CLSID\\ -> Spyware.CashBack : Cleaned with backup
HKLM\SOFTWARE\Classes\WEBInstaller.CExecute\CurVer -> Spyware.CashBack : Cleaned with backup
HKLM\SOFTWARE\Classes\WEBInstaller.CExecute.1 -> Spyware.CashBack : Cleaned with backup
HKLM\SOFTWARE\Classes\WEBInstaller.CExecute.1\CLSID\\ -> Spyware.CashBack : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunWindowsUpdate -> Spyware.BrowserAid : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunWindowsUpdate\Active -> Spyware.BrowserAid : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\Mvu -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\picsvr -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick2 -> Spyware.SurfSide : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick2\Internet Explorer -> Spyware.SurfSide : Cleaned with backup
HKLM\SYSTEM\CurrentControlSet\Services\ZESOFT -> Spyware.NaviSearch : Cleaned with backup
HKLM\SYSTEM\CurrentControlSet\Services\ZESOFT\Enum -> Spyware.NaviSearch : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C109664B-CEB1-420B-B353-D55A561536DD} -> Spyware.AdShooter : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\Mvu -> Spyware.Delfin : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\picsvr -> Spyware.Delfin : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\WinUpdt -> Spyware.SecondThought : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\_rtneg -> Spyware.Begin2Search : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\_rtneg\eeennn -> Spyware.Begin2Search : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\_rtneg\kkws -> Spyware.Begin2Search : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\_rtneg\ppops -> Spyware.Begin2Search : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\_rtneg\ssites -> Spyware.Begin2Search : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\_rtneg2 -> Spyware.Begin2Search : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\_rtneg2\ppops -> Spyware.Begin2Search : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\_rtneg2\ssites -> Spyware.Begin2Search : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\_rtneg3 -> Spyware.Begin2Search : Cleaned with backup
HKU\S-1-5-21-598665437-3683679437-3020190987-1008\Software\{12EE7A5E-0674-42f9-A76B-000000004D00} -> Spyware.BrowserAid : Cleaned with backup
[1680] C:\WINDOWS\System32\klkrl.dll -> TrojanDownloader.Qoologic.ac : Cleaned with backup
[27964] C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll -> Spyware.MyWebSearch : Cleaned with backup
C:\Documents and Settings\All Users\Application Data\msw\BMan1.exe -> Spyware.Searcher : Cleaned with backup
C:\Documents and Settings\All Users\TopSearch.dll -> Spyware.Altnet : Cleaned with backup
C:\Documents and Settings\Gloria\Local Settings\Temporary Internet Files\Content.IE5\ALBS9OFQ\exitpop[1].htm -> Trojan.NoClose.i : Cleaned with backup
C:\Documents and Settings\Gloria\Local Settings\Temporary Internet Files\Content.IE5\OBQHWBEZ\exitpop[1].htm -> Trojan.NoClose.i : Cleaned with backup
C:\Documents and Settings\John\Cookies\john@sales.liveperson[1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\John\Cookies\john@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnysodzokqqwdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\John\Local Settings\Temp\TBPS.exe -> Spyware.WebSearch : Cleaned with backup
C:\Documents and Settings\John\Local Settings\Temp\toolbar.dll -> Spyware.WebSearch : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
-> : Error during cleaning
:mozilla.96:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
-> : Error during cleaning
:mozilla.109:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.259:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.271:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.272:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.274:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.287:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.289:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.290:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.291:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.295:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.296:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.301:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.302:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.336:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.337:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.373:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.380:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.381:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.406:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.416:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.417:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.425:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.434:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.442:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.444:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.445:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.498:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.499:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.502:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.503:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.516:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.527:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.544:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.545:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.546:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.549:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.550:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.580:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.585:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Ad-logics : Cleaned with backup
:mozilla.591:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.592:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.593:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.594:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.603:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.604:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.627:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.641:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.644:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.651:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.653:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.654:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.656:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.657:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.663:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.669:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.671:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.715:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.723:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.724:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.729:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.732:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.738:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.751:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.772:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.775:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.776:C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hbv7s3nu.default\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Larry\Application Data\Mozilla\Profiles\default\7cip7snv.slt\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Documents and Settings\Larry\Application Data\Webroot\Spy Sweeper\Backup\Startup\rtrp.exe.bak -> TrojanDownloader.Qoologic.n : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@ads.addynamix[1].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@casalemedia[2].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@citi.bridgetrack[2].txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Larry\Cookies\larry@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documen

Attached Files


  • 0

#4
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
Still some cr@p on board, but much better. :tazz:

Check the following items in HijackThis.
Close all windows except HijackThis and click Fix checked:

O4 - HKLM\..\Run: [YCDADLL] C:\WINDOWS\YCDADLL.EXE

O4 - HKLM\..\Run: [sys10-859468156] C:\WINDOWS\sys10-859468156.exe
O4 - HKLM\..\Run: [msmc] C:\WINDOWS\System32\msdioo.exe

O4 - HKLM\..\Run: [winsync] C:\WINDOWS\System32\dudrug.exe reg_run

O4 - Global Startup: rtrp.exe

Reboot into safe mode and run another Ewido scan.

When you are done see if this file is still present:
C:\WINDOWS\sys10-859468156.exe
If it survived this massacre I'd like to have a look at it.

Boot back to normal and post a new log.

Regards,
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP