So, i re-scanned everything useing XoftSpy, Ad-Aware, and Trend Micro. The YourSiteBar thing still kept popping up on on XoftSpy. So.. i downloaded and registered Spyware Doctor and ran a scan with that. Funny how with every different program they manage to find something all the others did not. Here is the log.
Scan Results:
scan start: 11/28/2005 7:47:40 PM
scan stop: 11/28/2005 7:53:20 PM
scanned items: 62670
found items: 46
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Browser Defaults, Favorites and ZoneMap Scanner, ActiveX Scanner, Browser Activity Scanner, Disk Scanner
Infection Name Location Risk
ISTbar HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc High
ISTbar HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc## High
ISTbar HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc##SlowInfoCache High
ISTbar HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc##Changed High
YourSiteBar HKLM\SOFTWARE\YourSiteBar High
YourSiteBar HKLM\SOFTWARE\YourSiteBar## High
YourSiteBar HKLM\SOFTWARE\YourSiteBar##installTitle High
YourSiteBar HKLM\SOFTWARE\YourSiteBar\Historyfiles High
YourSiteBar HKLM\SOFTWARE\YourSiteBar\Historysearch2 High
Common Components Unrelated HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping##{10E42047-DEB9-4535-A118-B3F6EC39B807} Medium
Common Components Unrelated HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10E42047-DEB9-4535-A118-B3F6EC39B807} Medium
Common Components Unrelated HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10E42047-DEB9-4535-A118-B3F6EC39B807}\iexplore Medium
SideFind HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3FDD654-A057-4971-9844-4ED8E67DBBB8} Elevated
SideFind HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3FDD654-A057-4971-9844-4ED8E67DBBB8}\iexplore Elevated
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@hits.clickandtrack[1].txt Medium
WinFixer 2005 C:\Documents and Settings\Jon`\Cookies\jon`@winfixer[2].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@rn11[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@adknowledge[2].txt Medium
Advertising C:\Documents and Settings\Jon`\Cookies\jon`@adopt.hbmediapro[2].txt Low
Advertising C:\Documents and Settings\Jon`\Cookies\jon`@doubleclick[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@adrevolver[3].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@12373[1].txt Medium
eXact Advertising C:\Documents and Settings\Jon`\Cookies\jon`@trafficmp[1].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@exitexchange[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@adecn[2].txt Medium
Common Components for Claria C:\Documents and Settings\Jon`\Cookies\jon`@belnk[1].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@12357[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@dcs2onuxx00000c9v7mgt27p7_7c4o[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@dcszp7e1v10000omp5r9bmtnv_1o4g[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@atwola[1].txt Medium
Rogue Anti-Spyware Products C:\Documents and Settings\Jon`\Cookies\jon`@trk.pcsecurityshield[2].txt High
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@banner[1].txt Medium
Rogue Anti-Spyware Products C:\Documents and Settings\Jon`\Cookies\jon`@www.pcsecurityshield[2].txt High
Advertising C:\Documents and Settings\Jon`\Cookies\jon`@42435556[1].txt Low
WinFixer 2005 C:\Documents and Settings\Jon`\Cookies\jon`@www.winfixer[1].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@adrevolver[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@ads.cc214142[1].txt Medium
2nd-thought.com C:\Documents and Settings\Jon`\Cookies\jon`@as-us.falkag[1].txt Medium
Common Components for Claria C:\Documents and Settings\Jon`\Cookies\jon`@dist.belnk[2].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@microsofteup.112.2o7[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@metareward[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@zedo[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@c.enhance[1].txt Medium
Starware C:\Documents and Settings\Jon`\Cookies\jon`@starware[2].txt Low
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@stats1.reliablestats[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\Jon`\Cookies\jon`@msnportal.112.2o7[1].txt Medium
I erased all that, restarted and ran another scan with it and it was clean. Then boom another random popup out of nowhere... and my ctrl+alt+del is still broken. =(
EDIT: The "YourSiteBar" does not show up anymore when i scan with XoftSpy. Also, scanning with all the programs mentioned above all show up clean.
Edited by SSmoked, 28 November 2005 - 07:22 PM.