Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Spyware Causing Pop-Ups [CLOSED]

Started by keeperofthekeys , Feb 20 2006 06:31 PM

  • This topic is locked This topic is locked

#1
keeperofthekeys
Posted 20 February 2006 - 06:31 PM

keeperofthekeys

    New Member

  • Member
  • Pip
  • 5 posts
Symantec has labeled two specifically: AdWare.SurfSideKick and AdWare.Look2Me Niether Symantec nor Spy-Bot, nor Ad-Aware nor Ewido has been sucessful in removing the .dll files associated with both of these. I tried to remove both in safe mode, but was unsucessful. Here are the ewido and HiJackThis reports:

Ewido:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 6:36:57 PM, 2/19/2006
+ Report-Checksum: 44D954A6

+ Scan result:

HKU\S-1-5-21-2399976121-334826968-3459486370-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{39C78B50-7E98-4AA0-B007-D83114EA6E0F} -> Adware.Generic : Cleaned with backup
[740] C:\WINDOWS\system32\dOnim.dll -> Adware.Look2Me : Error during cleaning
[904] C:\WINDOWS\system32\dOnim.dll -> Adware.Look2Me : Error during cleaning
C:\cygwid.exe -> Downloader.Small.bmx : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\ccd6h1pf.Kayla\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\Cache\D536F7E6d01 -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Kmpads : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Kmpads : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Kmpads : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.291:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.301:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.302:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.306:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.307:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.316:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.317:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.319:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.320:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.331:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.332:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.333:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.334:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.335:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.342:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.343:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.344:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.345:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.346:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.347:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.348:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.350:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.351:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.352:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.353:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.354:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.356:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.357:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hypertracker : Cleaned with backup
:mozilla.358:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.359:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.360:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.361:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.367:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.368:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.369:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.370:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.371:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.372:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.373:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.389:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.392:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.402:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.403:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.404:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.405:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.406:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.430:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.431:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.443:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.444:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.445:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.446:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.448:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.450:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.455:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.456:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.457:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.470:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.471:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.472:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.474:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.475:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.483:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.484:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.485:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Epilot : Cleaned with backup
:mozilla.495:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.514:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.546:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.550:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned with backup
:mozilla.551:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.552:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.553:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.554:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.555:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.556:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.563:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.588:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.607:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.610:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.611:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.620:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.621:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.629:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.647:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.708:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.711:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.714:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.728:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.729:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.730:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.731:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.732:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.733:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.734:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.750:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.751:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.752:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.753:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.754:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.761:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.763:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.764:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.765:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.766:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.767:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.768:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.769:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.770:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.771:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.772:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.773:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.774:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.775:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.776:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.777:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.778:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.779:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.780:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.781:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.782:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.783:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.784:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.785:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.786:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.787:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.788:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.789:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.797:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.798:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.802:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.807:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.808:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.809:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.818:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.828:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.829:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.830:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.831:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.832:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.833:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.834:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.855:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.913:C:\Documents and Settings\Kayla&#
  • 0

Advertisements

#2
greyknight17
Posted 20 February 2006 - 10:31 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Welcome to GTG.

Where is the HijackThis log?
  • 0

#3
keeperofthekeys
Posted 21 February 2006 - 01:29 AM

keeperofthekeys

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
What the...? The board ate at least half my message.

Okay, so, here's the end portion of the ewido report:

:mozilla.913:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.914:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.916:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Commission-junction : Cleaned with backup
:mozilla.917:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Commission-junction : Cleaned with backup
:mozilla.926:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.962:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.964:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.973:C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\xfxkqr0h.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@-1shz2prbmdj6wvny-1sez2pra2dj6wjk4coczokqq-1dj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@a-1shz2prbmdj6wvny-1sez2pra2dj6wjkyqiazsgqq-1dj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@a-1shz2prbmdj6wvny-1sez2pra2dj6wjl4gncjcbpq-1dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][1].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][1].txt -> TrackingCookie.Tracking101 : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@webstat[1].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@www.[bleep]you.com.22545.fb.dbbsrv[1].txt -> TrackingCookie.Dbbsrv : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][2].txt -> TrackingCookie.Popuptraffic : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\[email protected][2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkigpc5kepgydj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkiojdpaaoaidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wfkyqldjsbpa6dj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjk4qpd5odoqwdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkockajakowsdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkoooczkkpwwdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkyepcpmfqqqdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjkykkajcaqaudj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlicpdpkfogidj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjliupazecpgidj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlocmajkkpqwdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjloejdzogoaidj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyomcpglpqmdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyslajecqaudj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjlyuoczgaqaidj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmigjczegqawdj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmiomcpcdpwqdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmiunazacowmdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjmyolajmdpa2dj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyemc5ilogydj6x9ny-1seq-2-2.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnysmd5ckpwmdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyumazadqawdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@y-1shz2prbmdj6wvny-1sez2pra2dj6wjnyuodpmdqasdj6x9ny-1seq-2-2.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Kayla\Cookies\kayla@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup
C:\Documents and Settings\Kayla\Local Settings\Temp\B2C4A.tmp/titno.exe -> Adware.MDH : Cleaned with backup
C:\Documents and Settings\Kayla\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Kayla\Local Settings\Temporary Internet Files\Content.IE5\SZE7IH2L\AppWrap[1].exe -> Adware.AdURL : Cleaned with backup
C:\release.exe -> Dropper.Agent.hl : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP490\A0029927.exe -> Adware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP490\A0030948.exe -> Adware.Suggestor : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP490\A0030984.exe -> Adware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP490\A0030986.exe -> Adware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP491\A0031132.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP492\A0031241.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP492\A0031248.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP492\A0031253.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP492\A0031263.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP492\A0031267.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP492\A0031277.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP492\A0031317.dll -> Adware.Look2Me : Cleaned with backup
C:\visfx500.exe -> Dropper.Agent.aie : Cleaned with backup
C:\windows\icont.exe -> Adware.AdURL : Cleaned with backup
C:\windows\iLookup -> Adware.eZula : Cleaned with backup
C:\windows\surv3.exe -> Downloader.VB.vv : Cleaned with backup
C:\windows\system32\pre2.exe -> Dropper.Agent.hl : Cleaned with backup
C:\windows\system32\repairs302972994.dll -> Adware.SurfSide : Cleaned with backup
C:\windows\system32\titno.exe -> Adware.MDH : Cleaned with backup
C:\windows\system32\WCDMLOG.dll -> Adware.Look2Me : Cleaned with backup
C:\windows\system32\wgse.exe -> Trojan.Runner.h : Cleaned with backup
C:\windows\Temp\bw2.com -> Adware.AdURL : Cleaned with backup
C:\windows\winsysban9.exe -> Hijacker.VB.ld : Cleaned with backup
C:\windows\winsysupd9.exe -> Downloader.VB.wy : Cleaned with backup


::Report End

And now HiJackThis:

Logfile of HijackThis v1.99.1
Scan saved at 10:26:09 AM, on 2/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\basfipm.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Kayla\Desktop\Kayla's Stuff\Downloads\HijackThis.exe
C:\WINDOWS\system32\wscntfy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pjj.cc/cst
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [bascstray] BascsTray.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - AppInit_DLLs: repairs302972994.dll
O20 - Winlogon Notify: Internet Settings - C:\WINDOWS\system32\o4pq0e75eh.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

Okay, let's see if that works...thank you!
  • 0

#4
greyknight17
Posted 21 February 2006 - 04:31 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Run a scan in HijackThis. Check each of the following if they still exist and hit 'Fix Checked' after you check the last one:

O20 - AppInit_DLLs: repairs302972994.dll
O20 - Winlogon Notify: Internet Settings - C:\WINDOWS\system32\o4pq0e75eh.dll

Restart...

Download L2MFix from one of these two locations:

http://www.atribune....oads/l2mfix.exe
http://www.downloads....org/l2mfix.exe

Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts. Then open the newly added l2mfix folder on your desktop.

Close any programs you have open since this step requires a reboot.

From the l2mfix folder on your desktop, double click l2mfix.bat and select option #2 for Run Fix by typing 2 and then pressing Enter, then press any key to reboot your computer. After a reboot, your desktop and icons will appear, then disappear (this is normal). L2MFix will continue to scan your computer and when it's finished, notepad will open with a log. Copy the contents of that log and paste it back into this thread, along with a new HijackThis log.

IMPORTANT: Do NOT run any other files in the l2mfix folder unless you are asked to do so!
  • 0

#5
keeperofthekeys
Posted 23 February 2006 - 12:10 AM

keeperofthekeys

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Okay, so, I ran into several problems while doing this.

Here's the new HiJackThis Log:

Logfile of HijackThis v1.99.1
Scan saved at 12:00:31 AM, on 2/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\basfipm.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\Program Files\Symantec AntiVirus\DoScan.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Kayla\Desktop\Kayla's Stuff\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pjj.cc/cst
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [bascstray] BascsTray.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - AppInit_DLLs: repairs302972994.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: SideBySide - C:\WINDOWS\system32\e8200ifme82a0.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

When I attempted to remove the repairs302972994.dll file, I got an "Unknown Error" from HiJackThis.
I assume that the Winlogon Notify .dll file with the weird series of numbers is actually the second problem I'm having, and the file name just keeps changing, but I didn't want to try and fix it without confirmation from you.

That said, the L2mfix (log below) didn't go over well either. My computer displayed the error it always displays when it's trying to run some DOS file it doesn't like:

"C:\windows\system32\cmd.exe
C:\Windows\SYSTEM32\Autoexe.NT
The system file is not suitable for running MS-DOS and microsfot windows applications. Choose "close" to terminate the application."

Then L2mfix it asked me for a password, which I did not have. It then told me to run HiJackTHis to fix the O20 problem, and while it still did reboot my computer, the icons on my desktop certainly did not dissapear.

L2mfix 010406
Creating Account.
The command completed successfully.

Adding Administrative privleges.
The command completed successfully.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
zip warning: name not matched: dlls\*.*

zip error: Nothing to do! (backup.zip)
updating: backregs/notibac.reg (184 bytes security) (deflated 87%)

I found this website by doing a google search for the repairs#.dll file. Are there usually this many problems trying to remove it?
  • 0

#6
greyknight17
Posted 23 February 2006 - 07:21 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
No problem...

Run L2MFix again. Choose the option that mentions the autoexec.nt file. That should get rid of that error. Then run l2mfix #2 and restart...Post the log here along with another new HijackThis log.
  • 0

#7
keeperofthekeys
Posted 23 February 2006 - 11:35 PM

keeperofthekeys

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Duh, I should have seen that.

I believe L2MFix fixed half our problem. Look2Me seems on the caput side of things. Here's the new HiJackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 11:20:28 PM, on 2/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\System32\basfipm.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Kayla\Desktop\Kayla's Stuff\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pjj.cc/cst
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [bascstray] BascsTray.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - AppInit_DLLs: repairs302972994.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\lvns0957e.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


And the Lim2Fix log:

L2mfix 010406
Creating Account.
The command completed successfully.

Adding Administrative privleges.
The command completed successfully.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful

Running From:
C:\WINDOWS\system32

Killing Processes!

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 600 'smss.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 700 'winlogon.exe'
Killing PID 700 'winlogon.exe'
Killing PID 700 'winlogon.exe'
Killing PID 700 'winlogon.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 2788 'explorer.exe'
Killing PID 2788 'explorer.exe'
Killing PID 2788 'explorer.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 2472 'rundll32.exe'
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrators ... successful

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!
1 file(s) copied.
1 file(s) copied.
1 file(s) copied.
Deleting: C:\WINDOWS\system32\fpp8037ue.dll
Successfully Deleted: C:\WINDOWS\system32\fpp8037ue.dll
Deleting: C:\WINDOWS\system32\lvns0957e.dll
Successfully Deleted: C:\WINDOWS\system32\lvns0957e.dll
Deleting: C:\WINDOWS\system32\mcxml3.dll
Successfully Deleted: C:\WINDOWS\system32\mcxml3.dll

msg11?.dll
0 file(s) copied.



Restoring Windows Update Certificates.:

The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
"Logoff"="NavLogoffEvent"
"DllName"="C:\\WINDOWS\\system32\\NavLogon.dll"
"StartShell"="NavStartShellEvent"
"LoginDomain"="EQUINOX"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Shell Extensions]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\lvns0957e.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001


The following are the files found:
****************************************************************************
C:\WINDOWS\system32\fpp8037ue.dll
C:\WINDOWS\system32\lvns0957e.dll
C:\WINDOWS\system32\mcxml3.dll

Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{63BD4E2A-E35F-4602-A315-18E2A809365A}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{63BD4E2A-E35F-4602-A315-18E2A809365A}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{63BD4E2A-E35F-4602-A315-18E2A809365A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{63BD4E2A-E35F-4602-A315-18E2A809365A}\InprocServer32]
@="C:\\WINDOWS\\system32\\mcxml3.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{1944FB39-D042-4D75-8FD4-2895A444B448}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1944FB39-D042-4D75-8FD4-2895A444B448}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1944FB39-D042-4D75-8FD4-2895A444B448}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1944FB39-D042-4D75-8FD4-2895A444B448}\InprocServer32]
@="C:\\WINDOWS\\system32\\ajsldp.dll"
"ThreadingModel"="Apartment"

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{63BD4E2A-E35F-4602-A315-18E2A809365A}"=-
"{1944FB39-D042-4D75-8FD4-2895A444B448}"=-
[-HKEY_CLASSES_ROOT\CLSID\{63BD4E2A-E35F-4602-A315-18E2A809365A}]
[-HKEY_CLASSES_ROOT\CLSID\{1944FB39-D042-4D75-8FD4-2895A444B448}]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************

****************************************************************************
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
adding: dlls/fpp8037ue.dll (184 bytes security) (deflated 5%)
adding: dlls/lvns0957e.dll (184 bytes security) (deflated 4%)
adding: dlls/mcxml3.dll (184 bytes security) (deflated 4%)
adding: backregs/1944FB39-D042-4D75-8FD4-2895A444B448.reg (188 bytes security) (deflated 70%)
adding: backregs/63BD4E2A-E35F-4602-A315-18E2A809365A.reg (188 bytes security) (deflated 70%)
adding: backregs/notibac.reg (184 bytes security) (deflated 87%)
adding: backregs/shell.reg (184 bytes security) (deflated 73%)



HiJackThis still won't remove the repairs.dll file. I've been searching the internets for solutions, and there aren't many. A few suggested to run this file from the start menu:

"C:\Program Files\SurfSideKick 3\Ssk.exe" /u

But the file could be found, which didn't surprise me...I believe my anti-virus (Symantec) managed to get rid of that file early on.

In good news, however, I have yet to recieve any pop-ups since the reboot...
  • 0

#8
greyknight17
Posted 24 February 2006 - 01:10 AM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Go to Start->Run and type in regedit and hit OK. Go to File->Export and save the registry somewhere as a backup. Close the Registry Editor now. Go to Start->Run and type in notepad and hit OK. Then copy and paste the following into Notepad:

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=-

Save the file as "delete.reg". Make sure to save it with the quotes. Close Notepad. Double click on the delete.reg file and choose Yes to merge/add it to the registry. You may delete the file afterwards.

Run a scan in HijackThis. Check each of the following if they still exist and hit 'Fix Checked' after you check the last one:

O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\lvns0957e.dll (file missing)

Locate the following Files/Folders and delete them if they exist (if no location given, just do a search for them):

repairs302972994.dll

If it's giving you problems deleting, use KillBox to delete it:

Download KillBox http://www.greyknigh...spy/KillBox.exe. Run KillBox and check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'. Right click and copy the below lines. Go back to KillBox. Go to File->Paste from Clipboard and then hit the button with a red circle and white X. Confirm to delete and when asked if you want to reboot, say Yes:

c:\windows\system32\repairs302972994.dll

If you get a PendingOperations message, just close it and restart your computer manually.

Restart and see if that O20 entry returns anymore...it shouldn't.

If all is well, then:

Your log is clean.

To help prevent future spyware installations/infections, please read the Anti-Spyware Tutorial and use the tools provided.

Are there any problems now? If not, you should be set to go.
  • 0

#9
keeperofthekeys
Posted 26 February 2006 - 09:31 AM

keeperofthekeys

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Sorry for the lack of reply--midterms have been keeping me busy.

Last night I booted up IE, because sometimes I have problems viewing Comedy Central's videos in Mozilla, and the surfsidekick spyware was able to reinstall the .exe file. This ment that I was able to run the uninstaller. I ran HiJackThis and it looks like the file cleaned itself out:

Logfile of HijackThis v1.99.1
Scan saved at 9:28:27 AM, on 2/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\basfipm.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Kayla\Desktop\Kayla's Stuff\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pjj.cc/cst
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [bascstray] BascsTray.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

Do I still need to run the regedit, or am I good to go now?
  • 0

#10
greyknight17
Posted 26 February 2006 - 05:00 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Yes, run through the steps because I saw some entries there before that needs to be removed. Once that's done you should be clear to go :tazz:
  • 0

#11
greyknight17
Posted 13 April 2006 - 08:34 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP