Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Keep getting unauthorized shortcuts on my desktop [RESOLVED]

Started by vjgkam , Sep 22 2006 02:25 PM

  • This topic is locked This topic is locked

#1
vjgkam
Posted 22 September 2006 - 02:25 PM

vjgkam

    Member

  • Member
  • PipPip
  • 16 posts
I keep getting "Shortcut Test" and "Test 2" shortcuts on my desktop and startup menu. I have no idea what these are. When they show up, in very short time I'll get a small popup window in the upper left corner of my desktop. The pop up window looks like a portion of a full window and is usually adult in nature and there is no way to click out of it. I have to reboot to get rid of it, but within a few minutes those shortcuts reappear. I switched from IE to Firefox and it helped for a while, but there back now stronger than ever. I delete them and they reappear within minutes now.
My hijackthis log is as follows. Can anyone PLEASE help!!!??? I know...it's a friggin mess....

Logfile of HijackThis v1.99.1
Scan saved at 4:20:44 PM, on 9/22/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\system32\ibmpmsvc.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\System32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\winnt\system32\CTSvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\Program Files\Verizon Online\WinPoET\WrOS.EXE
C:\winnt\system32\MsPMSPSv.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\winnt\system32\tp4mon.exe
C:\winnt\system32\wuauclt.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\winnt\AGRSMMSG.exe
C:\Program Files\Verizon Online\WinPoET\winpppoverethernet.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\OLYMPUS\CAMEDIA Master 4.0\CM_camera.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
C:\Program Files\j2 Messenger 4.0\J2GDllCmd.exe
C:\Program Files\j2 Messenger 4.0\J2GTray.exe
C:\Program Files\Logitech\Harmony Remote\harmonyClient.exe
C:\Program Files\Verizon Online\SupportCenter\bin\mpbtn.exe
C:\WINNT\System32\mshta.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office\EXCEL.EXE
C:\Program Files\WinZip\WINZIP32.EXE
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink...ton/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mcall.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\winnt\system32\Userinit.exe
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MediaCodec.BHO - {525A7CE1-5FD4-4FC7-A333-27D3754DB57C} - C:\WINNT\Downloaded Program Files\MediaCodec.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\winnt\system32\msdxm.ocx
O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Memory Function] C:\winnt\system32\mfc.exe
O4 - HKLM\..\Run: [a-winpoet-service] "C:\Program Files\Verizon Online\WinPoET\winpppoverethernet.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [P2P Networking] C:\winnt\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\Run: [PSU_Playbook] C:\Documents and Settings\snyders.WICK\Local Settings\Temporary Internet Files\Content.IE5\I35UJIJ5\PlaybookNews[1].exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [IM] C:\program files\earthlinkim\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - Startup: FriendFinder Messenger.lnk = C:\Program Files\FriendFinder Messenger\FriendFinder Messenger.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.0\CM_camera.exe
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
O4 - Global Startup: j2 DllCmd 4.0.lnk = C:\Program Files\j2 Messenger 4.0\J2GDllCmd.exe
O4 - Global Startup: j2 Tray Menu 4.0.lnk = C:\Program Files\j2 Messenger 4.0\J2GTray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech Harmony Remote.lnk = C:\Program Files\Logitech\Harmony Remote\harmonyClient.exe
O4 - Global Startup: Verizon Online Dialer.lnk = C:\Program Files\Verizon Online\WinPoET\Verizon Online.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\matcli.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: Button Test - {20340348-8448-47f8-ae16-796747b6605c} - C:\winnt\system32\Microsoft\Extension\20340348-8448-47f8-ae16-796747b6605c.htm
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://software.nocusnetworks.com
O16 - DPF: DigiChat Applet - http://host16.digich...s/Client_IE.cab
O16 - DPF: NetCharts - https://cpgn.infores...ses/install.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....015/CTSUEng.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuke...erInstaller.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.co...?affiliate=wtlv
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.co...ysb_regular.cab
O16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) - http://www.gamehouse.com/ghdlctl.cab
O16 - DPF: {62FB8678-5EAD-4D27-A639-415D9F0B668F} (MediaCodec.Install) - http://software.nocu.../mediacodec.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1123704351652
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.14...tiveXImgCtl.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1144593592992
O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://directv.direc.../dpcsysinfo.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://143.166.224.1...t/TLIEFlash.CAB
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://webcamnow.com...tiveXWebCam.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildt...ion/install.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {BCD5A227-8720-497B-AF5F-4403E94342E3} (CDDM Object) - https://netservices..../DSLControl.cab
O16 - DPF: {C32F59BF-180B-416A-ABF7-161060990A88} - http://download.veri...pdate_1-0-0.cab
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - https://www.stopzill...ller/dwnldr.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15016/CTPID.cab
O23 - Service: Sophos AutoUpdate Service (ActiveLinkClient) - Unknown owner - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\winnt\system32\Ati2evxx.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\winnt\system32\CTSvcCDA.EXE
O23 - Service: Client Access Express Remote Command (Cwbrxd) - IBM Corporation - C:\WINNT\CWBRXD.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\winnt\system32\ibmpmsvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Mouse Button Monitor (mousebm) - Unknown owner - C:\winnt\system32\mousebm.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Program Files\Verizon Online\WinPoET\WrOS.EXE
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing)
  • 0

Advertisements

#2
vjgkam
Posted 22 September 2006 - 07:18 PM

vjgkam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
aaargh, I thought I could find some help here....
  • 0

#3
Flrman1
Posted 22 September 2006 - 07:55 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Hi vjgkam

Welcome to GTG! :whistling:

Please have some patience. This forum is staffed by all volunteers. It is not unusual to have to wait quite some time for help. This is particularly true on the weekends. This is a very busy forum and most of the time there are a lot more people that need help than we have the staff available to get to them all quickly. I will be glad to help you and I will followup as quickly as I can. All as I ask is that you realize that this is not Live support and you may have to wait.

Edited by Flrman1, 22 September 2006 - 07:58 PM.

  • 0

#4
Flrman1
Posted 22 September 2006 - 07:57 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
* Download the trial version of Ewido Security Suite here.
  • Click on the "Download Now" button and save the setup file to your desktop.
  • Doubleclick on the ewido-setup file to begin the installation.
  • When the installation is complete, open ewido and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • When the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
  • If you cannot download the updates, update manuallly according to the directions here.
  • DO NOT run a scan yet. You will do that later in safe mode.
* Click here for info on how to boot to safe mode if you don't already know how.


* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.


* Restart your computer into safe mode now. Perform the following steps in safe mode:


* Run ewido:
  • Launch ewido by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • ewido will now begin the scanning process, be patient it may take a while for the scan to complete.
  • When the scan is complete, you must select an action.
  • Select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen
  • Save the report as a text file and save it to your desktop.
  • Close ewido.
* Restart back into Windows normally now.


* Run ActiveScan online virus scan here

When the scan is finished, click on the "Save Report" button an save the results of the scan to your desktop.

Note: You have to use Internet Explorer to do the online scan.

Post a new HiJackThis log along with the results from ActiveScan and the ewido scan.

* Also open Hijack This and click on the "Open the Misc Tools section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here.
  • 0

#5
vjgkam
Posted 23 September 2006 - 09:54 AM

vjgkam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Flrman1,
Thank you VERY much for the instructions anjd your willingness to help.
I apologize for my lack of patience. It's just driving me nuts!
I downloaded Ewido, chaged the settings per your instructions, and re-booted succefully in safe mode.
I could not launch Ewido in safe mode however...
I would double click and get the hourglass, then the hourglass would dissapear, and nothing would happen.
Any thoughts???
V
  • 0

#6
Flrman1
Posted 23 September 2006 - 06:42 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Try this for now, we'll get back to ewido later.

* Go here and do the BitDefender online virus scan.
  • Click "I Agree" to agree to the EULA.
  • Allow the ActiveX control to install when prompted.
  • Click "Click here to scan" to begin the scan.
  • Please refrain from using the computer until the scan is finished.
  • When the scan is finished, click on "Click here to export the scan results"
  • Save the report to your desktop then come back here and attach it to your next reply along with a new Hijack This log..
Note: You have to use Internet Explorer to do the online scan.

* Also open Hijack This and click on the "Open the Misc Tools section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here.
  • 0

#7
vjgkam
Posted 24 September 2006 - 07:06 AM

vjgkam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Ok,
Thanks for hanging int here with me. Here is the BitDefender report followed by a new HijackThis log:

BitDefender Online Scanner

BitDefender Online Scanner
Scan report generated at: Sat, Sep 23, 2006 - 22:40:27

Scan path: C:\;D:\;

Statistics
Time 01:37:10
Files 306946
Folders 3902
Boot Sectors 2
Archives 12107
Packed Files 20766

Results
Identified Viruses 14
Infected Files 14
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 21

Engines Info
Virus Definitions 455617
Engine build AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins 13
Archive plugins 38
Unpack plugins 6
E-mail plugins 6
System plugins 1

Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes

Scanned File Status
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\bolae9.dll.bac_a02236=>(Quarantine-4) Infected with: Trojan.Downloader.Rameh.B
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\bolae9.dll.bac_a02236=>(Quarantine-4) Deleted
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\cln1ED4.tmp.bac_a02236=>(Quarantine-4) Infected with: Trojan.Downloader.Dyfuca.3
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\cln1ED4.tmp.bac_a02236=>(Quarantine-4) Disinfection failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\cln1ED4.tmp.bac_a02236=>(Quarantine-4) Deleted
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\enhupdt.exe.bac_a02236=>(Quarantine-4) Infected with: Trojan.Downloader.Intexp.C
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\enhupdt.exe.bac_a02236=>(Quarantine-4) Disinfection failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\enhupdt.exe.bac_a02236=>(Quarantine-4) Deleted
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\PerfectNavUninstall.exe.bac_a02236=>(Quarantine-4) Infected with: Trojan.Downloader.Keenval.E
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\PerfectNavUninstall.exe.bac_a02236=>(Quarantine-4) Disinfection failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\PerfectNavUninstall.exe.bac_a02236=>(Quarantine-4) Deleted
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\pmt.exe.bac_a02236=>(Quarantine-4) Infected with: Trojan.Downloader.3945.A
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\pmt.exe.bac_a02236=>(Quarantine-4) Disinfection failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\pmt.exe.bac_a02236=>(Quarantine-4) Deleted
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4)=>twaintec.dll Infected with: Trojan.Bispy.B
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4)=>twaintec.dll Disinfection failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4)=>twaintec.dll Deleted
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4) Update failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4)=>preInsTT.exe Detected with: Adware.Serchentrix.A
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4)=>preInsTT.exe Disinfection failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4)=>preInsTT.exe Deleted
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4) Update failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4)=>polall1m.exe=>(CExe r)=>(MS-Compress 5) Infected with: Trojan.Downloader.Agent.AE
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4)=>polall1m.exe=>(CExe r)=>(MS-Compress 5) Disinfection failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4)=>polall1m.exe=>(CExe r)=>(MS-Compress 5) Deleted
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\temp.fr7511.bac_a02236=>(Quarantine-4)=>polall1m.exe Update failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\w32tx.exe.bac_a02236=>(Quarantine-4) Detected with: Application.NTSniff.110
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\w32tx.exe.bac_a02236=>(Quarantine-4) Disinfection failed
C:\Documents and Settings\snyders.WICK\.housecall\Quarantine\w32tx.exe.bac_a02236=>(Quarantine-4) Deleted
C:\Program Files\Kazaa\My Shared Folder\kmd210_en.exe=>(CAB Sfx o)=>\Disk1\data2.cab=>(IShield Module 2)=>(ZIP Sfx s)=>cd_htm.dll Detected with: Adware.CyDoor
C:\Program Files\Kazaa\My Shared Folder\kmd210_en.exe=>(CAB Sfx o)=>\Disk1\data2.cab=>(IShield Module 2)=>(ZIP Sfx s)=>cd_htm.dll Disinfection failed
C:\Program Files\Kazaa\My Shared Folder\kmd210_en.exe=>(CAB Sfx o)=>\Disk1\data2.cab=>(IShield Module 2)=>(ZIP Sfx s)=>cd_htm.dll Deleted
C:\Program Files\Kazaa\My Shared Folder\kmd210_en.exe=>(CAB Sfx o)=>\Disk1\data2.cab=>(IShield Module 2)=>(ZIP Sfx s) Updated
C:\Program Files\Kazaa\My Shared Folder\kmd210_en.exe=>(CAB Sfx o)=>\Disk1\data2.cab=>(IShield Module 2) Update failed
C:\Program Files\MP3 to WAV Decoder\m3_bbi6009.exe=>(NSIS o)=>zlib_nsis0002 Infected with: Trojan.Bargains.B
C:\Program Files\MP3 to WAV Decoder\m3_bbi6009.exe=>(NSIS o)=>zlib_nsis0002 Disinfection failed
C:\Program Files\MP3 to WAV Decoder\m3_bbi6009.exe=>(NSIS o)=>zlib_nsis0002 Deleted
C:\Program Files\MP3 to WAV Decoder\m3_bbi6009.exe=>(NSIS o) Update failed
C:\WINNT\Downloaded Program Files\ysbactivex.dll Infected with: Generic.Istbar.613D71C1
C:\WINNT\Downloaded Program Files\ysbactivex.dll Disinfection failed
C:\WINNT\Downloaded Program Files\ysbactivex.dll Deleted
C:\WINNT\system32\delttsul.exe Infected with: Dropped:[email protected]
C:\WINNT\system32\delttsul.exe Disinfection failed
C:\WINNT\system32\delttsul.exe Deleted
C:\WINNT\system32\mui\0009\temp\user\db\svchost.exe Infected with: Backdoor.Servu.BX
C:\WINNT\system32\mui\0009\temp\user\db\svchost.exe Disinfection failed
C:\WINNT\system32\mui\0009\temp\user\db\svchost.exe Deleted



Logfile of HijackThis v1.99.1
Scan saved at 8:58:27 AM, on 9/24/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\system32\ibmpmsvc.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\System32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\winnt\system32\CTSvcCDA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\Program Files\Verizon Online\WinPoET\WrOS.EXE
C:\winnt\system32\MsPMSPSv.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\winnt\system32\tp4mon.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\winnt\AGRSMMSG.exe
C:\Program Files\Verizon Online\WinPoET\winpppoverethernet.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\OLYMPUS\CAMEDIA Master 4.0\CM_camera.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
C:\Program Files\j2 Messenger 4.0\J2GDllCmd.exe
C:\Program Files\j2 Messenger 4.0\J2GTray.exe
C:\Program Files\Logitech\Harmony Remote\harmonyClient.exe
C:\Program Files\Verizon Online\SupportCenter\bin\mpbtn.exe
C:\winnt\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\System32\mshta.exe
C:\winnt\notepad.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink...ton/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mcall.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\winnt\system32\Userinit.exe
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MediaCodec.BHO - {525A7CE1-5FD4-4FC7-A333-27D3754DB57C} - C:\WINNT\Downloaded Program Files\MediaCodec.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\winnt\system32\msdxm.ocx
O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Memory Function] C:\winnt\system32\mfc.exe
O4 - HKLM\..\Run: [a-winpoet-service] "C:\Program Files\Verizon Online\WinPoET\winpppoverethernet.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [P2P Networking] C:\winnt\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\Run: [PSU_Playbook] C:\Documents and Settings\snyders.WICK\Local Settings\Temporary Internet Files\Content.IE5\I35UJIJ5\PlaybookNews[1].exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [IM] C:\program files\earthlinkim\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - Startup: FriendFinder Messenger.lnk = C:\Program Files\FriendFinder Messenger\FriendFinder Messenger.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.0\CM_camera.exe
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
O4 - Global Startup: j2 DllCmd 4.0.lnk = C:\Program Files\j2 Messenger 4.0\J2GDllCmd.exe
O4 - Global Startup: j2 Tray Menu 4.0.lnk = C:\Program Files\j2 Messenger 4.0\J2GTray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech Harmony Remote.lnk = C:\Program Files\Logitech\Harmony Remote\harmonyClient.exe
O4 - Global Startup: Verizon Online Dialer.lnk = C:\Program Files\Verizon Online\WinPoET\Verizon Online.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\matcli.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: Button Test - {20340348-8448-47f8-ae16-796747b6605c} - C:\winnt\system32\Microsoft\Extension\20340348-8448-47f8-ae16-796747b6605c.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://software.nocusnetworks.com
O16 - DPF: DigiChat Applet - http://host16.digich...s/Client_IE.cab
O16 - DPF: NetCharts - https://cpgn.infores...ses/install.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....015/CTSUEng.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuke...erInstaller.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.co...?affiliate=wtlv
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.co...ysb_regular.cab
O16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) - http://www.gamehouse.com/ghdlctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {62FB8678-5EAD-4D27-A639-415D9F0B668F} (MediaCodec.Install) - http://software.nocu.../mediacodec.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1123704351652
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.14...tiveXImgCtl.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1144593592992
O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://directv.direc.../dpcsysinfo.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://143.166.224.1...t/TLIEFlash.CAB
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://webcamnow.com...tiveXWebCam.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildt...ion/install.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {BCD5A227-8720-497B-AF5F-4403E94342E3} (CDDM Object) - https://netservices..../DSLControl.cab
O16 - DPF: {C32F59BF-180B-416A-ABF7-161060990A88} - http://download.veri...pdate_1-0-0.cab
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - https://www.stopzill...ller/dwnldr.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15016/CTPID.cab
O23 - Service: Sophos AutoUpdate Service (ActiveLinkClient) - Unknown owner - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\winnt\system32\Ati2evxx.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\winnt\system32\CTSvcCDA.EXE
O23 - Service: Client Access Express Remote Command (Cwbrxd) - IBM Corporation - C:\WINNT\CWBRXD.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\winnt\system32\ibmpmsvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Mouse Button Monitor (mousebm) - Unknown owner - C:\winnt\system32\mousebm.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Program Files\Verizon Online\WinPoET\WrOS.EXE
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing)
  • 0

#8
Flrman1
Posted 24 September 2006 - 11:18 AM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Now try running ewido again in safe mode. If it won't work in safe mode, go ahead and run it in Windows normally. Update it first.

* Update ewido:
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • When the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
  • If you cannot download the updates, update manuallly according to the directions here.
  • DO NOT run a scan yet. You will do that later in safe mode.
* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.


* Restart your computer into safe mode now. Perform the following steps in safe mode. If it fails in safe mode again, run it in Windows normally:


* Run ewido:
  • Launch ewido by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • ewido will now begin the scanning process, be patient it may take a while for the scan to complete.
  • When the scan is complete, you must select an action.
  • Select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen
  • Save the report as a text file and save it to your desktop.
  • Close ewido.
* Restart back into Windows normally now.


* Come back here and post a new HijackThis log, as well as the log from the Ewido scan.
  • 0

#9
vjgkam
Posted 25 September 2006 - 05:39 AM

vjgkam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
OK,
Ewido would not run in safe mode so I ran it in normal mode per your instruction

**on a side note, when I restaarted from safe mode, I got a pop up window that said something like "shutting down ewido.exe" than nother that said "ewido.exe not responding", so it looks as if it tried to run...

Here are the Ewido and HijackThis logs ( I had to edit this and put the reports in two replies. I hope you can view them):

ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:26:52 AM 9/25/2006

+ Scan result:



C:\QUARANTINE\NEWALL4T.exe -> Adware.BetterInternet : Cleaned with backup (quarantined).
C:\Documents and Settings\snyders.WICK\Local Settings\Temp\MiniBug.exe -> Adware.Minibug : Cleaned with backup (quarantined).
:mozilla.100:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.101:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.103:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.182:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.183:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.184:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.185:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.186:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.187:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.188:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.189:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.190:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.191:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.192:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.193:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.194:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.195:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.196:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.197:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.198:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.199:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.200:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.201:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.202:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.246:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.287:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.376:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.636:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.686:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.753:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.793:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.80:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.811:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.81:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.82:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.83:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.844:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.84:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.850:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.85:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.86:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.87:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.880:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.88:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.89:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.90:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.91:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.92:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.93:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.94:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.95:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.96:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.97:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.98:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.99:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.726:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.727:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.728:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.775:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.776:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.777:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.385:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
:mozilla.616:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
C:\Documents and Settings\snyders.WICK\Application Data\Earthlink\6.0\[email protected]\Cookies\snyders@admarketplace[2].txt -> TrackingCookie.Admarketplace : Cleaned with backup (quarantined).
:mozilla.291:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.292:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.293:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.294:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.295:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.296:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.366:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.367:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.368:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.369:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.370:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.371:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup (quarantined).
:mozilla.393:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.394:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.473:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.474:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
:mozilla.147:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.148:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.149:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.150:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.151:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.15:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.16:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.18:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.19:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.6:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.12:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.184:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.237:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
:mozilla.82:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
:mozilla.322:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
:mozilla.323:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
:mozilla.324:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
:mozilla.510:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
:mozilla.511:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
:mozilla.512:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
:mozilla.457:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
:mozilla.561:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
:mozilla.450:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.451:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.452:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.554:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.555:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.556:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
:mozilla.213:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.214:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.215:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.216:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.217:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.323:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.324:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.325:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.326:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
:mozilla.422:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.423:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.89:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.90:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\snyders.WICK\Application Data\Earthlink\6.0\[email protected]\Cookies\snyders@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.245:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined).
:mozilla.617:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined).
:mozilla.118:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.119:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.248:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.249:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.37:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.366:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.437:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.440:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.441:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.442:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.531:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.543:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.544:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.545:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.546:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.847:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.387:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
:mozilla.10:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.11:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.13:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.14:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.152:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.153:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.154:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.162:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.163:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.165:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.166:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.167:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.17:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.8:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.9:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.386:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.472:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.571:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.622:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.631:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.642:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.672:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.681:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.692:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup (quarantined).
:mozilla.173:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.174:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.175:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.176:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.177:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.178:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.179:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.180:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.181:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.270:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.271:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.272:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.273:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.274:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.275:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.276:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.277:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.279:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.311:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.312:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.357:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.501:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.502:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.503:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.579:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.580:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.582:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.588:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.636:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.637:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.639:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.645:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.648:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.672:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.698:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.722:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
:mozilla.704:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.705:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.706:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.753:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.754:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.755:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
:mozilla.790:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
:mozilla.830:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
:mozilla.269:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.270:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.71:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.72:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.10:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.11:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.344:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.286:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.287:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.288:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.289:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.291:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.292:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.293:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.294:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.295:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\snyders.WICK\Application Data\Earthlink\6.0\[email protected]\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.22:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.23:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.32:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.33:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.34:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.381:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.382:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.383:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.384:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.438:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.439:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\Documents and Settings\snyders.WICK\Application Data\Earthlink\6.0\[email protected]\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
:mozilla.654:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.655:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.656:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.657:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.658:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.659:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.704:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.705:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.706:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.707:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.708:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.709:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.342:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.343:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.344:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.347:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.348:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.515:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.516:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.517:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
:mozilla.680:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.681:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.682:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.729:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.730:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.731:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.102:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.53:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.54:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.55:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.56:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tacoda : Cleaned with backup (

Edited by vjgkam, 25 September 2006 - 05:43 AM.

  • 0

#10
vjgkam
Posted 25 September 2006 - 05:44 AM

vjgkam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Reports (Part 2)

:mozilla.57:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.605:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.662:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.76:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.77:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.78:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.79:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\snyders.WICK\Application Data\Earthlink\6.0\[email protected]\Cookies\snyders@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.752:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.792:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.298:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.299:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.300:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.301:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.302:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.303:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.333:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.334:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.335:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.336:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.337:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.338:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.339:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.340:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.120:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.126:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.127:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.128:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.129:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.130:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.131:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.132:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.133:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.134:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.135:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.136:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.137:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.138:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.140:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.141:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.142:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.143:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.250:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.251:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.252:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.253:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.254:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.256:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.257:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.258:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.259:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.260:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.261:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.262:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.263:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.264:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.265:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.266:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.267:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\snyders.WICK\Application Data\Earthlink\6.0\[email protected]\Cookies\snyders@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.168:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.169:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.25:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\Documents and Settings\snyders.WICK\Application Data\Earthlink\6.0\[email protected]\Cookies\[email protected][1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\Documents and Settings\snyders.WICK\Application Data\Earthlink\6.0\[email protected]\Cookies\snyders@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.220:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.482:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.152:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.153:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.154:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.391:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.392:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.278:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.279:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.280:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.281:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.282:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.316:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.317:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.318:C:\Documents and Settings\snyders.WICK\Application Data\Mozilla\Firefox\Profiles\vbcoi0d7.default\cookies.txt.old -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\snyders.WICK\Application Data\Earthlink\6.0\[email protected]\Cookies\snyders@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).


::Report end

Logfile of HijackThis v1.99.1
Scan saved at 7:28:15 AM, on 9/25/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\system32\ibmpmsvc.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\system32\svchost.exe
C:\winnt\System32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\winnt\system32\CTSvcCDA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\winnt\system32\regsvc.exe
C:\winnt\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\winnt\system32\stisvc.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\Program Files\Verizon Online\WinPoET\WrOS.EXE
C:\winnt\system32\MsPMSPSv.exe
C:\winnt\system32\svchost.exe
C:\winnt\system32\Ati2evxx.exe
C:\winnt\Explorer.EXE
C:\winnt\system32\tp4mon.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\winnt\AGRSMMSG.exe
C:\Program Files\Verizon Online\WinPoET\winpppoverethernet.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\OLYMPUS\CAMEDIA Master 4.0\CM_camera.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
C:\Program Files\j2 Messenger 4.0\J2GDllCmd.exe
C:\Program Files\j2 Messenger 4.0\J2GTray.exe
C:\Program Files\Logitech\Harmony Remote\harmonyClient.exe
C:\Program Files\Verizon Online\SupportCenter\bin\mpbtn.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\winnt\system32\wuauclt.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink...ton/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mcall.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\winnt\system32\Userinit.exe
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MediaCodec.BHO - {525A7CE1-5FD4-4FC7-A333-27D3754DB57C} - C:\WINNT\Downloaded Program Files\MediaCodec.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\winnt\system32\msdxm.ocx
O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Memory Function] C:\winnt\system32\mfc.exe
O4 - HKLM\..\Run: [a-winpoet-service] "C:\Program Files\Verizon Online\WinPoET\winpppoverethernet.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [P2P Networking] C:\winnt\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\Run: [PSU_Playbook] C:\Documents and Settings\snyders.WICK\Local Settings\Temporary Internet Files\Content.IE5\I35UJIJ5\PlaybookNews[1].exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [IM] C:\program files\earthlinkim\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - Startup: FriendFinder Messenger.lnk = C:\Program Files\FriendFinder Messenger\FriendFinder Messenger.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.0\CM_camera.exe
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
O4 - Global Startup: j2 DllCmd 4.0.lnk = C:\Program Files\j2 Messenger 4.0\J2GDllCmd.exe
O4 - Global Startup: j2 Tray Menu 4.0.lnk = C:\Program Files\j2 Messenger 4.0\J2GTray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech Harmony Remote.lnk = C:\Program Files\Logitech\Harmony Remote\harmonyClient.exe
O4 - Global Startup: Verizon Online Dialer.lnk = C:\Program Files\Verizon Online\WinPoET\Verizon Online.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\matcli.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: Button Test - {20340348-8448-47f8-ae16-796747b6605c} - C:\winnt\system32\Microsoft\Extension\20340348-8448-47f8-ae16-796747b6605c.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://software.nocusnetworks.com
O16 - DPF: DigiChat Applet - http://host16.digich...s/Client_IE.cab
O16 - DPF: NetCharts - https://cpgn.infores...ses/install.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....015/CTSUEng.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuke...erInstaller.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.co...?affiliate=wtlv
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.co...ysb_regular.cab
O16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) - http://www.gamehouse.com/ghdlctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {62FB8678-5EAD-4D27-A639-415D9F0B668F} (MediaCodec.Install) - http://software.nocu.../mediacodec.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1123704351652
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.14...tiveXImgCtl.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1144593592992
O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://directv.direc.../dpcsysinfo.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://143.166.224.1...t/TLIEFlash.CAB
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://webcamnow.com...tiveXWebCam.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildt...ion/install.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {BCD5A227-8720-497B-AF5F-4403E94342E3} (CDDM Object) - https://netservices..../DSLControl.cab
O16 - DPF: {C32F59BF-180B-416A-ABF7-161060990A88} - http://download.veri...pdate_1-0-0.cab
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - https://www.stopzill...ller/dwnldr.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15016/CTPID.cab
O23 - Service: Sophos AutoUpdate Service (ActiveLinkClient) - Unknown owner - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\winnt\system32\Ati2evxx.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\winnt\system32\CTSvcCDA.EXE
O23 - Service: Client Access Express Remote Command (Cwbrxd) - IBM Corporation - C:\WINNT\CWBRXD.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\winnt\system32\ibmpmsvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Mouse Button Monitor (mousebm) - Unknown owner - C:\winnt\system32\mousebm.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Program Files\Verizon Online\WinPoET\WrOS.EXE
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing)
  • 0

Advertisements

#11
Flrman1
Posted 25 September 2006 - 03:53 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Please open Hijack This and click on the "Open the Misc Tools section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here.
  • 0

#12
vjgkam
Posted 26 September 2006 - 05:32 AM

vjgkam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Thank You.
Here is the list you requested:

Ad-Aware SE Personal
Adobe Acrobat 5.0
Agere Systems AC'97 Modem
Ahead InCD EasyWrite Reader
ATI Control Panel
ATI Display Driver
BlitzIn 2.5
CleanUp!
Creative Jukebox Driver
Creative MediaSource
Creative NOMAD Jukebox Zen Xtra
ewido anti-spyware 4.0
Garmin WebUpdater
HijackThis 1.99.1
Hotfix for MDAC 2.53 (KB911562)
IBM AS/400 Client Access Express for Windows
IBM RecordNow
IBM RecordNow Update Manager
IBM ThinkPad Power Management Driver
Intel® PRO Network Adapters and Drivers
j2 Messenger 4.0
J2SE Runtime Environment 5.0 Update 5
J2SE Runtime Environment 5.0 Update 6
LimeWire 4.10.0
Logitech Desktop Messenger
Logitech Harmony Remote Client
Lyra Personal Audio Player (RD1021/1071/1075)
Macromedia Flash Player 8
Macromedia Shockwave Player
McAfee VirusScan Enterprise
MediaFACE 4.0
MediaFACE 4.0 Image Library
Microsoft Firewall Client
Microsoft Office 2000 Standard
Microsoft VGX Q833989
Mozilla Firefox (1.5.0.7)
MP3 to WAV Decoder
Musicmatch® Jukebox
OLYMPUS CAMEDIA Master 4.3
QuickTime
RealPlayer
Security Update for Windows 2000 (KB904706)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
ShowCase STRATEGY 4.0
Sophos AutoUpdate
SoundMAX
Spybot - Search & Destroy 1.4
Update Rollup 1 for Windows 2000 SP4
UVU Media Player
Verizon Online
Verizon Online DSL
Verizon Online Support Center
Windows 2000 Hotfix - KB834707
Windows 2000 Hotfix - KB842773
Windows 2000 Hotfix - KB883939
Windows 2000 Hotfix - KB887797
Windows 2000 Hotfix - KB890046
Windows 2000 Hotfix - KB890923
Windows 2000 Hotfix - KB893756
Windows 2000 Hotfix - KB894320
Windows 2000 Hotfix - KB896358
Windows 2000 Hotfix - KB896422
Windows 2000 Hotfix - KB896423
Windows 2000 Hotfix - KB896424
Windows 2000 Hotfix - KB896727
Windows 2000 Hotfix - KB897715
Windows 2000 Hotfix - KB899587
Windows 2000 Hotfix - KB899588
Windows 2000 Hotfix - KB899589
Windows 2000 Hotfix - KB900725
Windows 2000 Hotfix - KB901017
Windows 2000 Hotfix - KB901214
Windows 2000 Hotfix - KB902400
Windows 2000 Hotfix - KB904368
Windows 2000 Hotfix - KB905414
Windows 2000 Hotfix - KB905495
Windows 2000 Hotfix - KB905749
Windows 2000 Hotfix - KB905915
Windows 2000 Hotfix - KB908519
Windows 2000 Hotfix - KB908523
Windows 2000 Hotfix - KB908531
Windows 2000 Hotfix - KB911280
Windows 2000 Hotfix - KB911567
Windows 2000 Hotfix - KB912812
Windows 2000 Hotfix - KB912919
Windows 2000 Hotfix - KB913580
Windows 2000 Hotfix - KB914389
Windows 2000 Hotfix - KB916281
Windows 2000 Hotfix - KB917736
Windows 2000 Hotfix - KB917953
Windows 2000 Hotfix (SP5) Q818043
Windows 2000 Service Pack 4
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows Media Player Hotfix [See Q828026 for more information]
Windows Media Player system update (9 Series)
WinVNC 3.3.3
WinZip
Wireless Network PC Card Configuration Utility
Zetafax Workstation
  • 0

#13
Flrman1
Posted 26 September 2006 - 07:04 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Click on My Computer. Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and "Hide extensions for known file types" . Now click "Apply to all folders"
Click "Apply" then "OK"

Go to the forum here and upload the C:\Windows\System32\mfc.exe file.

Here are the directions for uploading the file:

Just click "New Topic", fill in the needed details and post a link to your thread here. Click the "Browse" button. Navigate to the file on your computer. When the file is listed in the window click "Post" to upload the file.

Don't forget to post a link to your thread here.
  • 0

#14
Flrman1
Posted 26 September 2006 - 07:22 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
* Go to Add/Remove programs and uninstall these old versions of Java:

J2SE Runtime Environment 5.0 Update 5
J2SE Runtime Environment 5.0 Update 6

* Now go here and install the latest version of Java.


* Click here to download smitRem.exe.
  • Save the file to your desktop.
  • It is a self extracting file.
  • Doubleclick the smitRem.exe and it will extract the files to a smitRem folder on your desktop.
  • Do not do anything with it yet. You will run the RunThis.bat file later in safe mode.
  • If the link to SmitRem above is not working try this one.

* Click here to download ATF Cleaner by Atribune and save it to your desktop.


* Click Here and download Killbox and save it to your desktop.


* Click here for info on how to boot to safe mode if you don't already know how.


* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to.


* Click Start > Run > and type in:

services.msc

Click OK.

In the services window find Mouse Button Monitor .
Rightclick and choose "Properties". On the "General" tab under "Service Status" click the "Stop" button to stop the service. Beside "Startup Type" in the dropdown menu select "Disabled". Click Apply then OK. Exit the Services utility.

Note: You may get an error here when trying to access the properties of the service. If you do get an error, just select the service and look there in the top left of the main service window and click "Stop" to stop the service. If that gives an error or it is already stopped, just skip this step and proceed with the rest.


* Run Hijack This again and put a check by these. Close ALL windows except HijackThis and click "Fix checked"

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - SOFTWARE - (no file)

O2 - BHO: MediaCodec.BHO - {525A7CE1-5FD4-4FC7-A333-27D3754DB57C} - C:\WINNT\Downloaded Program Files\MediaCodec.ocx

O4 - HKLM\..\Run: [P2P Networking] C:\winnt\system32\P2P Networking\P2P Networking.exe /AUTOSTART

O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart

O4 - HKLM\..\Run: [PSU_Playbook] C:\Documents and Settings\snyders.WICK\Local Settings\Temporary Internet Files\Content.IE5\I35UJIJ5\PlaybookNews[1].exe

O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup

O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup

O15 - Trusted Zone: http://software.nocusnetworks.com

O16 - DPF: NetCharts - https://cpgn.infores...ses/install.cab

O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuke...erInstaller.exe

O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.co...ysb_regular.cab

O16 - DPF: {62FB8678-5EAD-4D27-A639-415D9F0B668F} (MediaCodec.Install) - http://software.nocu.../mediacodec.cab


* Next in Hijack This click on the "Config" button in the lower right corner. In the next window click on the "Misc Tools" button at the top then click the "Delete an NT service" button. Copy and paste the following line in that box:

mousebm

Click OK.


* Restart your computer into safe mode now. Perform the following steps in safe mode:


* Double-click on Killbox.exe to run it.
  • Put a tick by Standard File Kill.
  • In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time:

    C:\WINNT\Downloaded Program Files\MediaCodec.ocx

    C:\winnt\system32\P2P Networking

    C:\Program Files\Error Nuker

  • Click on the button that has the red circle with the X in the middle after you enter each file.
  • It will ask for confimation to delete the file.
  • Click Yes.
  • Continue with that procedure until you have pasted all of these in the "Paste Full Path of File to Delete" box.
  • Killbox may tell you that one or more files do not exist.
  • If that happens, just continue on with all the files. Be sure you don't miss any.
  • Exit the Killbox.
* Run ATF Cleaner:
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.
  • If you use Firefox:
  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera:
  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.
[*]Click Exit on the Main menu to close the program.
[/list]
* Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.


* Restart back into Windows normally now.


* Run ActiveScan online virus scan here

When the scan is finished, click on the "Save Report" button an save the results of the scan to your desktop.

Note: You have to use Internet Explorer to do the online scan.

Post a new HiJackThis log along with the results from ActiveScan
  • 0

#15
vjgkam
Posted 29 September 2006 - 01:49 PM

vjgkam

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
When I go to click off "Hide protected operating system files", I get a warning that Windows 2000 may become inoperable. Is it safe to take this step?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP