I forgot to add that I used cwshredded and ewido. CWSShredder now gives me an error whenever I start up:
CWShredder.exe - Application Error
The instruction at "0x0012e3f1" referenced memory at "0x00000001". The memory could not be "written"
Click on OK to terminate the program
Click on CANCEL to debug the program
I uninstalled ewido but I got it's scan report before doing so:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 12:01:09 PM, 9/10/2005
+ Report-Checksum: 75C9E685
+ Scan result:
:mozilla.9:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.26:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.27:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.29:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.30:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.31:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.32:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.36:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.37:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.54:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.56:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.59:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.60:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.61:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.62:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.63:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.64:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.65:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.66:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.67:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.82:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.89:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.90:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.91:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.92:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.94:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.95:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.116:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.118:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.119:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.120:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.121:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.122:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.166:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.167:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.169:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.170:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.171:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.172:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.173:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.174:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.175:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.176:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.177:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.178:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.185:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.194:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Custom-click : Cleaned with backup
:mozilla.195:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Custom-click : Cleaned with backup
:mozilla.221:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.222:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.223:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.224:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.226:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Estat : Cleaned with backup
:mozilla.342:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.343:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
:mozilla.421:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.422:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.440:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.448:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Pro-market : Cleaned with backup
:mozilla.449:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Pro-market : Cleaned with backup
:mozilla.450:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.451:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.452:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.471:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.478:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.479:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.480:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.481:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.487:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.488:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.489:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.490:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.491:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.492:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.493:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.494:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.495:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.496:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.497:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.498:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.499:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.500:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.501:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.521:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.522:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.523:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.524:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.525:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.526:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.527:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.528:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.585:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.586:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.587:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.588:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.589:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.590:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.602:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.603:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.604:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.605:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.606:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.607:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.608:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.623:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.630:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Dbbsrv : Cleaned with backup
:mozilla.698:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.699:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.700:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.707:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.708:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.709:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.752:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.753:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.783:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6jmxqbn8.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
C:\WINDOWS\system32\gebxv.dll -> Spyware.Virtumonde : Cleaned with backup
::Report End
I also ran KillVundo.bat and did the proceedure, but HijackThis opened from the quickstart (I selected "Do a system scan and save a logfile").
The
O2 - BHO: MSEvents Object and
O20 - Winlogon Notify: gebxv - C:\WINDOWS\system32\gebxv.dll don't seem to appear (or maybe I'm in the wrong screen). Anyways, here's my current HijackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 1:59:09 PM, on 9/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\Program Files\Toshiba\TapButton\TapButt.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\Program Files\TOSHIBA\TME3\TMETEMNU.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\system32\wtablet\TabUserW.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [TapButt] C:\Program Files\Toshiba\TapButton\TapButt.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TAcelMgr] C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
O4 - HKLM\..\Run: [TSkrMain] C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe
O4 - HKLM\..\Run: [TosRotation] "C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe"
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: TabUserW.lnk = C:\WINDOWS\system32\wtablet\TabUserW.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: Sebring - c:\WINDOWS\System32\LgNotify.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: CWShredder Service - InterMute, Inc. - C:\Documents and Settings\user\Desktop\CWShredder.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: DigitizerWacom (TabletService) - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Tmesrv3 (Tmesrv) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe" /Service (file missing)
Edit: ActiveScan oddly enough did not give me a the option to save the log. It said instead that in order to get the log, I had to select "E-mail results" or something.
No files were found to be infected or anything, however.
Oh, and almost forgot the VundoFix log:
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Suspending PID 156 'smss.exe'
Threads [160][164][168]
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Error, Cannot find a process with an image name of explorer.exe
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Error, Cannot find a process with an image name of rundll32.exe
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 228 'winlogon.exe'
Killing PID 228 'winlogon.exe'
File Deleted sucessfully.
Files Deleted sucessfully.
Edited by sfried, 10 September 2005 - 12:18 PM.