I Have A Trojan Horse Vb.cec And Possible Worm(vb.so)

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

BleepingComputer.com > Security > HijackThis Logs and Virus/Trojan/Spyware/Malware Removal

Forum Guidelines

Read this topic before posting a log.

DO NOT post a ComboFix log unless requested to.

Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.

When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.

Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

I Have A Trojan Horse Vb.cec And Possible Worm(vb.so), AVG said that everything is healed but I am not so sure

Options

aljobes View Member Profile	Jan 12 2008, 04:16 PM Post #1
Member Group: Members Posts: 21 Joined: 16-December 07 Member No.: 176,806	My browser(firefox) was freezing and now will not open. When I ran AVG anti-virus it came up that I have more then one infected file, infected with Trojan Horse VB.CEC. The infected files curiously enough were Smitfraud Fix, which I installed a month or so ago when I was experiencing a problem.....Anyways here is my log, thanks in advance!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:08:50 PM, on 1/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe c:\windows\system\hpsysdrv.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\Grisoft\AVG7\avgwb.dat C:\PROGRA~1\Grisoft\AVG7\avgvv.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: (no name) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - (no file) O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll O2 - BHO: (no name) - {D17CFF74-A19C-4C36-821A-E074E4F889CA} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM') O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (file missing) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) - O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 9087 bytes This post has been edited by aljobes: Jan 12 2008, 04:17 PM

ourwilly View Member Profile	Jan 13 2008, 11:29 AM Post #2
Distinguished Member Group: HJT Team Posts: 921 Joined: 6-January 05 Member No.: 8,815	Hello aljobes Copy and Paste this 'Fix' into either Notepad or Wordpad for future reference as you will be required to closed down you browser when following these steps. 1. First please delete SmitfraudFix from your system. Then I would like you to disable all your Real-time when doing this or any fix on your system, To Disable Tea-Timer Open Spybot Search & Destroy. In the Mode menu click "Advanced mode" if not already selected. Choose Yes at the Warning prompt. Expand the Tools menu. Click Resident. Uncheck the Resident "TeaTimer" (Protection of overall system settings) active. box. In the File menu click Exit to exit Spybot Search & Destroy To Disable SpywareGuard's Right click the Spywareguard system tray icon to open the program. Click on "Options" and uncheck all the three boxes before clicking Save Settings. Then click on Menu \| File \| Exit and confirm you wish to close the program. 2. Open HijackThis again, select "Do a System Scan only" and place a checkmark in the boxes before the following entries: O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: (no name) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - (no file) O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: (no name) - {D17CFF74-A19C-4C36-821A-E074E4F889CA} - (no file) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) - O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - Close any Explorer windows which may be open and click the "Fix Checked" button, then exit HijackThis. 3. Check for any SUPERAntiSpyware updates then Please Reboot your System into Safe Mode Shut down your system, then Restart your computer as soon as it starts booting up again continuously tap F8. from the menu select the option to enter Safe Mode Open SUPERAntiSpyware and click the "Scan your computer" button. On the left, select "C:\Fixed Drive". On the right, under "Complete Scan", choose "Perform Complete Scan". Click "Next" to start the scan. Please be patient while it scans your computer. After the scan is complete a summary box will appear. Click "OK". Make sure everything in the white box has a check next to it, then click "Next". After quarantining anything found, you may be prompted to reboot, click "Yes". Reboot back into Normal Mode. Rescan with HijackThis and post the new log and the SUPERAntiSpyware Log and may I ask if you are using any Norton/Symantec products on your system... Thank you.

aljobes View Member Profile	Jan 13 2008, 03:30 PM Post #3
Member Group: Members Posts: 21 Joined: 16-December 07 Member No.: 176,806	My computer came with a trial version of Norton/Symantec which I never installed, I deleted it about a month ago.... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:17:50 PM, on 1/13/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\WINDOWS\system32\NOTEPAD.EXE c:\windows\system\hpsysdrv.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM') O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8067 bytes SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 01/13/2008 at 03:12 PM Application Version : 3.9.1008 Core Rules Database Version : 3379 Trace Rules Database Version: 1373 Scan type : Complete Scan Total Scan Time : 02:10:02 Memory items scanned : 171 Memory threats detected : 0 Registry items scanned : 7799 Registry threats detected : 0 File items scanned : 58734 File threats detected : 0 This post has been edited by aljobes: Jan 13 2008, 03:31 PM

ourwilly View Member Profile	Jan 13 2008, 04:42 PM Post #4
Distinguished Member Group: HJT Team Posts: 921 Joined: 6-January 05 Member No.: 8,815	Hello aljobes Copy and Paste this 'Fix' into either Notepad or Wordpad for future reference as you will be required to closed down you browser when following these steps. 1. Click on: Start > Run and type in: services.msc Click "OK" In the Services window look for Symantec Core LC Select/highlight and right click the entry, and choose: Properties On the General tab, under Service Status click the Stop button Beside: Startup Type, in the drop menu, select: Disabled Click "Apply" then "OK" 2. Please download ATF Cleaner by Atribune. Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Click Exit on the Main menu to close the program. For Technical Support, double-click the e-mail address located at the bottom of each menu. 3. Now that you have removed "Smitfraud Fix" Can you now update and run the AVG anti-virus, please note anything quarantined by the AVG software Please Do Not Purge it is safely held there and no longer a threat Post a new HijackThis log, any information on the AVG scan and let me know how your system is running. Thank you.

aljobes View Member Profile	Jan 13 2008, 10:55 PM Post #5
Member Group: Members Posts: 21 Joined: 16-December 07 Member No.: 176,806	There are three Trojan horse vb.cec infected files and a worm vb.so infected file in the virus vault. The AVG scan came back clean and everything seems to be running normally again.... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:55:06 PM, on 1/13/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe c:\windows\system\hpsysdrv.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\Grisoft\AVG7\avgwb.dat C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM') O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8104 bytes

ourwilly View Member Profile	Jan 14 2008, 02:07 AM Post #6
Distinguished Member Group: HJT Team Posts: 921 Joined: 6-January 05 Member No.: 8,815	Hello aljobes Can you do this for me next please.. Copy and Paste this post into a new text document or print it for reference Please now use Internet Explorer and run this online scan with Kaspersky WebScanner Click on Kaspersky Online Scanner You will be promted to install an ActiveX component from Kaspersky, Click Yes. The program will launch and then begin downloading the latest definition files: Once the files have been downloaded click on NEXT Now click on Scan Settings In the scan settings make that the following are selected: Scan using the following Anti-Virus database: Extended (if available otherwise Standard) Scan Options: Scan Archives Scan Mail Bases Click OK Now under select a target to scan: Select My Computer This will program will start and scan your system, This will take a while so be patient and let it run. When the scan has completed, click Save Report As a Text File. Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt) Click Save - by default the file will be saved to your Desktop, but you can change this if you wish. Copy and paste that information in your next post along with a new HijackThis log. Thank you

aljobes View Member Profile	Jan 14 2008, 09:07 PM Post #7
Member Group: Members Posts: 21 Joined: 16-December 07 Member No.: 176,806	Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:05:31 PM, on 1/14/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe c:\windows\system\hpsysdrv.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\AIM6\aolsoftware.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM') O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8182 bytes ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Monday, January 14, 2008 9:04:42 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 14/01/2008 Kaspersky Anti-Virus database records: 511465 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ Scan Statistics: Total number of scanned objects: 198561 Number of viruses found: 2 Number of infected objects: 12 Number of suspicious objects: 0 Duration of the scan process: 02:24:50 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\Compaq_Owner\Application Data\acccore\nss\cert8.db Object is locked skipped C:\Documents and Settings\Compaq_Owner\Application Data\acccore\nss\key3.db Object is locked skipped C:\Documents and Settings\Compaq_Owner\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\AOL OCP\AIM\Storage\All Users\localStorage\common.cls Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\AOL OCP\AIM\Storage\data\blueeyedangel459\localStorage\common.cls Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\AOL OCP\AIM\Storage\data\redrose18964\localStorage\common.cls Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\AOL OCP\AIM\Storage\data\shadesofgray495\localStorage\common.cls Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\AOL OCP\AIM\Storage\data\shadesofgray687\localStorage\common.cls Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\MSHist012008011420080115\index.dat Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\temp\Perflib_Perfdata_a48.dat Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\temp\~DFC0DF.tmp Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\temp\~DFE183.tmp Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Compaq_Owner\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Compaq_Owner\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP21\A0019052.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP21\A0019052.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP21\A0019052.exe RarSFX: infected - 2 skipped C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP21\A0019060.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP26\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Internet Logs\ASHLEY.ldb Object is locked skipped C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\TEMP\ZLT01cf8.TMP Object is locked skipped C:\WINDOWS\TEMP\ZLT01cfb.TMP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\I386\APPS\APP02359\src\CompaqPresario_Spring06.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.WeatherBug.a skipped D:\I386\APPS\APP02359\src\CompaqPresario_Spring06.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.WeatherBug.a skipped D:\I386\APPS\APP02359\src\CompaqPresario_Spring06.exe WiseSFX: infected - 2 skipped D:\I386\APPS\APP02359\src\CompaqPresario_Spring06.exe WiseSFXDropper: infected - 2 skipped D:\I386\APPS\APP02359\src\HPPavillion_Spring06.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.WeatherBug.a skipped D:\I386\APPS\APP02359\src\HPPavillion_Spring06.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.WeatherBug.a skipped D:\I386\APPS\APP02359\src\HPPavillion_Spring06.exe WiseSFX: infected - 2 skipped D:\I386\APPS\APP02359\src\HPPavillion_Spring06.exe WiseSFXDropper: infected - 2 skipped Scan process completed.

aljobes View Member Profile	Jan 15 2008, 11:23 PM Post #8
Member Group: Members Posts: 21 Joined: 16-December 07 Member No.: 176,806	FYI, I will be out of state January 16-18th so my reply may be delayed. Sorry about that, thank you for all your help so far.

ourwilly View Member Profile	Jan 16 2008, 03:46 AM Post #9
Distinguished Member Group: HJT Team Posts: 921 Joined: 6-January 05 Member No.: 8,815	Hello aljobes QUOTE I will be out of state January 16-18th Thank you for this information. Download AVG Anti-Spyware v7.5 and save it to your Desktop <- (Important! Vista Users should install from that same location). (This is Ewido 4.0 renamed and updated with a special "clean driver" for removing persistent malware.) After download, double click on the file to launch the install process. Choose a language, click "OK" and then click "Next". Read the "License Agreement" and click "I Agree". Accept default installation path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5, click "Next", then click "Install". After setup completes, click "Finish" to start the program automatically or launch AVG Anti-Spyware by double-clicking its icon on your desktop or in the system tray. Connect to the Internet, go back to AVG Anti-Spyware, select the "Update" button and click "Start update". Wait until you see the "Update successful" message. If you are having problems with the updater, manually download and update with the AVG Anti-Spyware Full database installer. Exit AVG Anti-Spyware when done - DO NOT perform a scan yet. Reboot your computer in "SAFE MODE" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode". Scan with AVG Anti-Spyware as follows: Click on the "Scanner" button and choose the "Settings" tab. Under "*How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware. Under "How to Scan?", "Possibly unwanted software", and What to Scan?" leave all the default settings. Under "Reports" select "Do not automatically generate reports". Click the "Scan" tab to return to scanning options. Click "Complete System Scan" to start. When the scan has finished, it should automatically be set to Quarantine--if not click on Recommended Action* and set it there. You will also be presented with a list of infected objects found. Click "Apply all actions" to place the files in Quarantine. IMPORTANT! Do not save the report before you have clicked the :Apply all actions button. If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the "Apply all actions" button. Click on "Save Report" to view all completed scans. Click on the most recent scan you performed, select "*Save report as" and save to your desktop. The default file name will be in date/time format: Report-Scan-200706-1606. A copy of each report will be saved in* C:\Documents and Settings\<user profile>\Application Data\Grisoft\AVG Antispyware 7.5\Reports. If you installed AVG AS over a previous version, reports are saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\ If you are a Vista user, reports are saved in C:\Users\<username>\AppData\Roaming\Grisoft\AVG Antispyware 7.5\Reports\ Exit AVG Anti-Spyware when done, reboot normally and post the AVg log report and a new HijackThis log and let me know how your system is running now. Thank you

aljobes View Member Profile	Jan 19 2008, 07:53 PM Post #10
Member Group: Members Posts: 21 Joined: 16-December 07 Member No.: 176,806	My computer seems to be running normally. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:51:13 PM, on 1/19/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8158 bytes --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 7:45:48 PM 1/19/2008 + Scan result: C:\Program Files\music_now\inetchk.exe -> Hijacker.Small : Cleaned. :mozilla.126:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.130:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.156:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.157:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.158:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.285:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.286:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.287:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.363:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.364:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.365:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.83:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.141:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Addynamix : Cleaned. :mozilla.142:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Addynamix : Cleaned. :mozilla.143:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Addynamix : Cleaned. :mozilla.144:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Addynamix : Cleaned. :mozilla.145:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Addynamix : Cleaned. :mozilla.146:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Addynamix : Cleaned. :mozilla.118:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.119:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.120:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.121:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.122:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.122:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.123:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.125:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.126:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.127:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.128:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.416:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.417:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.418:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.419:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.262:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Adobe : Cleaned. :mozilla.349:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Adobe : Cleaned. :mozilla.67:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Adobe : Cleaned. :mozilla.35:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.36:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.37:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.39:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.46:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.47:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.48:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.49:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.58:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.59:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.60:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.61:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.104:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.38:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.45:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.108:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.109:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.10:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.110:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.11:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.40:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.41:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.42:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.9:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.458:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Cpvfeed : Cleaned. :mozilla.519:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Cpvfeed : Cleaned. :mozilla.594:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Cpvfeed : Cleaned. :mozilla.36:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.57:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.159:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.160:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.163:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.165:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.148:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.149:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.43:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.44:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.474:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.475:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.476:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.533:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.606:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.381:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Idot : Cleaned. :mozilla.454:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Idot : Cleaned. :mozilla.530:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Idot : Cleaned. :mozilla.113:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.124:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.259:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Ivwbox : Cleaned. :mozilla.347:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Ivwbox : Cleaned. :mozilla.424:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Ivwbox : Cleaned. :mozilla.62:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.63:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.469:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Msn : Cleaned. :mozilla.470:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Msn : Cleaned. :mozilla.471:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Msn : Cleaned. :mozilla.528:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Msn : Cleaned. :mozilla.529:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Msn : Cleaned. :mozilla.530:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Msn : Cleaned. :mozilla.601:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Msn : Cleaned. :mozilla.602:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Msn : Cleaned. :mozilla.603:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Msn : Cleaned. C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned. :mozilla.152:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.153:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.154:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.133:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.134:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.135:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.136:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.137:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.138:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.139:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.140:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.48:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.49:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.50:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.52:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.53:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.54:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.55:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.56:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.57:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.167:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.168:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.169:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.170:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.172:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.173:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.174:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.175:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.176:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.177:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.179:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.180:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.181:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.182:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.183:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.370:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.443:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.477:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.478:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.479:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.480:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.506:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.519:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Tacoda : Cleaned. C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.150:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Targetnet : Cleaned. :mozilla.34:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.35:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.37:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.38:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.39:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.40:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.41:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.41:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.42:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.43:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.44:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.44:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.45:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.46:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.47:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.48:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.27:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.18:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.19:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.20:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.21:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.22:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.30:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.30:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.31:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.32:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.33:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.34:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.35:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.38:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.39:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.40:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.8:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.158:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.161:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.162:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.164:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.166:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\shp5vtbg.default\cookies-3.txt -> TrackingCookie.Zedo : Cleaned. ::Report end

ourwilly View Member Profile	Jan 20 2008, 01:14 AM Post #11
Distinguished Member Group: HJT Team Posts: 921 Joined: 6-January 05 Member No.: 8,815	Hello aljobes As everything is running fine now, Please "Disable" and then "Re-Enable" System Restore. To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account. (Windows XP) Turn off System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. Reboot. Turn ON System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. UN-Check Turn off System Restore. Click Apply, and then click OK. I recommend you Bookmark these Tutorials for future reference: So how did I get infected in the first place? Simple and easy ways to keep your computer safe and secure on the Internet Thank you.

« Next Oldest · HijackThis Logs and Virus/Trojan/Spyware/Malware Removal · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 21st November 2009 - 02:10 AM

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Virus Removal Guides