Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Computer/pop-ups.....please Help


  • Please log in to reply
10 replies to this topic

#1 AJR3

AJR3

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Colorado, USA
  • Local time:05:33 PM

Posted 17 July 2007 - 01:20 AM

Hello,

My computer has been having issues recently. They started a few weeks ago (actually a few days after I installed Windows XP SP2, though I don't think this is the problem).



SYMPTOMS:
-Slow Performance (applications take unusually long to start up/run, and videos are 'jerky')
-Pop ups when I am on the Internet
-Pop Ups when I do not have a web browser open (though am still connected to a wireless network)
Including:
-Stuff powered by ZEDO
-WinAntiVirus
-WinAntiSpyware
-Crap from Myspace (which I have never been to)
-Random Advertisement crap
-Programs that initialize installation without my consent
Including:
-WinAntiVirus 2007
-WinAntiSpyware 2007
-System Doctor 2006-2007
-Strange changes to my computer's basic file browsing interface (only occurs every so often)
-Shortcuts to web pages that show up after I restart my computer (though not every time)
Including:
-Go to Casino
http://search2find.biz/search.php?q=casino
-Load Ultimate Cleaner 2007
http://softwarereferral.com/jump.php?wmid=6010...
-Find Spyware removal
http://search2find.biz/search.php?q=Spyware%20Remover
-Not able to open any application (this happens only once in a while)
-Not able to open Task Manager (same deal)



THINGS I HAVE DONE:
-Deleting old programs on hard drive that was almost full (in hopes of speeding up the computer)
-Disk clean and Hard drive Defragment (speed)
-Scanning with Anti-Virus/Spyware/Adware programs and deleting files detected
Including:
-Windows Defender
-Ad-Aware SE Personal
-Spybot - Search and Destroy
-Looking up Processes running in the Task Manager and ending suspicious ones (did this only twice)



SYSTEM INFO:

Windows XP Home Edition version 2002 with SP2
Intel Celeron M 1.5GHz
1.0GB RAM



HIJACKTHIS LOG:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:12:50 AM, on 7/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\mgrs.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\YMANTE~1\notepad.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\igqwbnqs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [WheelMouse] Amoumain.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [\\GRIDEOUT\EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /P41 "\\GRIDEOUT\EPSON Stylus Photo R220 Series" /O6 "USB002" /M "Stylus Photo R220"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R220 Series on GRIDEOUT] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /P47 "Auto EPSON Stylus Photo R220 Series on GRIDEOUT" /O19 "\\GRIDEOUT\EPSONSty" /M "Stylus Photo R220"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\tpaxmqwf.dll",forkonce
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WebBuying] C:\Program Files\Web Buying\v1.7.8\webbuying.exe
O4 - HKCU\..\Run: [Sen] "C:\PROGRA~1\YMANTE~1\notepad.exe" -vt yazb
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLaunc...iveLauncher.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1181936111500
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Maya 7.0 Documentation Server (maya70docserver) - Unknown owner - C:\Program Files\Alias\Maya7.0\docs\wrapper.exe (file missing)
O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\MAYA\Maya 7.0 Personal Learning Edition\docs\wrapper.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE (file missing)
O24 - Desktop Component 0: (no name) - C:\WINDOWS\Web\Wallpaper\Azul.jpg

--
End of file - 9692 bytes


I would greatly appreciate your help, and sorry to bother you about this.

~AJR3

By the way, I will be on a vacation from July 21 through August 4 and will not have my computer, so sorry if I don't respond for a while

BC AdBot (Login to Remove)

 


#2 YounGun

YounGun

    The malware-fighting kid


  • Members
  • 244 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Romania, Bucharest
  • Local time:11:33 PM

Posted 17 July 2007 - 06:22 AM

Hi :thumbsup:

I need to see another type of log please. Go here and download Silent Runners.vbs to a new folder on your Desktop (Clicking the the download link works if you use IE. If you use FireFox, rightclick on the link and choose "Save Link As") and run it. It generates a log too. It takes a minute or two and it will notify you with a popup when your log is ready (make sure you wait for the popups please) Please post the information back in this thread too (you may need to make a couple of posts). If your antivirus program queries the script, allow it to run. It's not malicious.

#3 AJR3

AJR3
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Colorado, USA
  • Local time:05:33 PM

Posted 17 July 2007 - 11:25 PM

Hello YounGun,

Here are the Silent Runners Results:

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"MsnMsgr" = ""C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background" [MS]
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ["Google Inc."]
"DellSupport" = ""C:\Program Files\DellSupport\DSAgnt.exe" /startup" ["Gteko Ltd."]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"Sen" = ""C:\PROGRA~1\YMANTE~1\notepad.exe" -vt yazb" [null data]
"WMPNSCFG" = "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"igfxtray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"]
"igfxhkcmd" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"]
"igfxpers" = "C:\WINDOWS\system32\igfxpers.exe" ["Intel Corporation"]
"SynTPEnh" = "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" ["Synaptics, Inc."]
"Broadcom Wireless Manager UI" = "C:\WINDOWS\system32\WLTRAY.exe" ["Dell Inc."]
"SigmatelSysTrayApp" = "stsystra.exe" ["SigmaTel, Inc."]
"DVDLauncher" = ""C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"" ["CyberLink Corp."]
"ISUSPM Startup" = ""C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup" ["InstallShield Software Corporation"]
"ISUSScheduler" = ""C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start" ["InstallShield Software Corporation"]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Inc."]
"tgcmd" = ""C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf" ["Qwest"]
"Microsoft Works Update Detection" = "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" ["Microsoft® Corporation"]
"WheelMouse" = "Amoumain.exe" [file not found]
"Windows Defender" = ""C:\Program Files\Windows Defender\MSASCui.exe" -hide" [MS]
"MSKDetectorExe" = "C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall" ["McAfee, Inc."]
"TkBellExe" = ""C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."]
"ccApp" = ""C:\Program Files\Common Files\Symantec Shared\ccApp.exe"" ["Symantec Corporation"]
"\\GRIDEOUT\EPSON Stylus Photo R220 Series" = "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /P41 "\\GRIDEOUT\EPSON Stylus Photo R220 Series" /O6 "USB002" /M "Stylus Photo R220"" ["SEIKO EPSON CORPORATION"]
"MSConfig" = "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto" [MS]
"Auto EPSON Stylus Photo R220 Series on GRIDEOUT" = "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /P47 "Auto EPSON Stylus Photo R220 Series on GRIDEOUT" /O19 "\\GRIDEOUT\EPSONSty" /M "Stylus Photo R220"" ["SEIKO EPSON CORPORATION"]
"Symantec NetDriver Monitor" = "C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer" ["Symantec Corporation"]
"smgr" = "mgrs.exe" [null data]
"icq.com" = "rundll32.exe "C:\WINDOWS\system32\gtmafbwv.dll",forkonce" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{5AB43BC0-69F1-4F46-90F6-57B4E14AB434}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "\" [file not found]
{78510641-cdf7-44c6-a915-110ebf9d1f8b}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\dbwogkj.dll" [null data]
{938A8A03-A938-4019-B764-03FF8D167D79}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\tupjlvph.dll" [null data]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Notifier BHO"
\InProcServer32\(Default) = "C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll" ["Google Inc."]
{BDF3E430-B101-42AD-A544-FADC6B084872}\(Default) = "NAV Helper"
-> {HKLM...CLSID} = "CNavExtBho Class"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
{CA6319C0-31B7-401E-A518-A07C3DB8F777}\(Default) = "Browser Address Error Redirector"
-> {HKLM...CLSID} = "CBrowserHelperObject Object"
\InProcServer32\(Default) = "c:\Program Files\BAE\BAE.dll" ["Dell Inc."]
{DC192567-65F9-4AB6-ADB7-E13575F81726}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\xxyxwtr.dll" [null data]
{FBC18949-1018-40EB-832E-702930FA88C2}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\ssqpn.dll" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics, Inc."]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "Universal Plug and Play Devices"
-> {HKLM...CLSID} = "Universal Plug and Play Devices"
\InProcServer32\(Default) = "C:\WINDOWS\system32\upnpui.dll" [MS]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]
"{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]
"{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]
"{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" = "Microsoft AntiMalware ShellExecuteHook"
-> {HKLM...CLSID} = "Microsoft AntiMalware ShellExecuteHook"
\InProcServer32\(Default) = "C:\PROGRA~1\WIFD1F~1\MpShHook.dll" [MS]
<<!>> "{DC192567-65F9-4AB6-ADB7-E13575F81726}" = "*a" (unwritable string)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\xxyxwtr.dll" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

HKLM\System\CurrentControlSet\Control\Session Manager\
<<!>> "BootExecute" = "autocheck autochk *"|"stera" [file not found]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> igfxcui\DLLName = "igfxdev.dll" ["Intel Corporation"]
<<!>> ssqpn\DLLName = "C:\WINDOWS\system32\ssqpn.dll" [null data]
<<!>> xxyxwtr\DLLName = "xxyxwtr.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]


Default executables:
--------------------

HKLM\Software\Classes\.bat\ = (key not found)


Group Policies {policy setting}:
--------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"NoActiveDesktop" = (REG_DWORD) hex:0x00000000
{Disable Active Desktop}

"ClassicShell" = (REG_DWORD) hex:0x00000000
{Enable Classic Shell / Turn on Classic Shell}

"ForceActiveDesktopOn" = (REG_DWORD) hex:0x00000000
{Enable Active Desktop}

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"NoCDBurning" = (REG_DWORD) hex:0x00000000
{unrecognized setting}

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"DisableRegistryTools" = (REG_DWORD) hex:0x00000000
{Prevent access to registry editing tools}

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Devices: Allow undock without having to log on}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be enabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\toyhide.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\system32\toyhide.bmp"

Active Desktop web content (hidden if disabled):

HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0\
"FriendlyName" = ""
"Source" = "C:\WINDOWS\Web\Wallpaper\Azul.jpg"
"SubscribedURL" = "C:\WINDOWS\Web\Wallpaper\Azul.jpg"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "none" [file not found]


Startup items in "Alex Rideout" & "All Users" startup folders:
--------------------------------------------------------------

C:\Documents and Settings\Alex Rideout\Start Menu\Programs\Startup
"Adobe Gamma" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
"Digital Line Detect" -> shortcut to: "C:\Program Files\Digital Line Detect\DLG.exe" ["BVRP Software"]
"Google Updater" -> shortcut to: "C:\Program Files\Google\Google Updater\GoogleUpdater.exe -systray -startup" ["Google"]
"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l" [MS]


Enabled Scheduled Tasks:
------------------------

"Critical Battery Alarm Program" -> WARNING -- The file "Critical Battery Alarm Program.job" is corrupt! (no executable)
"Low Battery Alarm Program" -> WARNING -- The file "Low Battery Alarm Program.job" is corrupt! (no executable)
"MP Scheduled Scan" -> launches: "C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges" [MS]
"Norton AntiVirus - Scan my computer - Alex Rideout" -> launches: "C:\PROGRA~1\NORTON~1\Navw32.exe /task:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"" ["Symantec Corporation"]
"Time Only Knows (Shortened)" -> launches: "C:\Documents and Settings\Alex Rideout\Desktop\Alex\Music\Time Only Knows (Shortened).mp3" [null data]
"Uniblue SpyEraser Nag" -> launches: "C:\Program Files\SpyEraser\SpyEraser.exe -ynag" [file not found]
"Uniblue SpyEraser" -> launches: "C:\Program Files\SpyEraser\SpyEraser.exe -s" [file not found]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 22
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{4064EA35-578D-4073-A834-C96D82CBCF40}"
-> {HKLM...CLSID} = "&Save Flash"
\InProcServer32\(Default) = "C:\Program Files\Save Flash\SaveFlash.dll" ["TODO: <Company name>"]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" = "Norton AntiVirus"
-> {HKLM...CLSID} = "Norton AntiVirus"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]
"{4064EA35-578D-4073-A834-C96D82CBCF40}" = (no title provided)
-> {HKLM...CLSID} = "&Save Flash"
\InProcServer32\(Default) = "C:\Program Files\Save Flash\SaveFlash.dll" ["TODO: <Company name>"]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Automatic LiveUpdate Scheduler, Automatic LiveUpdate Scheduler, ""C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"" ["Symantec Corporation"]
Google Updater Service, gusvc, ""C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"" ["Google"]
IPv6 Helper Service, 6to4, "C:\WINDOWS\system32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\6to4svc.dll" [MS]}
NICCONFIGSVC, NICCONFIGSVC, "C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe" ["Dell Inc."]
Norton AntiVirus Auto-Protect Service, navapsvc, ""C:\Program Files\Norton AntiVirus\navapsvc.exe"" ["Symantec Corporation"]
Symantec Settings Manager, ccSetMgr, ""C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"" ["Symantec Corporation"]
Windows Defender, WinDefend, ""C:\Program Files\Windows Defender\MsMpEng.exe"" [MS]
Windows Media Player Network Sharing Service, WMPNetworkSvc, "C:\Program Files\Windows Media Player\WMPNetwk.exe" [MS]


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]


----------
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 68 seconds, including 18 seconds for message boxes)


~AJR3

#4 YounGun

YounGun

    The malware-fighting kid


  • Members
  • 244 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Romania, Bucharest
  • Local time:11:33 PM

Posted 18 July 2007 - 03:14 PM

Download Combofix.exe from here.

Doubleclick on combofix.exe and follow the prompts. A window will open with a warning. Type "1" (and Enter) to start the fix. When the scan completes, Disk Cleanup will run and then a text window with your log will open. Please copy and paste that log back here.

A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

Copy this log in your next reply together with a new HijackThis log

Download and scan with AVG Anti-Spyware v7.5
(This is Ewido 4.0 renamed. If you already have Ewido installed, please update to AVG Anti-Spyware which has a special "clean driver" for removing persistent malware.)
1. After download, double click on the file to launch the install process.
2. Choose a language, click "OK" and then click "Next".
3. Read the "License Agreement" and click "I Agree".
4. Accept default installation path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5, click "Next", then click "Install".
5. After setup completes, click "Finish" to start the program automatically or launch AVG Anti-Spyware by double-clicking its icon on your desktop or in the system tray.
6. The main "Status" menu will appear. Select "Change state" to inactivate 'Resident Shield' and 'Automatic Updates'.
7. Then right click on AVG Anti-Spyware in the system tray and uncheck "Start with Windows".
8. Go to Start > Run and type: services.msc
  • Press "OK".
  • Click the "Extended tab" and scroll down the list to find AVG Anti-Spyware guard.
  • When you find the guard service, double-click on it.
  • In the Properties Window > General Tab that opens, click the "Stop" button.
  • From the drop-down menu next to "Startup Type", click on "Manual".
  • Now click "Apply", then "OK" and close the Services window.
9. Select the "Update" button and click "Start update". Wait until you see the "Update succesfull message. If you are having problems with the updater, manually update with the AVG Anti-Spyware Full database installer from here.

Once the updates are installed do the following:
1. Click on the "Scanner" button and choose the "Settings" tab.
  • Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
  • Under "How to Scan?", "Possibly unwanted software", and What to Scan?" leave all the default settings.
  • Under "Reports" select "Automatically generate report after every scan" and UNcheck "Only if threats were found".
2. Click the "Scan" tab to return to scanning options.
3. Click "Complete System Scan" to start.
4. When the scan has finished you will be presented with a list of infected objects found. Click "Apply all actions" to place the files in Quarantine.

IMPORTANT! Do not save the report before you have clicked the Apply all actions button. If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the "Apply all actions" button?

5. Click on "Save Report" to view all completed scans. Click on the most recent scan you just performed and select "Save report as" - the default file name will be in date/time format as follows: Report-Scan-20060620-142816.txt. Save to your desktop. A copy of each report will also be saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\
6. Exit AVG Anti-Spyware when done and submit the log report in your next response.

Note: Close all open windows, programs, and DO NOT USE the computer while AVG Anti-Spyware is scanning. Doing so may hamper AVG Anti-Spyware's ability to clean properly and may result in reinfection.

AVG Anti-Spyware is free for 30 days and all the extensions of the full version will be activated. After the 30 day trial, active protection extensions will be deactivated and the program will turn into a feature-limited freeware version that you can can continue to use as an on-demand scanner or you may purchase a license to use the full version.


#5 AJR3

AJR3
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Colorado, USA
  • Local time:05:33 PM

Posted 19 July 2007 - 12:47 AM

Hi YounGun,

Thanks for you help thus far. Here are the requested logs.

HIJACKTHIS:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:09:08 PM, on 7/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5AB43BC0-69F1-4F46-90F6-57B4E14AB434} - \
O2 - BHO: (no name) - {78510641-cdf7-44c6-a915-110ebf9d1f8b} - C:\WINDOWS\system32\dbwogkj.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [WheelMouse] Amoumain.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Sen] "C:\PROGRA~1\YMANTE~1\notepad.exe" -vt yazb
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLaunc...iveLauncher.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1181936111500
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Maya 7.0 Documentation Server (maya70docserver) - Unknown owner - C:\Program Files\Alias\Maya7.0\docs\wrapper.exe (file missing)
O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\MAYA\Maya 7.0 Personal Learning Edition\docs\wrapper.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE (file missing)
O24 - Desktop Component 0: (no name) - C:\WINDOWS\Web\Wallpaper\Azul.jpg

--
End of file - 9390 bytes


COMBOFIX:

"Alex Rideout" - 2007-07-18 14:47:59 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\fkxjrkfh.dll
C:\WINDOWS\system32\qeyrhocb.dll
C:\WINDOWS\system32\raailjto.dll
C:\WINDOWS\system32\aoftvipj.exe
C:\WINDOWS\system32\ccwespmv.exe
C:\WINDOWS\system32\igqwbnqs.exe
C:\WINDOWS\system32\jdnklhfn.exe
C:\WINDOWS\system32\jxpqhnbf.exe
C:\WINDOWS\system32\kvjcyutb.exe
C:\WINDOWS\system32\mbbmgdgg.exe
C:\WINDOWS\system32\pnmhtskq.exe
C:\WINDOWS\system32\pxibymum.exe
C:\WINDOWS\system32\skxxirui.exe
C:\WINDOWS\system32\tkkswlhc.exe
C:\WINDOWS\system32\bblsxqyg.dll
C:\WINDOWS\system32\bcyfitma.dll
C:\WINDOWS\system32\bhqmuone.dll
C:\WINDOWS\system32\blpubamw.dll
C:\WINDOWS\system32\csurdljd.dll
C:\WINDOWS\system32\fevwxeov.dll
C:\WINDOWS\system32\fpoeloqm.dll
C:\WINDOWS\system32\fuxaqchr.dll
C:\WINDOWS\system32\hbnakcyh.dll
C:\WINDOWS\system32\hvjsvaxg.dll
C:\WINDOWS\system32\kuctryvv.dll
C:\WINDOWS\system32\nqpkntnr.dll
C:\WINDOWS\system32\nuhyswge.dll
C:\WINDOWS\system32\oqdyiddl.dll
C:\WINDOWS\system32\sobnscrl.dll
C:\WINDOWS\system32\tupjlvph.dll
C:\WINDOWS\system32\vesxckrc.dll
C:\WINDOWS\system32\virndppc.dll
C:\WINDOWS\system32\walvhdsy.dll
C:\WINDOWS\system32\winpjjlm.dll
C:\WINDOWS\system32\xnswxpon.dll
C:\WINDOWS\system32\hfkrjxkf.ini
C:\WINDOWS\system32\otjliaar.ini
C:\WINDOWS\system32\npqss.bak1
C:\WINDOWS\system32\npqss.bak2
C:\WINDOWS\system32\npqss.ini
C:\WINDOWS\system32\npqss.ini2
C:\WINDOWS\system32\npqss.tmp
C:\WINDOWS\system32\npqss.bak1
C:\WINDOWS\system32\npqss.bak2
C:\WINDOWS\system32\npqss.ini
C:\WINDOWS\system32\npqss.ini2
C:\WINDOWS\system32\npqss.tmp
C:\WINDOWS\system32\npqss.bak1
C:\WINDOWS\system32\npqss.bak2
C:\WINDOWS\system32\npqss.ini
C:\WINDOWS\system32\npqss.ini2
C:\WINDOWS\system32\npqss.tmp
C:\WINDOWS\system32\ssqpn.dll
C:\WINDOWS\system32\xxyxwtr.dll
C:\WINDOWS\system32\xxyxwtr.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\ALEXRI~1\APPLIC~1.\dobe~1
C:\DOCUME~1\ALEXRI~1\APPLIC~1\Install.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\salesmonitor
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\ProductCode
C:\Program Files\Common Files\ecurit~1
C:\Program Files\Common Files\winantispyware 2007
C:\Program Files\Common Files\winantispyware 2007\err.log
C:\Program Files\Common Files\winantispyware 2007\WAS7Mon.exe~
C:\Program Files\outerinfo
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\svhost
C:\Program Files\ymante~1
C:\Program Files\ymante~1\notepad.exe
C:\temp\iee
C:\WINDOWS\avp.exe
C:\WINDOWS\icroso~1
C:\WINDOWS\mgrs.exe
C:\WINDOWS\poolsv.exe
C:\WINDOWS\svhost.exe
C:\WINDOWS\system32\agmeeebk.exe
C:\WINDOWS\system32\bmflftfm.exe
C:\WINDOWS\system32\brbmmjmv.exe
C:\WINDOWS\system32\cibnvnkh.exe
C:\WINDOWS\system32\driver.exe
C:\WINDOWS\system32\flieljqb.exe
C:\WINDOWS\system32\gcfpacks.exe
C:\WINDOWS\system32\hebupann.exe
C:\WINDOWS\system32\hhuwjskb.exe
C:\WINDOWS\system32\jdhtyagu.exe
C:\WINDOWS\system32\koyigcxu.exe
C:\WINDOWS\system32\mmqseyol.exe
C:\WINDOWS\system32\mwtdqlto.exe
C:\WINDOWS\system32\nmxdgekv.exe
C:\WINDOWS\system32\o02PrEz
C:\WINDOWS\system32\osevptjd.exe
C:\WINDOWS\system32\oxyyvdvg.exe
C:\WINDOWS\system32\rwbdrord.exe
C:\WINDOWS\system32\sfvuiihy.exe
C:\WINDOWS\system32\syswin.exe
C:\WINDOWS\system32\taoitmqm.exe
C:\WINDOWS\system32\wdhntvuf.exe
C:\WINDOWS\system32\winsys64.exe
C:\WINDOWS\system32\wnsapiit.exe
C:\WINDOWS\system32\xcctvftq.exe
C:\WINDOWS\system32\ystem~1
C:\WINDOWS\system32\Z1
C:\WINDOWS\system32\Z3
C:\WINDOWS\system32\Z3\wr73.exe
C:\WINDOWS\system32\Z5
C:\WINDOWS\system32\Z7
C:\WINDOWS\system32\Z9


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_NETWORK_MONITOR
-------\LEGACY_VSPF
-------\core
-------\nm


((((((((((((((((((((((((( Files Created from 2007-06-18 to 2007-07-18 )))))))))))))))))))))))))))))))


2007-07-18 14:46 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-18 00:30 <DIR> d-------- C:\DOCUME~1\ALEXRI~1\APPLIC~1\Opera
2007-07-16 22:59 <DIR> d-------- C:\Program Files\Trend Micro
2007-07-16 15:03 <DIR> d-------- C:\WINDOWS\system32\Panda Software
2007-07-16 14:59 <DIR> d-------- C:\DOCUME~1\ALEXRI~1\.housecall6.6
2007-07-16 02:18 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-07-16 02:07 <DIR> d-------- C:\WINDOWS\system32\b02FdUe
2007-07-16 02:06 172,032 --a------ C:\WINDOWS\system32\dbwogkj.dll
2007-07-16 02:06 <DIR> d-------- C:\WINDOWS\system32\Z11
2007-07-16 02:06 <DIR> d-------- C:\WINDOWS\system32\driver
2007-07-16 02:06 <DIR> d-------- C:\temp\0c2
2007-07-16 02:05 <DIR> d-------- C:\WINDOWS\system32\b10FdUe
2007-07-16 02:05 <DIR> d-------- C:\temp\brr
2007-07-12 14:54 106,496 --a------ C:\WINDOWS\system32\atl71.dll
2007-07-02 22:58 <DIR> d-------- C:\Program Files\SymNetDrv
2007-06-29 23:03 <DIR> d-------- C:\DOCUME~1\ALEXRI~1\APPLIC~1\Uniblue
2007-06-29 22:37 <DIR> d-------- C:\DOCUME~1\ALEXRI~1\APPLIC~1\ArcSoft
2007-06-28 13:52 0 --a------ C:\WINDOWS\system32\akqjpffc.dll
2007-06-27 13:47 0 --a------ C:\WINDOWS\system32\ntdeiaak.dll
2007-06-24 12:23 0 --a------ C:\WINDOWS\system32\wiinqpmr.exe
2007-06-22 23:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Digital Anarchy
2007-06-19 13:30 55 --a------ C:\WINDOWS\system32\swfDShare.dll
2007-06-19 13:30 <DIR> d-------- C:\Program Files\WinSWF Extractor
2007-06-19 13:21 <DIR> d-------- C:\Program Files\Save Flash
2007-06-18 00:29 <DIR> d-------- C:\DOCUME~1\ALEXRI~1\APPLIC~1\Viewpoint


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-18 05:07:19 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\MSN6
2007-07-16 04:04:31 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\Xfire
2007-07-16 03:56:14 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-15 05:54:25 -------- d-----w C:\Program Files\Blaze Media Pro
2007-07-06 21:04:08 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\gtk-2.0
2007-07-06 20:28:51 -------- d-----w C:\Program Files\Warcraft III
2007-07-03 05:09:07 -------- d-----w C:\Program Files\Norton AntiVirus
2007-07-03 05:09:05 -------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-07-03 05:00:21 -------- d-----w C:\Program Files\Symantec
2007-06-30 19:52:03 -------- d-s---w C:\Program Files\Xfire
2007-06-17 04:50:12 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\MSNInstaller
2007-06-15 19:56:09 -------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-06-14 05:38:24 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\Lavasoft
2007-06-14 03:27:36 -------- d-----w C:\Program Files\Windows Live Safety Center
2007-06-02 22:10:59 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\Apple Computer
2007-06-02 22:09:05 -------- d-----w C:\Program Files\QuickTime
2007-05-31 15:33:47 -------- d-----w C:\Program Files\Google
2007-05-23 01:08:04 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\MayaWebBrowser
2007-05-22 19:24:11 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\U3
2007-05-22 19:13:36 -------- d-----w C:\Program Files\Autodesk
2007-05-21 03:07:40 -------- d-----w C:\Program Files\Alias
2007-05-21 02:56:51 -------- d-----w C:\Program Files\Common Files\Alias Shared
2007-05-19 23:51:28 -------- d-----w C:\Program Files\WinISO
2007-05-18 23:21:55 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\muvee Technologies
2007-05-18 23:11:41 50 ----a-w C:\AUTOEXEC.BAT
2007-05-18 23:11:21 -------- d-----w C:\Program Files\muvee Technologies
2007-05-18 23:11:14 -------- d-----w C:\Program Files\Common Files\muvee Technologies
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-08 03:39:31 54,192 ----a-w C:\DOCUME~1\ALEXRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-05-05 23:11:56 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-05-05 04:55:09 305 ----a-w C:\WINDOWS\EReg515.dat
2007-04-30 00:41:53 6,424 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-04-30 00:41:49 88 --sh--r C:\WINDOWS\system32\9BCB845D0F.sys
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2006-06-28 05:48:06 17,904,496 ----a-w C:\Program Files\GoogleEarthWinProSetup.exe
2005-07-29 22:24:26 472 --sha-r C:\WINDOWS\QWxleCBSaWRlb3V0\kqU5yF1muql5vapX.vbs
2007-01-09 05:21:47 56 --sh--r C:\WINDOWS\system32\0F5D84CB9B.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-12-18 05:16 59032 --a------ C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 01:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5AB43BC0-69F1-4F46-90F6-57B4E14AB434}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78510641-cdf7-44c6-a915-110ebf9d1f8b}]
2007-07-16 02:06 172032 --a------ C:\WINDOWS\system32\dbwogkj.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2007-05-31 00:01 2554944 -ra------ c:\program files\google\googletoolbar1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
2007-05-31 00:01 325048 --a------ C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
2005-10-19 12:54 218736 --a------ C:\Program Files\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
2006-02-22 18:00 94208 --a------ c:\Program Files\BAE\BAE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 17:48]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 22:30 C:\WINDOWS\stsystra.exe]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 15:19]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 09:44]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 09:44]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"tgcmd"="C:\Program Files\Support.com\bin\tgcmd.exe" [2005-06-21 11:05]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-09-13 21:36]
"WheelMouse"="Amoumain.exe" []
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 16:16]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-02-10 23:59]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 17:32]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-07-02 22:58]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2006-01-24 11:37]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-03 16:44]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24]
"Sen"="C:\PROGRA~1\YMANTE~1\notepad.exe" []
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 21:05]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\WINDOWS\Web\Wallpaper\Azul.jpg
FriendlyName=

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Alex Rideout^Start Menu^Programs^Startup^eCalendar.lnk]
path=C:\Documents and Settings\Alex Rideout\Start Menu\Programs\Startup\eCalendar.lnk
backup=C:\WINDOWS\pss\eCalendar.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Alex Rideout^Start Menu^Programs^Startup^Wallpaper Changer.lnk]
path=C:\Documents and Settings\Alex Rideout\Start Menu\Programs\Startup\Wallpaper Changer.lnk
backup=C:\WINDOWS\pss\Wallpaper Changer.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Alex Rideout^Start Menu^Programs^Startup^Xfire.lnk]
path=C:\Documents and Settings\Alex Rideout\Start Menu\Programs\Startup\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UWAS7_0001_N91M2703]
"C:\Program Files\poolsv\WinAntiSpyware2007FreeInstall.exe" -nag

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\poolsv]
"C:\WINDOWS\poolsv.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpyEraser]
"C:\Program Files\SpyEraser\SpyEraser.exe" -m

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebBuying]
C:\Program Files\Web Buying\v1.7.8\webbuying.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPop]
C:\Program Files\WinPop\winpop.exe


Contents of the 'Scheduled Tasks' folder
2006-07-31 20:33:45 C:\WINDOWS\tasks\Critical Battery Alarm Program.job
2006-09-07 03:33:04 C:\WINDOWS\tasks\Low Battery Alarm Program.job
2007-07-18 20:35:35 C:\WINDOWS\tasks\MP Scheduled Scan.job
2007-07-14 02:00:43 C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Alex Rideout.job
2007-07-18 22:06:27 C:\WINDOWS\tasks\Time Only Knows (Shortened).job
2007-07-11 01:20:01 C:\WINDOWS\tasks\Uniblue SpyEraser Nag.job
2007-06-30 19:52:02 C:\WINDOWS\tasks\Uniblue SpyEraser.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-18 16:07:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet004\Services\maya70docserver]
"ImagePath"="\"C:\Program Files\Alias\Maya7.0\docs\wrapper.exe\" -s \"C:\Program Files\Alias\Maya7.0\docs\Wrapper.conf\""

[HKEY_LOCAL_MACHINE\system\ControlSet004\Services\mple7docserver]
"ImagePath"="\"C:\Program Files\MAYA\Maya 7.0 Personal Learning Edition\docs\wrapper.exe\" -s \"C:\Program Files\MAYA\Maya 7.0 Personal Learning Edition\docs\Wrapper.conf\""

Completion time: 2007-07-18 16:08:59 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-18 16:08

--- E O F ---


AVG ANTISPYWARE:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:55:52 PM 7/18/2007

+ Scan result:



C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP430\A0048398.dll -> Adware.AdProtect : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053246.exe -> Adware.Agent : Error during cleaning.
HKLM\SOFTWARE\Classes\CLSID\{C65C3770-598C-A2FD-DBAA-C7A45C50338E} -> Adware.Generic : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053215.dll -> Adware.PurityScan : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053216.dll -> Adware.PurityScan : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP443\A0055296.exe -> Adware.PurityScan : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP443\A0056283.dll -> Adware.PurityScan : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057353.exe -> Adware.PurityScan : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057354.dll -> Adware.PurityScan : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057489.exe -> Adware.PurityScan : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP406\A0040852.exe -> Adware.Rond : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP434\A0052625.exe -> Adware.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP418\A0044597.exe -> Adware.SystemDoctor : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\xxyxwtr.dll.vir -> Adware.Virtumonde : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP422\A0044793.dll -> Adware.Virtumonde : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046245.exe/crack.exe -> Adware.Virtumonde : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046265.exe -> Adware.Virtumonde : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046266.exe -> Adware.Virtumonde : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057459.dll -> Adware.Virtumonde : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP409\A0041023.dll -> Adware.WebHancer : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP409\A0041024.exe -> Adware.WebHancer : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP416\A0041670.exe -> Downloader.Agent.bls : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP418\A0044584.exe -> Downloader.Agent.bls : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP418\A0044627.exe -> Downloader.Agent.bls : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP438\A0053210.exe -> Downloader.Agent.bls : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053217.exe -> Downloader.Agent.bls : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053218.exe -> Downloader.Agent.bls : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053219.exe -> Downloader.Agent.bls : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP441\A0054258.exe -> Downloader.Agent.bls : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP442\A0055259.exe -> Downloader.Agent.bls : Error during cleaning.
C:\WINDOWS\retadpu77.exe.tmp -> Downloader.Agent.bls : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP405\A0040734.exe -> Downloader.Agent.brf : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP428\A0048357.exe -> Downloader.Alphabet : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP428\A0048366.exe -> Downloader.Alphabet.c : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP433\A0049628.exe -> Downloader.Alphabet.f : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\mgrs.exe.vir -> Downloader.Alphabet.h : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057422.exe -> Downloader.Alphabet.h : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046245.exe/keygen.exe -> Downloader.LoadAdv : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046256.exe -> Downloader.LoadAdv : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP418\A0044585.exe -> Downloader.PurityScan : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP405\A0040736.exe -> Downloader.PurityScan.eg : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP405\A0040779.exe -> Downloader.PurityScan.eg : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053243.exe -> Downloader.PurityScan.eg : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP405\A0040735.exe -> Downloader.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP406\A0040873.exe -> Downloader.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP410\A0041052.exe -> Downloader.Small.buy : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046257.exe -> Downloader.Small.eqn : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046258.exe -> Downloader.Small.eqn : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\aoftvipj.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\ccwespmv.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\igqwbnqs.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\jdnklhfn.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\jxpqhnbf.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\kvjcyutb.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\mbbmgdgg.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\pnmhtskq.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\pxibymum.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\skxxirui.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\tkkswlhc.exe.vir -> Downloader.Tiny.id : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP421\A0044684.exe -> Downloader.Tiny.id : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057427.exe -> Downloader.Tiny.id : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057428.exe -> Downloader.Tiny.id : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057429.exe -> Downloader.Tiny.id : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057430.exe -> Downloader.Tiny.id : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057431.exe -> Downloader.Tiny.id : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057432.exe -> Downloader.Tiny.id : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057433.exe -> Downloader.Tiny.id : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057434.exe -> Downloader.Tiny.id : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057435.exe -> Downloader.Tiny.id : Error during cleaning.
C:\WINDOWS\system32\b02FdUe\b02FdUe1065.exe -> Downloader.VB.awj : Error during cleaning.
C:\WINDOWS\system32\b10FdUe\b10FdUe1099.exe -> Downloader.VB.awj : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP406\A0040804.exe -> Downloader.VB.aya : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP406\A0040874.exe -> Downloader.VB.aya : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP416\A0041671.exe -> Dropper.Agent.bfr : Error during cleaning.
C:\QooBox\Quarantine\C\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe~.vir -> Not-A-Virus.Downloader.Win32.WinFixer.x : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046164.exe -> Not-A-Virus.Downloader.Win32.WinFixer.x : Error during cleaning.
:mozilla.269:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.247realmedia : Error during cleaning.
:mozilla.173:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.174:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.175:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.176:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.177:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.178:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.219:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.220:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.319:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.346:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.388:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.392:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.419:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.441:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.459:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.494:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
:mozilla.513:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@electronicarts.112.2o7[1].txt -> TrackingCookie.2o7 : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@pch.122.2o7[1].txt -> TrackingCookie.2o7 : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@aavalue[2].txt -> TrackingCookie.Aavalue : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@arn.aavalue[1].txt -> TrackingCookie.Aavalue : Error during cleaning.
:mozilla.113:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.232:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.36:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.39:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.40:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.41:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.42:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.43:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.543:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
:mozilla.544:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@2.adbrite[2].txt -> TrackingCookie.Adbrite : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@3.adbrite[2].txt -> TrackingCookie.Adbrite : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Error during cleaning.
:mozilla.282:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adengage : Error during cleaning.
:mozilla.200:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.201:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.202:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.203:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.204:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.205:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
:mozilla.206:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@adrevolver[1].txt -> TrackingCookie.Adrevolver : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@advertising[1].txt -> TrackingCookie.Advertising : Error during cleaning.
:mozilla.151:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Atdmt : Error during cleaning.
:mozilla.70:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Atdmt : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@atdmt[2].txt -> TrackingCookie.Atdmt : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Error during cleaning.
:mozilla.314:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Burstnet : Error during cleaning.
:mozilla.682:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Burstnet : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@burstnet[1].txt -> TrackingCookie.Burstnet : Error during cleaning.
:mozilla.60:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.62:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.63:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.64:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Casalemedia : Error during cleaning.
:mozilla.597:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickhype : Error during cleaning.
:mozilla.335:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickzs : Error during cleaning.
:mozilla.336:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickzs : Error during cleaning.
:mozilla.337:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickzs : Error during cleaning.
:mozilla.338:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickzs : Error during cleaning.
:mozilla.187:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.213:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Cpvfeed : Error during cleaning.
:mozilla.216:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Cpvfeed : Error during cleaning.
:mozilla.217:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Cpvfeed : Error during cleaning.
:mozilla.218:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Cpvfeed : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Error during cleaning.
:mozilla.150:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Doubleclick : Error during cleaning.
:mozilla.27:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Doubleclick : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@doubleclick[1].txt -> TrackingCookie.Doubleclick : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@enhance[1].txt -> TrackingCookie.Enhance : Error during cleaning.
:mozilla.355:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Esomniture : Error during cleaning.
:mozilla.284:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Euroclick : Error during cleaning.
:mozilla.285:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Euroclick : Error during cleaning.
:mozilla.286:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Euroclick : Error during cleaning.
:mozilla.140:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.141:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.142:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.145:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.146:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.147:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
:mozilla.148:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@fastclick[1].txt -> TrackingCookie.Fastclick : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@findwhat[1].txt -> TrackingCookie.Findwhat : Error during cleaning.
:mozilla.689:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Googleadservices : Error during cleaning.
:mozilla.385:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Hotlog : Error during cleaning.
:mozilla.47:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Imrworldwide : Error during cleaning.
:mozilla.48:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Imrworldwide : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@searchportal.information[1].txt -> TrackingCookie.Information : Error during cleaning.
:mozilla.655:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.656:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.657:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Liveperson : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Error during cleaning.
:mozilla.621:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Masterstats : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@image.masterstats[1].txt -> TrackingCookie.Masterstats : Error during cleaning.
:mozilla.28:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Mediaplex : Error during cleaning.
:mozilla.29:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Mediaplex : Error during cleaning.
:mozilla.7:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Netflame : Error during cleaning.
:mozilla.8:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Netflame : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Error during cleaning.
:mozilla.464:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Overture : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@overture[2].txt -> TrackingCookie.Overture : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@perf.overture[1].txt -> TrackingCookie.Overture : Error during cleaning.
:mozilla.700:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Paypal : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@www.paypal[1].txt -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.287:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.288:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.289:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
:mozilla.290:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Pointroll : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@pro-market[2].txt -> TrackingCookie.Pro-market : Error during cleaning.
:mozilla.478:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Questionmarket : Error during cleaning.
:mozilla.479:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Questionmarket : Error during cleaning.
:mozilla.490:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.491:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.492:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.493:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Realmedia : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@realmedia[2].txt -> TrackingCookie.Realmedia : Error during cleaning.
:mozilla.263:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Reliablestats : Error during cleaning.
:mozilla.264:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Reliablestats : Error during cleaning.
:mozilla.265:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Reliablestats : Error during cleaning.
:mozilla.266:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Reliablestats : Error during cleaning.
:mozilla.267:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Reliablestats : Error during cleaning.
:mozilla.191:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.192:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.193:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.194:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.195:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.196:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@revsci[2].txt -> TrackingCookie.Revsci : Error during cleaning.
:mozilla.356:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Ru4 : Error during cleaning.
:mozilla.313:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.504:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.505:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.506:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.507:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.508:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Error during cleaning.
:mozilla.712:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Smartadserver : Error during cleaning.
:mozilla.713:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Smartadserver : Error during cleaning.
:mozilla.714:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Smartadserver : Error during cleaning.
:mozilla.128:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.129:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.130:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.131:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.132:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.133:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.134:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.135:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.136:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.137:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.138:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.139:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@specificclick[2].txt -> TrackingCookie.Specificclick : Error during cleaning.
:mozilla.78:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.80:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.81:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.82:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.84:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.85:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.86:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
:mozilla.87:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@tacoda[2].txt -> TrackingCookie.Tacoda : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Error during cleaning.
:mozilla.240:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.241:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.242:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.243:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.244:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.245:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.246:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.247:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Error during cleaning.
:mozilla.572:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafic : Error during cleaning.
:mozilla.83:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.89:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tribalfusion : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Error during cleaning.
:mozilla.625:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Webtrends : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@m.webtrends[2].txt -> TrackingCookie.Webtrends : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@yadro[1].txt -> TrackingCookie.Yadro : Error during cleaning.
:mozilla.121:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.122:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.123:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.124:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
:mozilla.125:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@zedo[2].txt -> TrackingCookie.Zedo : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP419\A0044628.exe -> Trojan.Agent.aoy : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP420\A0044645.exe -> Trojan.Agent.aoy : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046270.exe -> Trojan.BHO.bj : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-139ff419.zip/Dex.class -> Trojan.ClassLoader.g : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-139ff419.zip/Dix.class -> Trojan.ClassLoader.g : Error during cleaning.
C:\Documents and Settings\Alex Rideout\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-139ff419.zip/Dux.class -> Trojan.ClassLoader.g : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\syswin.exe.vir -> Trojan.Small : Error during cleaning.
C:\QooBox\Quarantine\C\WINDOWS\system32\wnsapiit.exe.vir -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP405\A0040775.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP410\A0041049.vbs -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP412\A0041457.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP433\A0050624.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP436\A0052697.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP436\A0052724.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP438\A0053156.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP440\A0053261.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP441\A0054266.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP441\A0055255.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP442\A0055293.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP442\A0055295.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP443\A0055297.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP443\A0056293.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP443\A0056327.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP444\A0057339.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP444\A0057352.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057396.exe -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057424.exe -> Trojan.Small : Error during cleaning.
C:\WINDOWS\QWxleCBSaWRlb3V0\kqU5yF1muql5vapX.vbs -> Trojan.Small : Error during cleaning.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP406\A0040851.exe -> Trojan.Small.oa : Error during cleaning.


::Report end

Also, I don't know if it appears in these logs, but I found a file in program files labeled poolsv, and knowing that it was a virus, I deleted it. This file was also set to run at system startup and so I also unchecked it so it would not open upon restart.

Thank you again,
~AJR3

#6 YounGun

YounGun

    The malware-fighting kid


  • Members
  • 244 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Romania, Bucharest
  • Local time:11:33 PM

Posted 19 July 2007 - 02:33 AM

Boot into Safe Mode and perform the AVG scan as instructed above. Make sure you have the actions set to "Quarantine"

#7 AJR3

AJR3
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Colorado, USA
  • Local time:05:33 PM

Posted 20 July 2007 - 01:24 PM

Hi YounGun,

Even though I set it to quarantine all items, when the scan completed, it showed that some of the items where going to be deleted (all the tracking cookies). When I clicked on the thing that tells what action will be performed on that object, a list comes up that says "quarantine, Delete, Ignore..." though the quarantine option is grayed out and I can't select it. Some of the things could not be quarantined because they were imbedded in an archive. One of these items was in the Java Archive and I decided I probably shouldn't mess with it...

Here is the AVG AntiSpyware log:


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:08:47 PM 7/20/2007

+ Scan result:



C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP430\A0048398.dll -> Adware.AdProtect : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053246.exe -> Adware.Agent : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{C65C3770-598C-A2FD-DBAA-C7A45C50338E} -> Adware.Generic : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053215.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053216.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP443\A0055296.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP443\A0056283.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057353.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057354.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057489.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP434\A0052625.exe -> Adware.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP418\A0044597.exe -> Adware.SystemDoctor : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\xxyxwtr.dll.vir -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP422\A0044793.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046245.exe/crack.exe -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046265.exe -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046266.exe -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057459.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP409\A0041023.dll -> Adware.WebHancer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP409\A0041024.exe -> Adware.WebHancer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP416\A0041670.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP418\A0044584.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP418\A0044627.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP438\A0053210.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053217.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053218.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053219.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP441\A0054258.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP442\A0055259.exe -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\WINDOWS\retadpu77.exe.tmp -> Downloader.Agent.bls : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP428\A0048357.exe -> Downloader.Alphabet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP428\A0048366.exe -> Downloader.Alphabet.c : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP433\A0049628.exe -> Downloader.Alphabet.f : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\mgrs.exe.vir -> Downloader.Alphabet.h : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057422.exe -> Downloader.Alphabet.h : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046245.exe/keygen.exe -> Downloader.LoadAdv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046256.exe -> Downloader.LoadAdv : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP418\A0044585.exe -> Downloader.PurityScan : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP439\A0053243.exe -> Downloader.PurityScan.eg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP410\A0041052.exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046257.exe -> Downloader.Small.eqn : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046258.exe -> Downloader.Small.eqn : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\aoftvipj.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\ccwespmv.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\igqwbnqs.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\jdnklhfn.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\jxpqhnbf.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\kvjcyutb.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\mbbmgdgg.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\pnmhtskq.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\pxibymum.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\skxxirui.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\tkkswlhc.exe.vir -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP421\A0044684.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057427.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057428.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057429.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057430.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057431.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057432.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057433.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057434.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057435.exe -> Downloader.Tiny.id : Cleaned with backup (quarantined).
C:\WINDOWS\system32\b02FdUe\b02FdUe1065.exe -> Downloader.VB.awj : Cleaned with backup (quarantined).
C:\WINDOWS\system32\b10FdUe\b10FdUe1099.exe -> Downloader.VB.awj : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP416\A0041671.exe -> Dropper.Agent.bfr : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe~.vir -> Not-A-Virus.Downloader.Win32.WinFixer.x : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046164.exe -> Not-A-Virus.Downloader.Win32.WinFixer.x : Cleaned with backup (quarantined).
:mozilla.591:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.171:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.172:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.179:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.180:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.181:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.182:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.183:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.184:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.185:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.186:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.369:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.521:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.544:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.632:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.659:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.701:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.705:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.727:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.762:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.776:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.790:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@electronicarts.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@pch.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@arn.aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.169:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.36:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.37:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.52:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.555:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.69:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.70:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.71:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.72:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.73:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.74:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.75:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.820:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.821:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@2.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@3.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.604:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.241:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.243:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adobe : Cleaned.
:mozilla.280:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.281:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.282:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.283:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.284:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.285:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.286:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.383:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.133:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.518:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.134:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.212:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.627:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.929:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.465:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.467:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.468:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.469:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.244:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.864:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.648:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.649:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.650:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.651:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.529:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.92:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.95:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.96:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.97:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.517:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.99:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
:mozilla.668:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.606:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.607:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.608:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.359:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.360:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.361:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.362:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.363:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.364:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.365:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.366:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
:mozilla.152:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.935:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.238:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.698:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.310:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.311:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@searchportal.information[1].txt -> TrackingCookie.Information : Cleaned.
:mozilla.188:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.189:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.190:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.163:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.167:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.168:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.905:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.906:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.877:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.434:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.435:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.448:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.449:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.147:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@www.paypal[1].txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.208:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.209:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.210:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.211:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@pro-market[2].txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.353:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.355:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.378:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.379:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.380:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.381:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.382:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.585:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.586:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.587:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.588:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.589:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.533:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.534:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.535:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.536:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.537:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.538:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.669:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.344:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.345:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.346:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.347:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.348:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.349:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.439:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.440:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.443:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.444:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.445:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.446:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.509:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.510:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.511:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.512:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.513:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.124:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.125:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.126:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.127:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.420:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.421:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.422:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.423:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.424:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.482:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.484:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.563:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.564:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.565:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.566:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.567:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.568:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.569:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.570:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.843:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.135:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.136:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.296:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.100:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.101:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.103:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.104:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.105:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.106:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.107:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.386:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.387:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.388:C:\Documents and Settings\Alex Rideout\Application Data\Mozilla\Firefox\Profiles\yiwe2y9j.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Alex Rideout\Cookies\alex_rideout@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP419\A0044628.exe -> Trojan.Agent.aoy : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP420\A0044645.exe -> Trojan.Agent.aoy : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP423\A0046270.exe -> Trojan.BHO.bj : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex Rideout\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-139ff419.zip/Dex.class -> Trojan.ClassLoader.g : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex Rideout\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-139ff419.zip/Dix.class -> Trojan.ClassLoader.g : Cleaned with backup (quarantined).
C:\Documents and Settings\Alex Rideout\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-997dd73-139ff419.zip/Dux.class -> Trojan.ClassLoader.g : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\syswin.exe.vir -> Trojan.Small : Cleaned with backup (quarantined).
C:\QooBox\Quarantine\C\WINDOWS\system32\wnsapiit.exe.vir -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP410\A0041049.vbs -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP412\A0041457.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP433\A0050624.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP436\A0052697.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP436\A0052724.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP438\A0053156.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP440\A0053261.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP441\A0054266.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP441\A0055255.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP442\A0055293.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP442\A0055295.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP443\A0055297.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP443\A0056293.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP443\A0056327.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP444\A0057339.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP444\A0057352.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057396.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP445\A0057424.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\QWxleCBSaWRlb3V0\kqU5yF1muql5vapX.vbs -> Trojan.Small : Cleaned with backup (quarantined).


::Report end

Thank you for all your help,
~AJR3


I am leaving tomorrow (June 21) at about 8:00 AM USA Mountain time, and will be gone until August 4, so I won't reply for quite a while.

#8 YounGun

YounGun

    The malware-fighting kid


  • Members
  • 244 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Romania, Bucharest
  • Local time:11:33 PM

Posted 21 July 2007 - 02:25 PM

Ok, have a wonderful time :thumbsup:

Please reply to this thread when you get back

#9 AJR3

AJR3
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Colorado, USA
  • Local time:05:33 PM

Posted 04 August 2007 - 11:52 PM

Thank you, I did have a great time. :thumbsup: I got to see my grandparents and went to the beach and saw the USS Constitution as well as a variety of other things. I am back now and thanks for waiting

~AJR3

#10 YounGun

YounGun

    The malware-fighting kid


  • Members
  • 244 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Romania, Bucharest
  • Local time:11:33 PM

Posted 08 August 2007 - 08:50 AM

Great :thumbsup: Please run combofix again and post the log. Also do a new hijackthis log and post it.

#11 AJR3

AJR3
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Location:Colorado, USA
  • Local time:05:33 PM

Posted 03 September 2007 - 07:33 PM

Hi YounGun, sorry that it has been so long for me to reply... to tell the truth, I actually almost completely forgot about this. (Not sure if it is worth noting, but I have recently obtained a 250 GB external Hard Drive and it is plugged into my computer now...)

well, here is the ComboFix log:

"Alex Rideout" - 2007-09-03 15:55:22 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2007-08-03 to 2007-09-03 )))))))))))))))))))))))))))))))


2007-08-29 07:00 <DIR> d-------- C:\WINDOWS\LastGood
2007-08-14 13:42 2,463,976 --a------ C:\WINDOWS\system32\NPSWF32.dll
2007-08-14 13:42 190,696 --a------ C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2007-08-13 20:50 <DIR> d-------- C:\Video Recordings
2007-08-13 20:21 <DIR> d-------- C:\DOCUME~1\ALEXRI~1\APPLIC~1\FastStone
2007-08-10 03:47 <DIR> d-------- C:\Program Files\Microsoft Kids
2007-08-08 23:49 <DIR> d-------- C:\Program Files\YouTube Downloader


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-09-01 00:34:14 -------- d-----w C:\Program Files\Blaze Media Pro
2007-08-31 23:24:52 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\MSN6
2007-08-31 02:31:04 -------- d-----w C:\Program Files\Warcraft III
2007-08-25 21:59:29 -------- d-----w C:\Program Files\Google
2007-08-25 15:20:54 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\gtk-2.0
2007-08-08 16:20:30 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-31 01:19:42 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-31 01:19:36 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-31 01:19:32 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-31 01:19:28 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-31 01:19:20 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-31 01:19:16 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-31 01:19:12 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-31 01:19:10 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-07-31 01:19:04 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
2007-07-31 01:18:40 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-20 06:03:44 -------- d-----w C:\Program Files\Trapcode
2007-07-20 05:43:57 -------- d-----w C:\Program Files\Bonjour
2007-07-20 05:33:24 -------- d-----w C:\Program Files\Common Files\Macrovision Shared
2007-07-18 06:30:39 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\Opera
2007-07-17 04:59:37 -------- d-----w C:\Program Files\Trend Micro
2007-07-16 08:06:55 172,032 ----a-w C:\WINDOWS\system32\dbwogkj.dll
2007-07-16 04:04:31 -------- d-----w C:\DOCUME~1\ALEXRI~1\APPLIC~1\Xfire
2007-07-12 00:00:38 0 ----a-w C:\WINDOWS\system32\ntdeiaak.dll
2007-07-05 07:43:19 0 ----a-w C:\WINDOWS\system32\akqjpffc.dll
2007-07-03 05:09:07 -------- d-----w C:\Program Files\Norton AntiVirus
2007-07-03 05:09:05 -------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-07-03 05:00:21 -------- d-----w C:\Program Files\Symantec
2007-07-03 04:58:57 -------- d-----w C:\Program Files\SymNetDrv
2007-06-27 23:52:05 0 ----a-w C:\WINDOWS\system32\wiinqpmr.exe
2007-06-26 06:08:16 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
2007-06-19 19:30:58 55 ----a-w C:\WINDOWS\system32\swfDShare.dll
2007-06-19 13:31:19 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-06-17 06:11:58 51,200 ----a-w C:\WINDOWS\nircmd.exe
2007-06-13 10:23:07 1,033,216 ----a-w C:\WINDOWS\explorer.exe
2007-05-08 03:39:31 54,192 ----a-w C:\DOCUME~1\ALEXRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT
2006-06-28 05:48:06 17,904,496 ----a-w C:\Program Files\GoogleEarthWinProSetup.exe
2007-01-09 05:21:47 56 --sh--r C:\WINDOWS\system32\0F5D84CB9B.sys
2007-04-30 00:41:49 88 --sh--r C:\WINDOWS\system32\9BCB845D0F.sys
2007-04-30 00:41:53 6,424 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 01:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5AB43BC0-69F1-4F46-90F6-57B4E14AB434}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78510641-cdf7-44c6-a915-110ebf9d1f8b}]
2007-07-16 02:06 172032 --a------ C:\WINDOWS\system32\dbwogkj.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2007-05-31 00:01 2554944 -ra------ c:\program files\google\googletoolbar1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
2007-08-18 21:44 654832 --a------ C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
2005-10-19 12:54 218736 --a------ C:\Program Files\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
2006-02-22 18:00 94208 --a------ c:\Program Files\BAE\BAE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 17:48]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 22:30 C:\WINDOWS\stsystra.exe]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 15:19]
"ISUSPM Startup"="c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 09:44]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 09:44]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"tgcmd"="C:\Program Files\Support.com\bin\tgcmd.exe" [2005-06-21 11:05]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-09-13 21:36]
"WheelMouse"="Amoumain.exe" []
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 16:16]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-02-10 23:59]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 17:32]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-07-02 22:58]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2006-01-24 11:37]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-03 16:44]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 21:05]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\WINDOWS\Web\Wallpaper\Azul.jpg
FriendlyName=

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Alex Rideout^Start Menu^Programs^Startup^eCalendar.lnk]
path=C:\Documents and Settings\Alex Rideout\Start Menu\Programs\Startup\eCalendar.lnk
backup=C:\WINDOWS\pss\eCalendar.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Alex Rideout^Start Menu^Programs^Startup^Wallpaper Changer.lnk]
path=C:\Documents and Settings\Alex Rideout\Start Menu\Programs\Startup\Wallpaper Changer.lnk
backup=C:\WINDOWS\pss\Wallpaper Changer.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Alex Rideout^Start Menu^Programs^Startup^Xfire.lnk]
path=C:\Documents and Settings\Alex Rideout\Start Menu\Programs\Startup\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UWAS7_0001_N91M2703]
"C:\Program Files\poolsv\WinAntiSpyware2007FreeInstall.exe" -nag

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\poolsv]
"C:\WINDOWS\poolsv.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpyEraser]
"C:\Program Files\SpyEraser\SpyEraser.exe" -m

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebBuying]
C:\Program Files\Web Buying\v1.7.8\webbuying.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPop]
C:\Program Files\WinPop\winpop.exe


Contents of the 'Scheduled Tasks' folder
2006-07-31 20:33:45 C:\WINDOWS\tasks\Critical Battery Alarm Program.job
2006-09-07 03:33:04 C:\WINDOWS\tasks\Low Battery Alarm Program.job
2007-09-03 00:20:13 C:\WINDOWS\tasks\MP Scheduled Scan.job
2007-09-01 04:08:05 C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Alex Rideout.job
2007-08-29 01:39:15 C:\WINDOWS\tasks\Time Only Knows (Shortened).job
2007-08-30 01:20:00 C:\WINDOWS\tasks\Uniblue SpyEraser Nag.job
2007-06-30 19:52:02 C:\WINDOWS\tasks\Uniblue SpyEraser.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-03 15:59:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet004\Services\maya70docserver]
"ImagePath"="\"C:\Program Files\Alias\Maya7.0\docs\wrapper.exe\" -s \"C:\Program Files\Alias\Maya7.0\docs\Wrapper.conf\""

[HKEY_LOCAL_MACHINE\system\ControlSet004\Services\mple7docserver]
"ImagePath"="\"C:\Program Files\MAYA\Maya 7.0 Personal Learning Edition\docs\wrapper.exe\" -s \"C:\Program Files\MAYA\Maya 7.0 Personal Learning Edition\docs\Wrapper.conf\""

Completion time: 2007-09-03 16:00:47
C:\ComboFix-quarantined-files.txt ... 2007-09-03 16:00
C:\ComboFix2.txt ... 2007-07-18 16:08

--- E O F ---




...and the HijakThis log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:31:29 PM, on 9/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE
C:\Program Files\MSN\MSNCoreFiles\MSN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5AB43BC0-69F1-4F46-90F6-57B4E14AB434} - \
O2 - BHO: (no name) - {78510641-cdf7-44c6-a915-110ebf9d1f8b} - C:\WINDOWS\system32\dbwogkj.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [WheelMouse] Amoumain.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLaunc...iveLauncher.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1181936111500
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Maya 7.0 Documentation Server (maya70docserver) - Unknown owner - C:\Program Files\Alias\Maya7.0\docs\wrapper.exe (file missing)
O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\MAYA\Maya 7.0 Personal Learning Edition\docs\wrapper.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE (file missing)
O24 - Desktop Component 0: (no name) - C:\WINDOWS\Web\Wallpaper\Azul.jpg

--
End of file - 9743 bytes



Once again, sorry to have not gotten back to you for so long (about a month?)

Thank you for your help,
~AJR3




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users