Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hjt Log: Massive Slowdown And Mysterious Installer


  • Please log in to reply
7 replies to this topic

#1 Kaidyn

Kaidyn

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 26 August 2007 - 02:53 PM

My computer is going much slower than usual.

Also whenever Windows starts (when I start the computer, when I log onto a different account) a Windows Installer for "InstantShare" pops-up, and when you attempt to "x" it off, it starts up about 73 processes until you control alt del it.

Here's my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:52:13 PM, on 8/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\CTHELPER.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\utilman.exe
C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\explorer.exe
C:\Marvel\Puppies.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.java.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: (no name) - {C17590D2-ECB4-4b15-8820-F58798DCC118} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 6218 bytes

BC AdBot (Login to Remove)

 


#2 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 03 September 2007 - 10:52 AM

Welcome to the BleepingComputer HijackThis Logs and Analysis forum Kaidyn :flowers:
My name is Richie and i'll be helping you to fix your problems.

Apologies for the late reply :thumbsup:
If you still require help,please post a new Hijackthis log into your next reply.
Posted Image
Posted Image

#3 Kaidyn

Kaidyn
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 03 September 2007 - 12:32 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:30:35 PM, on 9/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\progra~1\azureus\Azureus.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\pexpress\hphped06.exe
C:\WINDOWS\system32\msiexec.exe
C:\Marvel\Puppies.exe
C:\WINDOWS\system32\MsiExec.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.java.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: (no name) - {C17590D2-ECB4-4b15-8820-F58798DCC118} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\RealMedia\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 5826 bytes

#4 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 03 September 2007 - 01:29 PM

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".
This will change from what we know in 2006 read this article:
http://www.clickz.com/news/article.php/3561546

You are well advised to remove the program now.
Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present,then restart your pc:
Viewpoint
Viewpoint Manager
Viewpoint Media Player


Download Combofix and save to your desktop:
Note:
It is important that it is saved directly to your desktop

Close any open browsers.
Double click on combofix.exe and follow the prompts.
When it's finished it will produce a log.
Post the entire contents of C:\ComboFix.txt into your next reply.
Note:
Do not mouseclick combofix's window while it's running.
That may cause the program to freeze/hang.

Do NOT post the ComboFix-quarantined-files.txt unless I ask.

Also post a new Hijackthis log please.
Posted Image
Posted Image

#5 Kaidyn

Kaidyn
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 03 September 2007 - 02:20 PM

New HiJack this log first, because I did it later:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:17:39 PM, on 9/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Marvel\Puppies.exe
C:\WINDOWS\system32\MsiExec.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.java.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: (no name) - {C17590D2-ECB4-4b15-8820-F58798DCC118} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\RealMedia\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 5591 bytes

ComboFix Log
ComboFix 07-09-04.2 - "Parents" 2007-09-03 14:59:55.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.519 [GMT -4:00]
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\qmdispatch.dll


((((((((((((((((((((((((( Files Created from 2007-08-04 to 2007-09-04 )))))))))))))))))))))))))))))))


2007-09-04 15:10 <DIR> d--hs---- C:\found.000
2007-09-03 14:58 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-08-27 00:26 <DIR> d-------- C:\Program Files\Zoom Player
2007-08-26 15:18 <DIR> d-------- C:\Program Files\ToniArts
2007-08-19 02:20 <DIR> d-------- C:\Program Files\Lionhead Studios Ltd
2007-08-19 02:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lionhead Studios
2007-08-11 19:09 <DIR> d-------- C:\binds
2007-08-11 19:08 <DIR> d-------- C:\Program Files\HeroStats
2007-08-06 20:00 <DIR> d-------- C:\DOCUME~1\PARENT~1\APPLIC~1\Webcammax
2007-08-06 14:52 <DIR> d-------- C:\DOCUME~1\Parents\APPLIC~1\Webcammax
2007-08-06 14:51 <DIR> d-------- C:\Program Files\WebcamMax
2007-08-06 14:37 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
2007-08-06 14:37 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-08-06 14:37 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys
2007-08-06 14:37 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-08-06 14:35 31,872 --a------ C:\WINDOWS\system32\drivers\superwebcam.sys
2007-08-05 17:16 <DIR> d-------- C:\Program Files\City of Heroes
2007-08-05 15:45 <DIR> d-------- C:\Program Files\NCSoft
2007-08-05 14:46 <DIR> d-------- C:\Program Files\Dungeon Runners
2007-08-05 14:46 <DIR> d-------- C:\DOCUME~1\Parents\APPLIC~1\GetRightToGo
2007-08-04 01:17 511 --a------ C:\WINDOWS\eReg.dat
2007-08-04 01:15 <DIR> d-------- C:\Program Files\Irrational Games
2007-08-04 01:12 <DIR> d-------- C:\Program Files\DAEMON Tools
2007-08-04 01:08 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-09-03 14:49 --------- d-------- C:\DOCUME~1\Parents\APPLIC~1\Azureus
2007-09-03 14:48 --------- d-------- C:\Program Files\Viewpoint
2007-09-03 14:48 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
2007-08-28 02:43 --------- d-------- C:\Program Files\Azureus
2007-08-27 20:52 --------- d-------- C:\Program Files\Google
2007-08-27 00:28 --------- d-------- C:\Program Files\RealMedia
2007-08-27 00:27 --------- d-------- C:\Program Files\ffdshow
2007-08-26 15:24 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-26 15:03 --------- d-------- C:\Program Files\MegauploadToolbar
2007-08-19 11:52 --------- d-------- C:\DOCUME~1\Parents\APPLIC~1\OpenOffice.org2
2007-08-19 02:31 --------- d-------- C:\DOCUME~1\Parents\APPLIC~1\Lionhead Studios
2007-08-14 03:04 --------- d-------- C:\DOCUME~1\Parents\APPLIC~1\MegauploadToolbar
2007-08-05 00:58 --------- d-------- C:\Program Files\Defcon
2007-08-03 23:32 --------- d-------- C:\Program Files\Diablo II
2007-08-03 23:31 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-29 02:09 --------- d-------- C:\DOCUME~1\Parents\APPLIC~1\Megaupload
2007-07-29 02:08 --------- d-------- C:\Program Files\Megaupload
2007-07-20 19:07 --------- d-------- C:\Program Files\Watanabe-Production and TYPE-MOON
2007-07-17 12:49 --------- d-------- C:\DOCUME~1\Guest\APPLIC~1\Talkback
2007-07-17 12:48 --------- d-------- C:\DOCUME~1\Guest\APPLIC~1\Real
2007-07-06 08:47 --------- d-------- C:\Program Files\QMacro
2007-07-06 04:02 --------- d-------- C:\DOCUME~1\Parents\APPLIC~1\Xfire
2007-07-05 20:15 --------- d-------- C:\Program Files\CDisplay
2007-07-05 02:47 --------- d-------- C:\Program Files\ReferenceManual
2007-07-01 18:06 21840 --a------ C:\WINDOWS\system32\SIntfNT.dll
2007-07-01 18:06 17212 --a------ C:\WINDOWS\system32\SIntf32.dll
2007-07-01 18:06 12067 --a------ C:\WINDOWS\system32\SIntf16.dll
2007-07-01 17:45 94208 --a------ C:\WINDOWS\DIIUnin.exe
2007-07-01 17:45 2829 --a------ C:\WINDOWS\DIIUnin.pif
2007-06-26 02:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-19 09:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-13 06:23 1033216 --a------ C:\WINDOWS\explorer.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-09 15:29]
"nwiz"="nwiz.exe" [2006-03-09 15:29 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-03-09 15:29]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-08-16 09:53]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe" [2004-04-06 06:28]
"HPHUPD06"="C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 00:53]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 13:38]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 00:42]
"TkBellExe"="C:\Program Files\RealMedia\Update_OB\realsched.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WhatPulse"="C:\Program Files\WhatPulse\WhatPulse.exe" [2006-08-21 13:48]
"Aim6"="" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\digital imaging\bin\hpqtra08.exe [2004-05-28 22:31:38]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\digital imaging\bin\hpqthb08.exe [2004-05-28 23:06:36]
NkvMon.exe.lnk - C:\Program Files\Nikon\NkView6\NkvMon.exe [2006-11-18 17:57:18]

C:\DOCUME~1\PARENT~1\STARTM~1\Programs\Startup\
Webshots.lnk - C:\Program Files\Webshots\Launcher.exe [2006-10-19 22:06:43]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\AN983.sys
S3 SUPERWEBCAM;SuperWebcam, WDM Virtual Video Capture Device;C:\WINDOWS\system32\DRIVERS\superwebcam.sys
S3 WINIO;WINIO;\??\C:\Program Files\QMacro\winio.sys


Contents of the 'Scheduled Tasks' folder
2007-08-29 23:51:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
2007-09-03 17:56:00 C:\WINDOWS\Tasks\HP Usg Daily FY04.job - C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\pexpress\hphped06.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-04 15:12:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-09-04 15:15:47 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-04 15:15

--- E O F ---

#6 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 03 September 2007 - 02:34 PM

Make sure all hidden files are showing:
* Click 'Start'.
* Open 'My Computer'.
* Select the 'Tools' menu and click 'Folder Options'.
* Select the 'View' tab.
* Under the 'Hidden files and folders' heading select 'Show hidden files and folders'.
* Uncheck the 'Hide file extensions for known types' option.
* Uncheck the 'Hide protected operating system files (recommended)' option.
* Click Yes to confirm.
* Click OK.

Find and delete:
C:\Program Files\Viewpoint
C:\Documents and Settings\All Users\Application Data\Viewpoint

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:
O3 - Toolbar: (no name) - {C17590D2-ECB4-4b15-8820-F58798DCC118} - (no file)


Download and install CCleaner:
http://www.ccleaner.com/download/builds/downloading-slim

Set Options in CCleaner and run Cleaning Scan.
Open CCleaner if it's not already running.
*Note*
Do not use the Issues block to clean anything with this program.
It is for experts only and it is risky.

Select Cleaner Settings.
Check Internet Explorer, Windows Explorer, and System so that all items are checked.
In the Advanced section,have a check only on Old PreFetch Data.

Click on the Options block on the left.
Select Advanced.
Uncheck "Only delete files in Windows Temp folders older than 48 hours".

Set Cookie Retention.
Click on the Options block on the left, then choose Cookies.
Under the Cookies to delete pane, highlight any cookies you would like to retain permanently (those companies or sites with which you regularly visit or do business), and click the right arrow > to move them to the Cookies to keep pane.

Run Cleaning Scan.
Click on the Cleaner block on the left.
Choose the Windows tab.
Click the Run Cleaner button.
This process could take a while.
When CCleaner shows how much has been removed,cleaning is finished.


Your version of Sun Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older versions of Sun Java,and then update.
1. Download the latest version of Java Runtime Environment (JRE)
2. Scroll down to where it says 'Java Runtime Environment (JRE) 6u2'.
3. Click the "Download" button to the right.
4. Check the box that says: "Accept License Agreement".
5. The page will refresh.
6. Click on the link to download 'Windows Offline Installation, Multi-language' and save to your desktop.
7. Close any programs you may have running - especially your web browser.
8. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
9. Check any item with Java Runtime Environment (JRE or J2SE) in the name.
10. Click the Change/Remove button.
11. Repeat as many times as necessary to remove each Java versions.
12. Reboot your computer once all Java components are removed.
13. Then from your desktop double-click on jre-6u2-windows-i586-p.exe to install the newest version.


Download the trial version of Spy Sweeper:
http://www.webroot.com/shoppingcart/tryme....&vcode=DT14

Install it using the Standard Install option.
You will be asked for your e-mail address,it's safe to give it.
If you receive alerts from your firewall,allow all activities for Spy Sweeper.

You will be prompted to check for updated definitions,please do so,this may take several minutes so please be patient.

Once the updates have been installed,click on 'Options' and check/enable 'Full Sweep [Reccommended]'.
Click on 'Sweep',then 'Start Full Sweep' and allow it to fully scan your system.

When the sweep has finished,click 'Select All' and then click 'Quarantine Selected'.
Under the 'Summary' tab, select 'View Session Log'.
Click 'Save to File' and save the log to your desktop.

Exit Spy Sweeper.
Restart your pc,then copy and paste the SpySweeper log into your next reply.

Also post a new Hijackthis log.
Let me know how your pc is running now please.
Posted Image
Posted Image

#7 Kaidyn

Kaidyn
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 03 September 2007 - 10:12 PM

Ok, the computer seems to be running and starting up faster now.

However, that Windows Installer for "InstantShare" is still popping up when I log into my name.
My father said it didn't happen to him for the first time after I got about halfway through this step (I then had to go to work), but it's still happening on my account, so I don't know if that's pertinent information or not.

Spy Sweeper
11:01 PM: Removal process completed. Elapsed time 00:00:32
11:01 PM: Quarantining All Traces: tripod cookie
11:01 PM: Quarantining All Traces: apmebf cookie
11:01 PM: Quarantining All Traces: military cookie
11:01 PM: Quarantining All Traces: 7search cookie
11:01 PM: Quarantining All Traces: trb.com cookie
11:01 PM: Quarantining All Traces: freestats.net cookie
11:01 PM: Quarantining All Traces: rambler cookie
11:01 PM: Quarantining All Traces: pro-market cookie
11:01 PM: Quarantining All Traces: about cookie
11:01 PM: Quarantining All Traces: toplist cookie
11:01 PM: Quarantining All Traces: goclick cookie
11:01 PM: Quarantining All Traces: upspiral cookie
11:01 PM: Quarantining All Traces: angelfire cookie
11:01 PM: Quarantining All Traces: imrworldwide.com cookie
11:01 PM: Quarantining All Traces: onestat.com cookie
11:01 PM: Quarantining All Traces: specificclick.com cookie
11:01 PM: Quarantining All Traces: sexlist cookie
11:01 PM: Quarantining All Traces: ccbill cookie
11:01 PM: Quarantining All Traces: danni cookie
11:01 PM: Quarantining All Traces: clickzs cookie
11:01 PM: Quarantining All Traces: kinghost cookie
11:01 PM: Quarantining All Traces: adbureau cookie
11:01 PM: Quarantining All Traces: belnk cookie
11:01 PM: Quarantining All Traces: revenue.net cookie
11:01 PM: Quarantining All Traces: valuead cookie
11:01 PM: Quarantining All Traces: fortunecity cookie
11:01 PM: Quarantining All Traces: adknowledge cookie
11:01 PM: Quarantining All Traces: realmedia cookie
11:01 PM: Quarantining All Traces: 247realmedia cookie
11:01 PM: Quarantining All Traces: maxserving cookie
11:01 PM: Quarantining All Traces: gamespy cookie
11:01 PM: Quarantining All Traces: infospace cookie
11:01 PM: Quarantining All Traces: tribalfusion cookie
11:01 PM: Quarantining All Traces: tacoda cookie
11:01 PM: Quarantining All Traces: websponsors cookie
11:01 PM: Quarantining All Traces: adecn cookie
11:01 PM: Quarantining All Traces: askmen cookie
11:01 PM: Quarantining All Traces: paycounter cookie
11:01 PM: Quarantining All Traces: adrevolver cookie
11:01 PM: Quarantining All Traces: domainsponsor cookie
11:01 PM: Quarantining All Traces: casalemedia cookie
11:01 PM: Quarantining All Traces: burstnet cookie
11:01 PM: Quarantining All Traces: burstbeacon cookie
11:01 PM: Quarantining All Traces: trafficmp cookie
11:01 PM: Quarantining All Traces: yieldmanager cookie
11:01 PM: Quarantining All Traces: servedby advertising cookie
11:01 PM: Quarantining All Traces: bs.serving-sys cookie
11:01 PM: Quarantining All Traces: 888 cookie
11:01 PM: Quarantining All Traces: bluestreak cookie
11:01 PM: Quarantining All Traces: partypoker cookie
11:01 PM: Quarantining All Traces: screensavers.com cookie
11:01 PM: Quarantining All Traces: sb01 cookie
11:01 PM: Quarantining All Traces: imlive.com cookie
11:01 PM: Quarantining All Traces: azjmp cookie
11:01 PM: Quarantining All Traces: falkag cookie
11:01 PM: Quarantining All Traces: overture cookie
11:01 PM: Quarantining All Traces: epilot cookie
11:01 PM: Quarantining All Traces: findwhat cookie
11:01 PM: Quarantining All Traces: enhance cookie
11:01 PM: Quarantining All Traces: statcounter cookie
11:01 PM: Quarantining All Traces: tickle cookie
11:01 PM: Quarantining All Traces: ru4 cookie
11:01 PM: Quarantining All Traces: serving-sys cookie
11:01 PM: Quarantining All Traces: linksynergy cookie
11:01 PM: Quarantining All Traces: pointroll cookie
11:01 PM: Quarantining All Traces: 2o7.net cookie
11:01 PM: Quarantining All Traces: zedo cookie
11:01 PM: Quarantining All Traces: webtrendslive cookie
11:01 PM: Quarantining All Traces: questionmarket cookie
11:01 PM: Quarantining All Traces: mediaplex cookie
11:01 PM: Quarantining All Traces: atwola cookie
11:01 PM: Quarantining All Traces: atlas dmt cookie
11:01 PM: Quarantining All Traces: advertising cookie
11:01 PM: Removal process initiated
11:00 PM: Traces Found: 407
11:00 PM: Full Sweep has completed. Elapsed time 00:23:40
11:00 PM: File Sweep Complete, Elapsed Time: 00:20:18
10:54 PM: Warning: TCompressedFile.GetStreams(1): Stream read error
10:54 PM: Warning: SweepDirectories: Cannot find directory "g:". This directory was not added to the list of paths to be scanned.
10:54 PM: Warning: SweepDirectories: Cannot find directory "f:". This directory was not added to the list of paths to be scanned.
10:54 PM: Warning: SweepDirectories: Cannot find directory "d:". This directory was not added to the list of paths to be scanned.
10:52 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms86628600-e8b4-424a-8d07-d13194097905.tmp". The operation completed successfully
10:52 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsd22fd31d-e71b-4c5d-9138-fa2962cdc06d.tmp". The operation completed successfully
10:52 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms270c294d-1b9c-4b03-a4b1-46c10e0116cb.tmp". The operation completed successfully
10:52 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms06aa4fee-3dfc-4749-a5b2-ea3296a33862.tmp". The operation completed successfully
10:52 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsf0901c73-724f-43b3-944d-678bd47ed510.tmp". The operation completed successfully
10:52 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsfaa1c10f-fbde-43f5-8c6a-2371c9902b0c.tmp". The operation completed successfully
10:52 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms8a25a80e-7d9f-43ef-a451-65718c887c95.tmp". The operation completed successfully
10:52 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsab904143-7ff2-4c60-92a6-8a30ce6d8914.tmp". The operation completed successfully
10:49 PM: Warning: Failed to read file "c:\documents and settings\parents\local settings\temp\perflib_perfdata_bcc.dat". "c:\documents and settings\parents\local settings\temp\perflib_perfdata_bcc.dat": File not found
10:40 PM: Starting File Sweep
10:40 PM: Warning: SweepDirectories: Cannot find directory "a:". This directory was not added to the list of paths to be scanned.
10:40 PM: Cookie Sweep Complete, Elapsed Time: 00:00:03
10:40 PM: C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\ns6rdhme.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\ns6rdhme.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\ns6rdhme.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3591)
10:40 PM: Found Spy Cookie: tripod cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2229)
10:40 PM: Found Spy Cookie: apmebf cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2997)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2996)
10:40 PM: Found Spy Cookie: military cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2011)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2011)
10:40 PM: Found Spy Cookie: 7search cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3587)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3587)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3587)
10:40 PM: Found Spy Cookie: trb.com cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2413)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2413)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2686)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3269)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3269)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2705)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2705)
10:40 PM: Found Spy Cookie: freestats.net cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3225)
10:40 PM: Found Spy Cookie: rambler cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3148)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3148)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3148)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3148)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 6442)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 6442)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3105)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3106)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3105)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3197)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3197)
10:40 PM: Found Spy Cookie: pro-market cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2037)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2037)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2037)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2037)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2037)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2037)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2037)
10:40 PM: Found Spy Cookie: about cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2413)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2413)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3557)
10:40 PM: Found Spy Cookie: toplist cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2732)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2732)
10:40 PM: Found Spy Cookie: goclick cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3614)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3614)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3614)
10:40 PM: Found Spy Cookie: upspiral cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2613)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2221)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2221)
10:40 PM: Found Spy Cookie: angelfire cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2845)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2845)
10:40 PM: Found Spy Cookie: imrworldwide.com cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2089)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2089)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2089)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2088)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2088)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2088)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2336)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2336)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2336)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2089)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3235)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3235)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3235)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3235)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3235)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3098)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3098)
10:40 PM: Found Spy Cookie: onestat.com cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3399)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3399)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3400)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3400)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3399)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3399)
10:40 PM: Found Spy Cookie: specificclick.com cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3762)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3762)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3762)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3751)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3751)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3751)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3751)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3667)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3353)
10:40 PM: Found Spy Cookie: sexlist cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2255)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2314)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 6444)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 6444)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 6444)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 6444)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1953)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1953)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 1953)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2355)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2354)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2354)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2354)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2354)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2369)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2369)
10:40 PM: Found Spy Cookie: ccbill cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2493)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2493)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2493)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2493)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2493)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2494)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2494)
10:40 PM: Found Spy Cookie: danni cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2413)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2413)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3217)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3217)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2330)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3343)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3343)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3343)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3343)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3343)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2253)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2413)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2413)
10:40 PM: Found Spy Cookie: clickzs cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3115)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2903)
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 2903)
10:40 PM: Found Spy Cookie: kinghost cookie
10:40 PM: C:\Documents and Settings\Parents_2\Application Data\Mozilla\Firefox\Profiles\c0twrppk.default\cookies.txt (ID = 3589)
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 3106)
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 3105)
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 3589)
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 2253)
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 2060)
10:40 PM: Found Spy Cookie: adbureau cookie
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\cpb08hh1.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2292)
10:40 PM: Found Spy Cookie: belnk cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3257)
10:40 PM: Found Spy Cookie: revenue.net cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3627)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3627)
10:40 PM: Found Spy Cookie: valuead cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2686)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2686)
10:40 PM: Found Spy Cookie: fortunecity cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 6445)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2072)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2072)
10:40 PM: Found Spy Cookie: adknowledge cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3235)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3235)
10:40 PM: Found Spy Cookie: realmedia cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1953)
10:40 PM: Found Spy Cookie: 247realmedia cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2966)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2966)
10:40 PM: Found Spy Cookie: maxserving cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2719)
10:40 PM: Found Spy Cookie: gamespy cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3667)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2865)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2865)
10:40 PM: Found Spy Cookie: infospace cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3589)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3589)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3589)
10:40 PM: Found Spy Cookie: tribalfusion cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 6444)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 6444)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 6444)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 6445)
10:40 PM: Found Spy Cookie: tacoda cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3665)
10:40 PM: Found Spy Cookie: websponsors cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2064)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2063)
10:40 PM: Found Spy Cookie: adecn cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 6442)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2248)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2247)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2247)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2247)
10:40 PM: Found Spy Cookie: askmen cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3115)
10:40 PM: Found Spy Cookie: paycounter cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2089)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2089)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2089)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2088)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2089)
10:40 PM: Found Spy Cookie: adrevolver cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3762)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3762)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3763)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3762)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2535)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2535)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2535)
10:40 PM: Found Spy Cookie: domainsponsor cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3148)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3148)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3148)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3148)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2354)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2354)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2354)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2354)
10:40 PM: Found Spy Cookie: casalemedia cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2337)
10:40 PM: Found Spy Cookie: burstnet cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2335)
10:40 PM: Found Spy Cookie: burstbeacon cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3581)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3581)
10:40 PM: Found Spy Cookie: trafficmp cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3749)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3751)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3751)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3751)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3751)
10:40 PM: Found Spy Cookie: yieldmanager cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3335)
10:40 PM: Found Spy Cookie: servedby advertising cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2175)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2330)
10:40 PM: Found Spy Cookie: bs.serving-sys cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2020)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2019)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2019)
10:40 PM: Found Spy Cookie: 888 cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2314)
10:40 PM: Found Spy Cookie: bluestreak cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3111)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3111)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3111)
10:40 PM: Found Spy Cookie: partypoker cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2254)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3106)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3106)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3298)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3298)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3298)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3298)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3298)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3298)
10:40 PM: Found Spy Cookie: screensavers.com cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3288)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3288)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3288)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3288)
10:40 PM: Found Spy Cookie: sb01 cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2843)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2843)
10:40 PM: Found Spy Cookie: imlive.com cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2270)
10:40 PM: Found Spy Cookie: azjmp cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2650)
10:40 PM: Found Spy Cookie: falkag cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3105)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3105)
10:40 PM: Found Spy Cookie: overture cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2621)
10:40 PM: Found Spy Cookie: epilot cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2674)
10:40 PM: Found Spy Cookie: findwhat cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2614)
10:40 PM: Found Spy Cookie: enhance cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3447)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3447)
10:40 PM: Found Spy Cookie: statcounter cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3529)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3529)
10:40 PM: Found Spy Cookie: tickle cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3269)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3269)
10:40 PM: Found Spy Cookie: ru4 cookie
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2253)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3217)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3217)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3217)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3217)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3343)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3343)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3343)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 3343)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 2255)
10:40 PM: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\na7pi8wk.default\cookies.txt (ID = 1957)
10:40 PM: c:\documents and settings\parents_2\cookies\parents_2@serving-sys[2].txt (ID = 3343)
10:40 PM: Found Spy Cookie: serving-sys cookie
10:40 PM: c:\documents and settings\parents_2\cookies\parents_2@questionmarket[1].txt (ID = 3217)
10:40 PM: c:\documents and settings\parents_2\cookies\parents_2@mediaplex[1].txt (ID = 6442)
10:40 PM: c:\documents and settings\parents_2\cookies\parents_2@linksynergy[2].txt (ID = 2926)
10:40 PM: Found Spy Cookie: linksynergy cookie
10:40 PM: c:\documents and settings\parents_2\cookies\parents_2@atdmt[2].txt (ID = 2253)
10:40 PM: c:\documents and settings\parents_2\cookies\parents_2@ads.pointroll[2].txt (ID = 3148)
10:40 PM: Found Spy Cookie: pointroll cookie
10:40 PM: c:\documents and settings\parents_2\cookies\parents_2@2o7[1].txt (ID = 1957)
10:40 PM: Found Spy Cookie: 2o7.net cookie
10:40 PM: c:\documents and settings\administrator\cookies\administrator@zedo[2].txt (ID = 3762)
10:40 PM: Found Spy Cookie: zedo cookie
10:40 PM: c:\documents and settings\administrator\cookies\administrator@statse.webtrendslive[2].txt (ID = 3667)
10:40 PM: Found Spy Cookie: webtrendslive cookie
10:40 PM: c:\documents and settings\administrator\cookies\administrator@questionmarket[1].txt (ID = 3217)
10:40 PM: Found Spy Cookie: questionmarket cookie
10:40 PM: c:\documents and settings\administrator\cookies\administrator@mediaplex[1].txt (ID = 6442)
10:40 PM: Found Spy Cookie: mediaplex cookie
10:40 PM: c:\documents and settings\administrator\cookies\administrator@atwola[1].txt (ID = 2255)
10:40 PM: Found Spy Cookie: atwola cookie
10:40 PM: c:\documents and settings\administrator\cookies\administrator@atdmt[2].txt (ID = 2253)
10:40 PM: Found Spy Cookie: atlas dmt cookie
10:40 PM: c:\documents and settings\administrator\cookies\administrator@advertising[1].txt (ID = 2175)
10:40 PM: Found Spy Cookie: advertising cookie
10:40 PM: Starting Cookie Sweep
10:40 PM: Registry Sweep Complete, Elapsed Time:00:00:15
10:40 PM: Starting Registry Sweep
10:40 PM: Memory Sweep Complete, Elapsed Time: 00:02:45
10:37 PM: Starting Memory Sweep
10:37 PM: Warning: TFileCountEnum.ProcessPartition: TVolumeFAT.IC: invalid Boot Sector. Volume E:
10:37 PM: Start Full Sweep
10:37 PM: Sweep initiated using definitions version 981
Keylogger: Off
10:36 PM: Informational: ShieldEmail: Start monitoring port 25 for mail activities
E-mail Attachment: On
10:36 PM: Informational: ShieldEmail: Start monitoring port 110 for mail activities
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
File System Shield: On
Execution Shield: On
System Services Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
10:36 PM: Shield States
10:36 PM: License Check Status (0): Success
10:36 PM: Spyware Definitions: 981
10:35 PM: Spy Sweeper 5.5.7.48 started
10:35 PM: Spy Sweeper 5.5.7.48 started
10:35 PM: | Start of Session, Tuesday, September 04, 2007 |
***************

HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:43 PM, on 9/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Marvel\Puppies.exe
C:\WINDOWS\system32\MsiExec.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.java.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] "C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\RealMedia\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [WhatPulse] "C:\Program Files\WhatPulse\WhatPulse.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 5778 bytes

#8 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 04 September 2007 - 07:52 AM

However, that Windows Installer for "InstantShare" is still popping up when I log into my name.

Download the Windows Installer CleanUp Utility from the Microsoft Download Center:
http://download.microsoft.com/download/e/9...1bd/msicuu2.exe
Locate and run msicuu2.exe to install the Windows Installer CleanUp Utility.
Locate and launch the Windows Installer CleanUp Utility on the Start menu.
From the Windows Installer CleanUp Utility window,locate the application (InstantShare) if its present in the list ,then click the Remove button.
Once the application has been removed,click the Exit button to close the utility.

Restart your pc,let me know whats happening now.
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users