Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Some Pretty Bad Malware


  • This topic is locked This topic is locked
10 replies to this topic

#1 Xenoghost

Xenoghost

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 23 October 2007 - 11:32 AM

I was Browsing the forums on DGEMU.com and it popped up and installed itself
i used smitfraudfix and that got rid of BS 2.0 and some other stuff but my system is still performing sluggishly
and im getting a lot of ad pop ups. Also csrss.exe starts up using 100% Cpu and keeps restarting itself once terminated
my specs are as follows
K7MNF-64 motherboard
nForce 2 chipset
512mb DDR ram 64shared on Vidcard
AMD Sempron 3000+ CPU 2.0Ghz
nvidia integrated Geforce 4 MX Gpu

here is log.... any help would be greatly appreciated

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:54 AM, on 10/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\tsitra27.exe
C:\WINDOWS\plite731.exe
C:\WINDOWS\system32\mstaskmgr.exe
C:\Program Files\Internet Explorer\winload.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Web Buying\v1.8.5\webbuying.exe
C:\PROGRA~1\SMANTE~1\regsvr32.exe
C:\Documents and Settings\Owner\My Documents\s?stem32\c?rss.exe
C:\Program Files\WinAble\winable.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Rabio\X_se.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\AIM6\aolsoftware.exe
c:\program files\aim6\anotify.exe
C:\Program Files\HiJackThis\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O3 - Toolbar: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - c:\program files\peoplepc\toolbar\PPCToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [winshow] "C:\WINDOWS\winshow.exe"
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\tsitra27.exe 61A847B5BBF72810358B2B27128065E9C084320161C4661227A755E9C2933154389A
O4 - HKLM\..\Run: [plite731] C:\WINDOWS\plite731.exe
O4 - HKLM\..\Run: [SystemSv12] C:\WINDOWS\system32\newmaxxsv234.exe
O4 - HKLM\..\Run: [mstaskmgr.exe] C:\WINDOWS\system32\mstaskmgr.exe
O4 - HKLM\..\Run: [startdrv] C:\WINDOWS\Temp\startdrv.exe
O4 - HKLM\..\Run: [winload] C:\Program Files\Internet Explorer\winload.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [WebBuying] C:\Program Files\Web Buying\v1.8.5\webbuying.exe
O4 - HKCU\..\Run: [ArtChk] C:\WINDOWS\system32\artchker.exe
O4 - HKCU\..\Run: [Cpue] "C:\PROGRA~1\SMANTE~1\regsvr32.exe" -vt yazb
O4 - HKCU\..\Run: [Jgrgnoab] "C:\Documents and Settings\Owner\My Documents\s?stem32\c?rss.exe"
O4 - HKCU\..\Run: [ISMPack6] "C:\Program Files\ISM2\ISMPack6.exe"
O4 - HKCU\..\Run: [ISMPack7] "C:\Program Files\ISM2\ISMPack7.exe"
O4 - HKCU\..\Run: [Service Pack 1] C:\WINDOWS\system32\vedxg6ame4.exe
O4 - HKCU\..\Run: [noskrnl] C:\WINDOWS\noskrnl.exe
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe
O4 - Startup: Rabio - Auto Update.lnk = C:\Program Files\Rabio\se.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1139685692406
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1147996629437
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll

--
End of file - 5330 bytes

BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:12:43 PM

Posted 23 October 2007 - 01:56 PM

Hello Xenoghost,

Welcome to Bleeping Computer :blink:

This is a terrible mess. :thumbsup: Add to that you don't have an AntiVirus, no kind of protection software, and there are more bad entries than good in that log. The safest and surest course for you here would be to reformat and reinstall your OS. At this point, even if we tried to clean it I could not promise a safe and undamaged computer.

Regards,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 Xenoghost

Xenoghost
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 24 October 2007 - 07:38 AM

Well i appreciate your honesty of ill news ...i guess... Ok it seems that i will feformat and pop my xp cd in and reinstall but i have other computers on my network and was just wondering if maybe they couldve been infected as well? i have an older HP computer and wondering if maybe you could go over this log to see if maybe i just need to wipe the 1 or all computers on my network? again help would be appreciated

this ones kinda old
chipset intel i810
Intel Celeron 1Ghz Cpu
512mb pc133 SDRAM
Nvidia GeForce FX 5500 PCI

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:29:55 AM, on 10/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE
C:\WINDOWS\system32\svehost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Steam\Steam.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HiJackThis\HijackThis.exe

R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [Auto EPSON Stylus CX4800 Series on CRACKWHORES] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE /P46 "Auto EPSON Stylus CX4800 Series on CRACKWHORES" /O22 "\\CRACKWHORES\Printer3" /M "Stylus CX4800"
O4 - HKLM\..\Run: [Microsoft Updates] svehost.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?23792e5c058b47248dd6735fc3803a4c
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?23792e5c058b47248dd6735fc3803a4c
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://cdn1.acclaimdownloads.com/solidstateion.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 6158 bytes

#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:12:43 PM

Posted 24 October 2007 - 12:08 PM

Well this one isn't quite as bad, but it's been compromised as far as passwords and sensitive info goes. If you want to clean this one, then get a proper AV on it and we'll do it. AVG, Avira OR Avast are good FREE antivirus.

Let me know what you want to do. :thumbsup:

Regards,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#5 Xenoghost

Xenoghost
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 24 October 2007 - 01:17 PM

Ok yes i want to clean this one out cause i dont really want to do a reformat on this one too ive chosen the avira antivirus program for my AV. The Main reason i didnt have and antivirus on before is because i don't like the resource drain they put on your computer. But im guessing that the spyware adware etc already on there is just as bad a drain. so ill compromise and use an AV. another question is there any perticular reason why i cannot access shared files on this computer from any other? The Shared folders for all other computers show up in The Internet section of MNP and i can access them but no other computer can access this ones shared folder. I am Assuming its a registry corruption but your the expert here not me thank you for all the help i look forward to your reply

#6 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:12:43 PM

Posted 24 October 2007 - 02:42 PM

Hello,

You don't want to share files right now anyway. Not with the machines being infected. In fact, if you can get online with this one independently, then you really should disconnect from the network until they're all either cleaned or reformatted.

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).
  • Finally paste the contents of the Report.txt back on the forum with a new HijackThis log
Let me know how it's running also, please. :thumbsup:

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#7 Xenoghost

Xenoghost
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 28 October 2007 - 11:59 AM

Ok Sorry Im Back i had to go on and important trip to see my grandparents in New York My little nephew was messing around on my computers while i was away too.....
ok here's log for SDFix


SDFix: Version 1.112

Run by Joshua England on Sun 10/28/2007 at 11:34 AM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found




Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\EA Games\\The Battle for Middle-earth ™\\game.dat"="C:\\Program Files\\EA Games\\The Battle for Middle-earth ™\\game.dat:*:Enabled:The Battle for Middle-earth ™"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
"C:\\Program Files\\Starcraft\\StarCraft.exe"="C:\\Program Files\\Starcraft\\StarCraft.exe:*:Enabled:Starcraft"
"C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\\Program Files\\Age of Wonders Shadow Magic\\AoWSM.exe"="C:\\Program Files\\Age of Wonders Shadow Magic\\AoWSM.exe:*:Enabled:Age of Wonders: Shadow Magic"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\Steam\\steamapps\\typhoonexhale\\half-life\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\typhoonexhale\\half-life\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"="C:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat:*:Enabled:game"
"C:\\Program Files\\GeoWhere Lite\\GeoWhere.2.74.lite.exe"="C:\\Program Files\\GeoWhere Lite\\GeoWhere.2.74.lite.exe:*:Enabled:GeoWhere.2.74.lite"
"C:\\Program Files\\Steam\\steamapps\\typhoonexhale\\counter-strike\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\typhoonexhale\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\EA Games\\The Battle for Middle-earth ™\\patchget.dat"="C:\\Program Files\\EA Games\\The Battle for Middle-earth ™\\patchget.dat:*:Enabled:patchgrabber"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\\Documents and Settings\\Joshua England\\My Documents\\Downloads\\The.All.Seeing.Eye.v2.6.0.WinALL.Cracked-EMPORiO\\ase260-emp\\eye.exe"="C:\\Documents and Settings\\Joshua England\\My Documents\\Downloads\\The.All.Seeing.Eye.v2.6.0.WinALL.Cracked-EMPORiO\\ase260-emp\\eye.exe:*:Enabled:Yahoo! All-Seeing Eye"
"C:\\Program Files\\The All-Seeing Eye\\eye.exe"="C:\\Program Files\\The All-Seeing Eye\\eye.exe:*:Enabled:Yahoo! All-Seeing Eye"
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"="C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\\Program Files\\LucasArts\\Star Wars Battlefront II\\GameData\\BattlefrontII.exe"="C:\\Program Files\\LucasArts\\Star Wars Battlefront II\\GameData\\BattlefrontII.exe:*:Enabled:BattlefrontII"
"C:\\Program Files\\World of Warcraft\\Launcher.exe"="C:\\Program Files\\World of Warcraft\\Launcher.exe:*:Enabled:World of Warcraft"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

Remaining Files:
---------------


Files with Hidden Attributes:

Fri 22 Jun 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 2 May 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Mon 13 Nov 2006 319,456 A..H. --- "C:\Program Files\Common Files\Motorola Shared\MotPCSDrivers\difxapi.dll"

Finished!



and heres HJT logLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:54:41 AM, on 10/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wpabaln.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\HiJackThis\HijackThis.exe

R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [Auto EPSON Stylus CX4800 Series on CRACKWHORES] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE /P46 "Auto EPSON Stylus CX4800 Series on CRACKWHORES" /O22 "\\CRACKWHORES\Printer3" /M "Stylus CX4800"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?23792e5c058b47248dd6735fc3803a4c
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?23792e5c058b47248dd6735fc3803a4c
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://cdn1.acclaimdownloads.com/solidstateion.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 6719 bytes


When i got back my computer said window genuine software this copy of windows needs to be reactivated in 3 days due to a significant hardware changed but i have checked and asked my nephew if he had changed any of the hardware and he said no. So there hasnt been any significant hardware change why is it asking me to reactivate windows? is it malware? Ty for all the previous help.

PS:did you want me to post a HJT for the computer i reformatted? I Put avira on all my computers and did scans with it

#8 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:12:43 PM

Posted 29 October 2007 - 11:27 AM

Hello,

Please print these instructions or copy them to Notepad (or another word processor), and save it for easier reference. This is because we will be in Safe Mode during the fix and you won’t be able to access the Internet to view these instructions.

Please download AVG Anti-Spyware Free Edition and save that file to your desktop.

This is a 30-day trial of the program -- This means that after 30 days the "background guard" protection will be de-activated. However, this version can continue to be manually updated and used as an on-demand scanner forever.
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the setup program.
  • Once the setup is complete you will need to run AVG Anti-Spyware and update the definition files.
  • On the top of the main screen select the "Update" icon, then under the "Manual update" section click the "Start update" button.
  • The update will start and a progress bar will show the updates being installed.
  • Once the update has completed (the progress bar will display "Update successful!") select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the "Settings" screen:
    • Click on "Recommended actions" -> select "Quarantine".
    • Under "Reports:" -> select "Do not automatically generate reports".
  • Close AVG Anti-Spyware. Please do NOT run a scan yet!
Next, please reboot your computer into Safe Mode by doing the following:
  • Reboot your computer.
  • After hearing your computer beep once during startup, but just before the Windows icon appears, begin tapping the F8 key on your keyboard. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, reboot the computer and try again.
  • Instead of Windows loading as normal, a menu should appear.
  • Using the arrow keys on the keyboard, scroll to and select the "Safe Mode" menu item, and then press "Enter".
Please run HijackThis! and click "Scan." Place checks next to the following entries, if present:

R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [Auto EPSON Stylus CX4800 Series on CRACKWHORES] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE /P46 "Auto EPSON Stylus CX4800 Series on CRACKWHORES" /O22 "\\CRACKWHORES\Printer3" /M "Stylus CX4800"


Close all browsers and other windows except for HijackThis!, and click "Fix checked".

Then please run a scan with AVG Anti-Spyware:

IMPORTANT: Do NOT open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning process.
  • Launch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab. Click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
  • Once the scan is complete do the following:
    • If you have any infections you will prompted, then select the "Apply all actions" button, AVG Anti-Spyware will then display "All actions have been applied" on the right hand side.
    • Next select the "Save Report" button at the bottom.
    • Then select the "Save report as" button in the lower left hand corner of the screen and save it as a text file on your system (make sure to remember where you saved that file, this is important!).
  • Close AVG Anti-Spyware and reboot your system normally into Windows. Please post the contents of the AVG Anti-Spyware report in your next reply, along with a new HijackThis log.
How is it running now? I'll take a look at the other computer after we get done with this one, okay? :thumbsup:

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#9 Xenoghost

Xenoghost
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 30 October 2007 - 02:42 AM

ok heres report....

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 2:29:46 AM 10/30/2007

+ Scan result:



:mozilla.11:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.12:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.292:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.293:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.294:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.295:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.296:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.353:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.359:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.420:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@brightcove.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@gateway.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@microsoftwlsearchcrm.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.181:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.189:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.190:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.191:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@3.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@3.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@adbrite[3].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.36:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.148:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.149:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.151:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.152:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.153:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.155:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.156:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.64:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.65:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.66:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.67:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.91:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.92:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.93:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.94:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.95:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.208:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.212:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.37:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.251:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.270:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.271:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.10:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.11:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.12:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.13:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.14:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.15:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.16:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.17:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.18:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.19:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.20:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.27:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.6:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.32:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.47:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.216:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.217:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.218:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.219:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.220:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.221:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@adopt.euroclick[3].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.180:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.182:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.183:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.184:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.185:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.186:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.187:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.188:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.422:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.461:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.462:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.486:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@ehg-localtoolbox.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@ehg-tigerdirect2.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.213:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.214:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.63:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.254:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.255:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.256:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.257:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.258:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.259:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.260:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.261:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.262:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.52:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.53:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.54:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.55:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.57:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.58:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.59:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@ads.pointroll[3].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.96:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.98:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.68:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.69:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.70:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.71:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.72:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.73:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.74:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.75:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.76:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.77:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@realmedia[3].txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.233:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.235:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.236:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.237:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.238:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.239:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.240:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.241:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.242:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.243:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.47:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.48:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.49:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.50:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.51:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.374:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.375:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.376:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.377:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.378:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.379:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.75:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.77:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.78:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.79:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.81:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.82:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@spylog[2].txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.404:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.405:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.406:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.287:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.289:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.290:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@anat.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.582:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.583:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.30:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.32:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.33:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.34:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.37:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.38:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.39:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.40:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.41:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.42:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.43:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.44:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.209:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.26:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.263:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.264:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.265:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.266:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.267:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.268:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.96:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.550:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@yadro[2].txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.139:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.140:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.141:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.142:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.143:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.144:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.145:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.146:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.24:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.25:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.27:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.28:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.29:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.30:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.31:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\d1yl4lip.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.198:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.202:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.203:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.204:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.205:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.206:C:\Documents and Settings\Joshua England\Application Data\Mozilla\Firefox\Profiles\rnrzj0n8.Default User\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Joshua England\Cookies\joshua_england@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.


::Report end

and heres hjtLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:39:29 AM, on 10/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\HiJackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?23792e5c058b47248dd6735fc3803a4c
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?23792e5c058b47248dd6735fc3803a4c
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://cdn1.acclaimdownloads.com/solidstateion.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 6198 bytes


Its still asking me to reactivate windows i only have 1 day left to do so. Should i really put my product key in?

#10 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:12:43 PM

Posted 30 October 2007 - 10:00 AM

Hello,

Rather than act on what you see on your screen, I would go directly to the Microsoft site and see if it still needs to be done.

Your log looks clean now, so go and do that and let me know how you come out. If there are still problems we'll head off in a different direction and figure it out. :thumbsup:

Regards,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#11 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:12:43 PM

Posted 11 November 2007 - 11:36 AM

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users