Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HJT log


  • Please log in to reply
3 replies to this topic

#1 toebar

toebar

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 04 September 2005 - 09:41 AM

Hi,

Help! I 've got a problem with SIXA, Trojan.Stwoyle, and probably a few other things..

Any help is much appreciated. Thanks!
mark.........

Logfile of HijackThis v1.99.1
Scan saved at 11:32:39 AM, on 2005-09-04
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Time Sync\time.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\snmp.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.ca/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Time Sync] C:\Program Files\Time Sync\time.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe
O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} - http://www.otxresearch.com/OTXMedia/OTXMedia.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.lizardtech.com/download/files/w...tall/isetup.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/12119/CTPID.cab
O18 - Filter: text/html - (no CLSID) - (no file)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:08 AM

Posted 07 September 2005 - 08:33 AM

Download http://www.bleepingcomputer.com/files/winpfind.php

Extract WinPFind.zip to your c:\ folder.

Reboot your computer into Safe Mode

Then open c:\WinPFind and double-click on WinPFind.exe. When the program is open, click on the Start Scan button to scart scanning your computer. Be patient as this scan may take a while. When it is done, it will show a log and tell you the scan is completed. Reboot your computer back to normal mode and and post the contents of c:\WinPFind\WinPFind.txt as a reply to this topic.

#3 toebar

toebar
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:08 AM

Posted 07 September 2005 - 07:58 PM

Hi, and thanks for the response :thumbsup:

In the meantime I installed and ran the ewido suite scan in safe mode (log at bottom). Then I got your response and installed and ran winpfind in safe mode (log below).

Cheers,
Mark

Windows OS and Versions
Product Name: Microsoft Windows XP Current Build: Service Pack 1 Current Build Number: 2600
Internet Explorer Version: 6.0.2800.1106

Checking Selected Standard Folders

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...

Items found in C:\WINDOWS\hosts

PECompact2 2005-08-30 7:59:46 PM 15711729 C:\WINDOWS\lpt$vpn.811
qoologic 2005-08-30 7:59:46 PM 15711729 C:\WINDOWS\lpt$vpn.811
SAHAgent 2005-08-30 7:59:46 PM 15711729 C:\WINDOWS\lpt$vpn.811
UPX! 2005-05-03 11:44:44 AM 25157 C:\WINDOWS\RMAgentOutput.dll
UPX! 2005-04-29 1:57:16 AM 170053 C:\WINDOWS\tsc.exe
PECompact2 2005-08-30 7:59:46 PM 15711729 C:\WINDOWS\VPTNFILE.811
qoologic 2005-08-30 7:59:46 PM 15711729 C:\WINDOWS\VPTNFILE.811
SAHAgent 2005-08-30 7:59:46 PM 15711729 C:\WINDOWS\VPTNFILE.811
UPX! 2005-04-29 1:58:30 AM 1044560 C:\WINDOWS\vsapi32.dll
aspack 2005-04-29 1:58:30 AM 1044560 C:\WINDOWS\vsapi32.dll

Checking %System% folder...
PEC2 2001-08-23 9:00:00 AM 41397 C:\WINDOWS\SYSTEM32\dfrg.msc
FSG! 2005-04-22 9:14:04 AM 398742 C:\WINDOWS\SYSTEM32\Nrqqtuk1.xml
Umonitor 2002-08-29 7:41:10 AM 631808 C:\WINDOWS\SYSTEM32\rasdlg.dll
winsync 2001-08-23 9:00:00 AM 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu

Checking %System%\Drivers folder and sub-folders...

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts
127.0.0.1 www.qoologic.com
127.0.0.1 www.urllogic.com


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
2005-09-07 9:30:06 PM S 2048 C:\WINDOWS\bootstat.dat
2005-08-24 10:33:22 AM H 54156 C:\WINDOWS\QTFont.qfn
2005-09-05 2:53:08 PM H 0 C:\WINDOWS\LastGood\INF\oem10.inf
2005-09-05 2:53:08 PM H 0 C:\WINDOWS\LastGood\INF\oem10.PNF
2005-09-05 11:07:08 PM H 0 C:\WINDOWS\LastGood\INF\oem18.inf
2005-09-05 11:07:08 PM H 0 C:\WINDOWS\LastGood\INF\oem18.PNF
2005-09-01 2:12:50 AM H 0 C:\WINDOWS\LastGood.Tmp\INF\oem22.inf
2005-09-01 2:12:50 AM H 0 C:\WINDOWS\LastGood.Tmp\INF\oem22.PNF
2005-09-01 2:52:04 AM H 0 C:\WINDOWS\LastGood.Tmp\INF\oem23.inf
2005-09-01 2:52:04 AM H 0 C:\WINDOWS\LastGood.Tmp\INF\oem23.PNF
2005-08-11 9:13:42 PM H 517 C:\WINDOWS\system32\ws869209.ocx
2005-08-12 5:31:24 PM S 75078 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem22.CAT
2005-09-07 9:29:54 PM H 8192 C:\WINDOWS\system32\config\default.LOG
2005-08-12 10:58:14 AM H 0 C:\WINDOWS\system32\config\DEFAULT.rrr.LOG
2005-09-07 9:30:22 PM H 1024 C:\WINDOWS\system32\config\SAM.LOG
2005-08-12 10:58:14 AM H 0 C:\WINDOWS\system32\config\SAM.rrr.LOG
2005-09-07 9:30:08 PM H 16384 C:\WINDOWS\system32\config\SECURITY.LOG
2005-09-07 9:31:26 PM H 61440 C:\WINDOWS\system32\config\software.LOG
2005-08-12 10:58:14 AM H 0 C:\WINDOWS\system32\config\SOFTWARE.rrr.LOG
2005-09-07 9:30:12 PM H 1040384 C:\WINDOWS\system32\config\system.LOG
2005-09-07 9:23:08 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
2005-09-07 9:23:08 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KLENS1IF\desktop.ini
2005-09-07 9:23:08 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KRQ9GT6D\desktop.ini
2005-09-07 9:23:08 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\QN8RSF0J\desktop.ini
2005-09-07 9:23:08 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WF6561WN\desktop.ini
2005-08-22 10:32:08 AM HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\7c2fbd6d-24d4-4cd6-abcb-7cbb93e7660a
2005-08-22 10:32:08 AM HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred
2005-08-12 5:31:24 PM S 75078 C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\CX_25203.CAT
2005-08-12 5:31:24 PM S 75078 C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\CX_25203.CAT
2005-09-07 9:28:46 PM H 6 C:\WINDOWS\Tasks\SA.DAT
2005-09-04 3:04:04 PM HS 113 C:\WINDOWS\Temp\History\History.IE5\desktop.ini
2005-09-04 3:04:04 PM HS 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini
2005-09-04 3:04:04 PM HS 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\1BWN252J\desktop.ini
2005-09-04 3:04:04 PM HS 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\BSQSNCYS\desktop.ini
2005-09-04 3:04:04 PM HS 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\L7WAEJ0Y\desktop.ini
2005-09-04 3:04:04 PM HS 67 C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\U1D73GPY\desktop.ini

Checking for CPL files...
Microsoft Corporation 2001-08-23 9:00:00 AM 66048 C:\WINDOWS\SYSTEM32\access.cpl
Microsoft Corporation 2003-05-30 5:17:20 PM 579584 C:\WINDOWS\SYSTEM32\appwiz.cpl
Creative Technology Ltd. 2001-05-28 2:47:00 PM 32768 C:\WINDOWS\SYSTEM32\AudioHQU.cpl
1999-11-12 12:11:00 AM 183808 C:\WINDOWS\SYSTEM32\bdeadmin.cpl
Microsoft Corporation 2002-08-29 7:41:28 AM 129024 C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 150016 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation 2002-08-29 7:41:28 AM 292352 C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 2002-08-29 7:41:28 AM 121856 C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 2002-08-29 7:41:28 AM 65536 C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems, Inc. 2005-06-03 3:52:54 AM 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 187904 C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 559616 C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 256000 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 36864 C:\WINDOWS\SYSTEM32\nwc.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 36864 C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 109056 C:\WINDOWS\SYSTEM32\powercfg.cpl
Apple Computer, Inc. 2003-12-14 10:20:50 AM 323072 C:\WINDOWS\SYSTEM32\QuickTime.cpl
SiSoftware 2005-06-29 6:00:10 PM 53248 C:\WINDOWS\SYSTEM32\SanCpl.cpl
Microsoft Corporation 2002-08-29 7:41:28 AM 268288 C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 28160 C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 90112 C:\WINDOWS\SYSTEM32\timedate.cpl
Microsoft Corporation 2005-05-26 4:16:30 AM 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 66048 C:\WINDOWS\SYSTEM32\dllcache\access.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 150016 C:\WINDOWS\SYSTEM32\dllcache\hdwwiz.cpl
Microsoft Corporation 2002-08-29 4:41:00 AM 208896 C:\WINDOWS\SYSTEM32\dllcache\joy.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 187904 C:\WINDOWS\SYSTEM32\dllcache\main.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 559616 C:\WINDOWS\SYSTEM32\dllcache\mmsys.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 35840 C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 256000 C:\WINDOWS\SYSTEM32\dllcache\nusrmgr.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 36864 C:\WINDOWS\SYSTEM32\dllcache\nwc.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 36864 C:\WINDOWS\SYSTEM32\dllcache\odbccp32.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 109056 C:\WINDOWS\SYSTEM32\dllcache\powercfg.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 28160 C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl
Microsoft Corporation 2001-08-23 9:00:00 AM 90112 C:\WINDOWS\SYSTEM32\dllcache\timedate.cpl

Checking Selected Startup Folders

Checking files in %ALLUSERSPROFILE%\Startup folder...
2003-04-08 6:07:22 PM 1918 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
2005-09-07 7:01:20 AM 1851 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ATI CATALYST System Tray.lnk
2004-03-29 8:55:38 PM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini

Checking files in %ALLUSERSPROFILE%\Application Data folder...
2004-03-29 4:32:10 PM HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini

Checking files in %USERPROFILE%\Startup folder...
2004-03-29 8:55:38 PM HS 84 C:\Documents and Settings\The Master\Start Menu\Programs\Startup\desktop.ini

Checking files in %USERPROFILE%\Application Data folder...
2004-03-29 4:32:10 PM HS 62 C:\Documents and Settings\The Master\Application Data\desktop.ini
2005-04-23 8:06:20 AM 58648 C:\Documents and Settings\The Master\Application Data\GDIPFONTCACHEV1.DAT
2004-05-05 8:24:02 AM 12358 C:\Documents and Settings\The Master\Application Data\PFP100JCM.{PB
2004-05-05 8:24:02 AM 61678 C:\Documents and Settings\The Master\Application Data\PFP100JPR.{PB

Checking Selected Registry Keys

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
SV1 =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Adobe.Acrobat.ContextMenu
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = C:\Program Files\ewido\security suite\context.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WhoLockMe
{81ED7E40-2DE4-47ae-91CA-C3E8E8E98E22} = C:\Program Files\wholockme\WhoLockMe.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Start Menu Pin = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WhoLockMe
{81ED7E40-2DE4-47ae-91CA-C3E8E8E98E22} = C:\Program Files\wholockme\WhoLockMe.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = C:\Program Files\ewido\security suite\context.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\QuickFinderMenu
{C0E10002-0028-0003-C0E1-C0E1C0E1C0E1} = C:\Program Files\Corel\WordPerfect Office 2002\Programs\pfse100.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
= %SystemRoot%\system32\SHELL32.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}
CNavExtBho Class = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{182EC0BE-5110-49C8-A062-BEB1D02A220B}
Adobe PDF = C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Tip of the Day = %SystemRoot%\System32\shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} = &Google : c:\program files\google\googletoolbar1.dll
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus : C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
MenuText = Sun Java Console : C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66}
MenuText = Uninstall BitDefender Online Scanner v8 :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
ButtonText = Messenger : C:\Program Files\Messenger\MSMSGS.EXE

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
Media Band = %SystemRoot%\System32\browseui.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}
File Search Explorer Band = %SystemRoot%\system32\SHELL32.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}
Favorites Band = %SystemRoot%\System32\shdocvw.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E62-B078-11D0-89E4-00C04FC9E26E}
History Band = %SystemRoot%\System32\shdocvw.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}
Explorer Band = %SystemRoot%\System32\shdocvw.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus : C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll
{2318C2B1-4965-11D4-9B18-009027A5CD4F} = &Google : c:\program files\google\googletoolbar1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
UpdReg C:\WINDOWS\UpdReg.EXE
TkBellExe "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
Time Sync C:\Program Files\Time Sync\time.exe
SunJavaUpdateSched C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
SSC_UserPrompt C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
NeroFilterCheck C:\WINDOWS\system32\NeroCheck.exe
Jet Detection "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
IntelliType "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
ASUS Probe C:\Program Files\ASUS\Probe\AsusProb.exe
ccApp "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
Norton Ghost 9.0 C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
Symantec NetDriver Monitor C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
ATIPTA C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
IntelliPoint "C:\Program Files\Microsoft IntelliPoint\point32.exe"
WINDVDPatch CTHELPER.EXE
ATICCC "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL Installed = 1
MAPI Installed =
MSFS Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Norton SystemWorks "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

NoDriveTypeAutoRun _

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
{0DF44EAA-FF21-4412-828E-260A8728E7F1} =


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
dontdisplaylastusername 0
legalnoticecaption
legalnoticetext
shutdownwithoutlogon 1
undockwithoutlogon 1


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun 145

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll
SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
Shell = Explorer.exe
System =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent
= Ati2evxx.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
= crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
= cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
= cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
= sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
= WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
= wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs


Scan Complete
WinPFind v1.3.5 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 2005-09-07 9:40:11 PM



---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 9:04:53 PM, 2005-09-07
+ Report-Checksum: 40FFF23D

+ Scan result:

:mozilla.8:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.9:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.10:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.11:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.12:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.13:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.27:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.30:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.31:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.32:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.48:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.51:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.52:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.53:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.54:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.55:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.63:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.64:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.65:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.66:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.67:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.68:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.72:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.75:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.76:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.77:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.83:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.84:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.85:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.86:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.89:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.90:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.92:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.93:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.94:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.95:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.96:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.97:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.98:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.103:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.108:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.109:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.110:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.111:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.112:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.114:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.129:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.143:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.144:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.146:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.149:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.160:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.161:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.162:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.163:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.164:C:\Documents and Settings\The Master\Application Data\Mozilla\Firefox\Profiles\eyg25sne.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\The Master\Desktop\uninstall6_76.exe -> Spyware.NewDotNet : Cleaned with backup
:mozilla.9:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.18:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.37:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.38:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.41:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.42:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.43:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.44:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.45:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.53:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.57:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.58:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.62:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.65:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.66:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.67:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.73:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.74:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.76:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.79:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.80:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.82:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.84:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.85:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.86:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.87:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.88:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.93:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.98:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.100:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.101:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.102:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.104:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.119:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.133:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Com : Cleaned with backup
-> : Error during cleaning
:mozilla.136:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.139:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.150:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.151:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.152:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.153:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.154:C:\RECYCLER\NPROTECT\00003408.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.13:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.17:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.18:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.37:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.38:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.41:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Tribalfusion : Cleaned with backup
-> : Error during cleaning
:mozilla.43:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.44:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.45:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.53:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.57:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.58:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.62:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.65:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Goldenpalace : Cleaned with backup
-> : Error during cleaning
:mozilla.67:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.73:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.74:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.76:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.79:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.80:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.82:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.84:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.85:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.86:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.87:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.88:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.93:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.98:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.100:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.101:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.102:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.104:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.119:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.133:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.134:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.136:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.139:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.150:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.151:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.152:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.153:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.154:C:\RECYCLER\NPROTECT\00003780.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.16:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.20:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.21:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.38:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.39:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.42:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.43:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.44:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.45:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.57:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.58:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.59:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.63:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.66:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.67:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.68:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.74:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.75:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.76:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.77:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.80:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.81:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.83:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.84:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.85:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.86:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.87:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.88:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.89:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.94:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.99:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.100:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.101:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.102:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.103:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.105:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.120:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.134:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.135:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.137:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.140:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.151:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.152:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.153:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.154:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.155:C:\RECYCLER\NPROTECT\00003781.MOZ -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.16:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.19:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.20:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.21:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.38:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.39:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.42:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.43:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.44:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.45:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.46:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.54:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.55:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.56:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.57:C:\RECYCLER\NPROTECT\00003784.MOZ -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.58:C:

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:08 AM

Posted 08 September 2005 - 04:12 PM

I dont see anything at all here. Did ewido find any files other than cookies?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users