Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware/trojans, Namely "your Virus Protection Status Is Bad"


  • Please log in to reply
8 replies to this topic

#1 absolutgreene

absolutgreene

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 December 2005 - 05:22 PM

Logfile of HijackThis v1.99.1
Scan saved at 5:18:20 PM, on 12/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec

Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec

Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Common

Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\AIM95\aim.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ashley

Greene\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection

Wizard,ShellNext = http://www.dellnet.com/
R1 -

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

Settings,ProxyOverride = http://localhost
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {3CBFEA96-A38D-92AB-96C4-B9CC181044CC}

- C:\WINDOWS\system32\iepo32.dll
O2 - BHO: Class - {7BB18BD9-D478-E64C-3956-822906521F82}

- C:\WINDOWS\system32\sdkwp32.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar2.dll
O2 - BHO: Class - {DE0E656A-9C92-2131-BD69-4476F480E424}

- C:\WINDOWS\sysma.dll
O3 - Toolbar: &Google -

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar2.dll
O3 - Toolbar: &Radio -

{8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SynTPEnh] C:\Program

Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry]

C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common

Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common

Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program

Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [iphf.exe]

C:\WINDOWS\system32\iphf.exe
O4 - HKLM\..\Run: [wines.exe]

C:\WINDOWS\system32\wines.exe
O4 - HKLM\..\Run: [ntoj32.exe] C:\WINDOWS\ntoj32.exe
O4 - HKLM\..\Run: [ipbd.exe] C:\WINDOWS\ipbd.exe
O4 - HKLM\..\Run: [vptray]

C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program

Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe

-cnetwait.odl
O4 - Global Startup: Trend Micro Anti-Spyware.lnk =

C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search -

res://c:\program

files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word -

res://c:\program

files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links -

res://c:\program

files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -

res://c:\program

files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel

- res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: LimeShop Preferences -

file://C:\Program

Files\LimeShop\System\Temp\limeshop_script0.htm
O8 - Extra context menu item: Similar Pages -

res://c:\program

files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into

English - res://c:\program

files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research -

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM -

{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program

Files\AIM95\aim.exe
O9 - Extra button: Real.com -

{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -

C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .mp3: C:\Program Files\Internet

Explorer\PLUGINS\npqtplugin3.dll
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED}

(Support.com Installer) -

http://supportsoft.adelphia.net/sdccommon/download/tgctl

ins.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}

(WUWebControl Class) -

http://update.microsoft.com/windowsupdate/v6/V5Controls/

en/x86/client/wuweb_site.cab?1121024397036
O20 - Winlogon Notify: NavLogon -

C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Adobe LM Service - Unknown owner -

C:\Program Files\Common Files\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner -

C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) -

Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) -

Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) -

Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher

(DefWatch) - Symantec Corporation - C:\Program

Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark

International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program

Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service

(SNDSrvc) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation

- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TrueVector Internet Monitor (vsmon) -

Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service

(WANMiniportService) - America Online, Inc. -

C:\WINDOWS\wanmpsvc.exe

BC AdBot (Login to Remove)

 


#2 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 December 2005 - 05:27 PM

Download the trial version of Ewido Security Suite http://www.ewido.net/en/download/ (W2K/XP Only)
· Install ewido.
· During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
· Launch ewido
· It will prompt you to update click the OK button and it will go to the main screen
· On the left side of the main screen click update
· Click on Start and let it update.
· DO NOT run a scan yet. You will do that later in safe mode.

Restart your computer into safe mode now. Perform the following steps in safe mode:
(Start tapping F8 at the first black screen after power up)

Run Ewido:
· Click on scanner
· Click Complete System Scan and the scan will begin.
· During the scan it will prompt you to clean files, click OK
· When the scan is finished, look at the bottom of the screen and click the Save report button.
· Save the report to your C: Drive
This will take some time to run!
Boot to normal mode
Post that log and a new HiJack log – If the Ewido log is too large attach it.

==========

When you do the next log - In notepad - go to FORMAT and check wordwrap before copying the log to here
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#3 absolutgreene

absolutgreene
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 December 2005 - 11:16 PM

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 11:02:20 PM, 12/9/2005
+ Report-Checksum: C77F9251

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{00AF6BF7-1C8A-2F68-11A6-3DD4FD5A3DED} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{029DB004-6BCD-0E73-3AEA-F205B565F0F8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{031788DE-6282-F9CD-262A-AA22CDA2B068} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{04EDA6A5-3C09-E146-8F75-5684DDB4E2A7} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{06559367-A395-44B2-D6A0-0631D6323797} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{09248DC7-285D-A208-7675-8D1BAC7208C9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0ADEF183-C204-6BFB-2DA8-5C12061DE911} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{12094FCA-1EE9-6EE5-5B4B-4B1EDA5F575C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1486290A-90C1-388F-ADC8-6BFAA6B057E8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1674BCBE-46DE-7BAB-FBFA-CA15D9FEB632} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1714A690-3BE3-3C63-D05D-B9E2E19A88A3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{18BDB348-E8B0-D5A4-55F2-74FD4CB49A69} -> Spyware.CoolWebSearch : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.224:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.226:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.250:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.251:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.252:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.272:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.281:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.362:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.363:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.397:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.418:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.427:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.432:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.433:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.445:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.446:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.447:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.448:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.449:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.471:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.478:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.481:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.482:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.483:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.484:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.485:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.486:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.491:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.498:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.500:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.515:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.516:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.517:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.518:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.519:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.527:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.553:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.554:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.555:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.558:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.559:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.568:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.569:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.580:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.599:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.601:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.604:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.605:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.610:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.611:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.612:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.613:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.614:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.615:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.616:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.617:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.618:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.619:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.649:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.654:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.663:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.710:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.720:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.721:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.735:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.71i : Cleaned with backup
:mozilla.736:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
:mozilla.747:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.754:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.787:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.788:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.789:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.790:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitslink : Cleaned with backup
:mozilla.799:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.815:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.827:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.834:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.835:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.836:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.849:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.857:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.869:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.911:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.920:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.924:C:\Documents and Settings\Ashley Greene\Application Data\Mozilla\Firefox\Profiles\cyf2ccfn.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\Ashley Greene\Local Settings\Temp\game_install.exe -> Spyware.PurityScan.p : Cleaned with backup
C:\ntdetect.hta -> Dropper.Inor.cj : Cleaned with backup
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Spyware.Wheaterbug : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/Sync.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/Uninst.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/Sync.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/Uninst.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/Save.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/SaveUninst.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/Save.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/SaveUninst.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/Weather.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/Uninst.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/Weather.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\GDivX Zenith Player\SaveInstWS.exe/Uninst.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP50\A0028820.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP50\A0028830.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP50\A0028851.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP51\A0028866.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP52\A0028899.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP52\A0028899.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP52\A0028912.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP52\A0028912.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP52\A0028931.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP53\A0028946.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP53\A0029930.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP53\A0029954.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP53\A0029971.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP53\A0029986.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP54\A0030004.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP54\A0030008.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP55\A0030031.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP55\A0030046.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP55\A0030059.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP56\A0030076.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP56\A0030088.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP56\A0030107.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP57\A0030121.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP57\A0030139.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP57\A0030152.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP57\A0030180.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP58\A0030194.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP58\A0030200.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP58\A0030219.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP58\A0030231.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP59\A0030246.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP59\A0031235.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP59\A0031251.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP59\A0031271.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP60\A0031282.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP60\A0031303.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP61\A0031313.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP61\A0031322.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP62\A0031335.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP62\A0031352.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP62\A0031379.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP63\A0031389.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP64\A0031673.INI:dkagj -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP64\A0031696.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP65\A0031829.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP65\A0031842.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP65\A0031865.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP65\A0032865.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP65\A0032881.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0032897.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0032930.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0032930.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0032944.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0032944.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0032989.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0032989.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0033004.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0033004.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0033022.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0033022.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0033039.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP66\A0033039.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP67\A0033051.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP67\A0033051.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP67\A0033063.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP67\A0033063.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP67\A0033080.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP67\A0033080.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP68\A0033099.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP68\A0033099.PIF:flbhp -> Downloader.Agent.bc : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP68\A0033123.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP69\A0033135.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP69\A0033153.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP69\A0033172.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP70\A0033198.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP70\A0033225.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP70\A0033243.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP70\A0034243.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP70\A0035243.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP70\A0035262.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP70\A0036262.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP70\A0037262.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP70\A0038261.PIF:agmpm -> Downloader.Agent.bq : Cleaned with backup
C:\System Volume Information\_restore{B37680

#4 absolutgreene

absolutgreene
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 December 2005 - 11:19 PM

Logfile of HijackThis v1.99.1
Scan saved at 11:02:55 PM, on 12/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Ashley Greene\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {3CBFEA96-A38D-92AB-96C4-B9CC181044CC} - C:\WINDOWS\system32\iepo32.dll
O2 - BHO: Class - {7BB18BD9-D478-E64C-3956-822906521F82} - C:\WINDOWS\system32\sdkwp32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Class - {DE0E656A-9C92-2131-BD69-4476F480E424} - C:\WINDOWS\sysma.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [iphf.exe] C:\WINDOWS\system32\iphf.exe
O4 - HKLM\..\Run: [wines.exe] C:\WINDOWS\system32\wines.exe
O4 - HKLM\..\Run: [ntoj32.exe] C:\WINDOWS\ntoj32.exe
O4 - HKLM\..\Run: [ipbd.exe] C:\WINDOWS\ipbd.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: LimeShop Preferences - file://C:\Program Files\LimeShop\System\Temp\limeshop_script0.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1121024397036
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

#5 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 10 December 2005 - 11:37 AM

Please post the next log from normal – not safe mode

Click on start, then control panel, and then double-click on add/remove programs. From within add/remove program uninstall the following if they exist by double-clicking on the following entries:

LimeShop or LimeWire – P2P programs are sources for infection

CWShredder
DL http://www.spywareinfo.com/~merijn/files/cwshredder.zip
Close all browser windows,UnZip the file, click on the cwshredder.exe then click "Fix"


Fix these with HJT – mark them, close IE, click fix checked

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost

R3 - Default URLSearchHook is missing

O2 - BHO: Class - {3CBFEA96-A38D-92AB-96C4-B9CC181044CC} - C:\WINDOWS\system32\iepo32.dll

O2 - BHO: Class - {7BB18BD9-D478-E64C-3956-822906521F82} - C:\WINDOWS\system32\sdkwp32.dll

O2 - BHO: Class - {DE0E656A-9C92-2131-BD69-4476F480E424} - C:\WINDOWS\sysma.dll

O4 - HKLM\..\Run: [iphf.exe] C:\WINDOWS\system32\iphf.exe

O4 - HKLM\..\Run: [wines.exe] C:\WINDOWS\system32\wines.exe

O4 - HKLM\..\Run: [ntoj32.exe] C:\WINDOWS\ntoj32.exe

O4 - HKLM\..\Run: [ipbd.exe] C:\WINDOWS\ipbd.exe

O8 - Extra context menu item: LimeShop Preferences - file://C:\Program Files\LimeShop\System\Temp\limeshop_script0.htm

DL http://www.downloads.subratam.org/KillBox.zip

Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

C:\WINDOWS\system32\iepo32.dll
C:\WINDOWS\system32\sdkwp32.dll
C:\WINDOWS\sysma.dll
C:\WINDOWS\system32\iphf.exe
C:\WINDOWS\system32\wines.exe
C:\WINDOWS\ntoj32.exe
C:\WINDOWS\ipbd.exe

Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

Now paste these folders in and then make sure Deltree is checked before hitting the red x

C:\Program Files\LimeShop

START – RUN – type in %temp% OK - Edit – Select all – File – Delete
Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp
Empty the recycle bin
Boot and post a new log from normal NOT safe mode

Please give feedback on what worked/didn’t work and the current status of your system
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#6 absolutgreene

absolutgreene
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 10 December 2005 - 03:19 PM

Logfile of HijackThis v1.99.1
Scan saved at 3:08:47 PM, on 12/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec

Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec

Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Common

Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\AIM95\aim.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Ashley

Greene\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection

Wizard,ShellNext = http://www.dellnet.com/
O2 - BHO: AcroIEHlprObj Class -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar2.dll
O3 - Toolbar: &Google -

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar2.dll
O3 - Toolbar: &Radio -

{8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SynTPEnh] C:\Program

Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry]

C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common

Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common

Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program

Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [vptray]

C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program

Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe

-cnetwait.odl
O4 - Global Startup: Trend Micro Anti-Spyware.lnk =

C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search -

res://c:\program

files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word -

res://c:\program

files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links -

res://c:\program

files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -

res://c:\program

files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel

- res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages -

res://c:\program

files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into

English - res://c:\program

files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research -

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM -

{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program

Files\AIM95\aim.exe
O9 - Extra button: Real.com -

{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -

C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .mp3: C:\Program Files\Internet

Explorer\PLUGINS\npqtplugin3.dll
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED}

(Support.com Installer) -

http://supportsoft.adelphia.net/sdccommon/download/tgctl

ins.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}

(WUWebControl Class) -

http://update.microsoft.com/windowsupdate/v6/V5Controls/

en/x86/client/wuweb_site.cab?1121024397036
O20 - Winlogon Notify: NavLogon -

C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Adobe LM Service - Unknown owner -

C:\Program Files\Common Files\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner -

C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) -

Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) -

Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) -

Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher

(DefWatch) - Symantec Corporation - C:\Program

Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido

networks - C:\Program Files\ewido\security

suite\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark

International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program

Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service

(SNDSrvc) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation

- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TrueVector Internet Monitor (vsmon) -

Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service

(WANMiniportService) - America Online, Inc. -

C:\WINDOWS\wanmpsvc.exe






i deleted all of the HJT files, but the killbox program said that it couldn't find any of the files, but i did delete the limeshop folder. i wasn't sure what deltree was? when i turn on my computer it says:
anti-spyware:
and unexpected problem was encountered
error #: 0x80004003

also, this may be unrelated but when i turn on my PC it says:
client mac addr: bunch of numbers
guid: bunch of numbers
then, DHCP:
and the only key it will let me press is esc
i'm not sure if that has anything to do with spyware or anything because a dell tech guy just installed a new mother board on my computer

thanks

#7 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 10 December 2005 - 03:25 PM

Please repost - in notepad go to Format and check word wrap

First do this

download http://www.mvps.org/winhelp2002/DelDomains.inf

Right click the DelDomains.inf file and click Install, making sure Internet Explorer is closed. You won't see anything happen. Give it a minute.

Note, if you use SpywareBlaster and/or IE/Spyads, it will be necessary to re-install the protection both afford. For SpywareBlaster, run the program and re-protect all items. For IE/Spyads, run the batch file and reinstall the protection.

Boot and then post the new log

Also add those bottom comments again
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#8 absolutgreene

absolutgreene
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 10 December 2005 - 04:21 PM

Logfile of HijackThis v1.99.1
Scan saved at 4:15:36 PM, on 12/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Documents and Settings\Ashley Greene\Desktop\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dellnet.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1121024397036
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe




i deleted all of the HJT files, but the killbox program said that it couldn't find any of the files, but i did delete the limeshop folder. i wasn't sure what deltree was? when i turn on my computer it says:
anti-spyware:
and unexpected problem was encountered
error #: 0x80004003

also, this may be unrelated but when i turn on my PC it says:
client mac addr: bunch of numbers
guid: bunch of numbers
then, DHCP:
and the only key it will let me press is esc
i'm not sure if that has anything to do with spyware or anything because a dell tech guy just installed a new mother board on my computer

thanks

#9 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 10 December 2005 - 05:13 PM

The second part is prolly the Bios set to boot in the wrong order

Hit F2 at the very begining of power up and change the boot sequence is CD - Hard Diks - Network last


The other is releated to this

O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe

Did you un-install Trend - If so Disable this entry in msconfig or

Look in C:\Documents and Settings\All Users\Start Menu for that entry and del it

Log looks good
"Nothing could be finer than to be in South Carolina ............"

Member ASAP




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users