Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zolob Downloader, Spyfalcon


  • This topic is locked This topic is locked
9 replies to this topic

#1 Xre

Xre

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:49 PM

Posted 22 March 2006 - 05:05 PM

Because I am unable to remove the Zolob (AKA Zlob, I'm told) downloader, any efforts in removing Spyfalcon (and probably other things downloaded by Zolob) are futile. How can I completely remove Zolob?


Log:
----------------------
Logfile of HijackThis v1.99.1
Scan saved at 4:59:59 PM, on 3/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
E:\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mssearchnet.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.net
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.net/
O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Windows Defender] "E:\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [SpyFalcon] C:\Program Files\SpyFalcon\SpyFalcon.exe /h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1142121626765
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab
O18 - Protocol: bw+0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

Edited by Xre, 22 March 2006 - 07:18 PM.


BC AdBot (Login to Remove)

 


m

#2 Xre

Xre
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:49 PM

Posted 22 March 2006 - 08:09 PM

msssearchnet.exe must go by many names? Zolob, Zlob, Puper...

#3 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:07:49 PM

Posted 23 March 2006 - 08:44 AM

Hello,

It's better to print out the next instructions or save them in notepad, because you also have to work in safe mode without networking support, so this page wouldn't be available then.
It is also important you don't miss a step and perform everything in the right order!!

* Download smitRem and save the file to your desktop.
Doubleclick it and choose install. This will create a new folder on your desktop with the name smitrem.

* Please download ewido security suite; it is a free version of the program.
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Launch ewido by double-clicking on the icon on your desktop.
  • The program will now open to the main screen.
  • When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  • The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates
Don't run it yet.

* Download Spyfalconfix from here:
http://www.martijnc.be/tools/sffix.exe
Download it to your desktop.
Doubleclick sffix.exe
Click the 'install' button.
This will create a new folder on your desktop called sffix.
Open that folder and click: Run.bat
This tool needs internet connection so it can download an additional file to let the tool work properly.
If your firewall gives an alert, allow it instead of blocking it.
Let the tool perform its job.

* Reboot into Safe Mode`: ( without networking support !)
°To get into the Safe mode as the computer is booting press and hold your "F8 Key". Use your arrow keys to move to "Safe Mode" and press your Enter key.

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following if still present:

O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
O4 - HKLM\..\Run: [SpyFalcon] C:\Program Files\SpyFalcon\SpyFalcon.exe /h


* Click on Fix Checked when finished and exit HijackThis.
Make sure your Internet Explorer is closed when you click Fix Checked!

* Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

* Clean your IE cookies and cache:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Click the "Delete Cookies" button
  • Next to it, Click the "Delete Files" button
  • When prompted, place a check in: "Delete all offline content", click OK
* Now open Ewido Security Suite
Click on scanner

* Click Complete System Scan and the scan will begin.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop

* Close Ewido

* Go to start > control panel > Display properties > Desktop > Customize Desktop... > Web tab > uncheck and delete everything you find in there. (except for "My current home page")

* Reboot back into Windows.

* Run Spyfalconfix once again afterwards (sffix.exe)

* Perform an onlinescan with panda: (please use this scanner instead of any other scanner!)
Panda Online
- Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
- When download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Post the contents of the Panda scan report in your next reply along with a new HijackThis Log, the contents of smitfiles.txt which is present on your Homedrive (C:\ in most cases)
and the Ewido Log by using Add Reply.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#4 Xre

Xre
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:49 PM

Posted 24 March 2006 - 03:55 PM

HijackThis:
------------------
Logfile of HijackThis v1.99.1
Scan saved at 3:47:42 PM, on 3/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
E:\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE
E:\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.net
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.net/
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [Windows Defender] "E:\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://download.mcafee.com/molbin/Shared/C...22/ComCtl32.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1142121626765
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O18 - Protocol: bw+0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F224CCAB-8CA3-45E3-B461-4DFB611FE18C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)


Yeah...I went over the character limit, so I'll have to double/triple post. :thumbsup:

Edited by Xre, 24 March 2006 - 03:57 PM.


#5 Xre

Xre
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:49 PM

Posted 24 March 2006 - 03:58 PM

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 6:11:43 AM, 3/24/2006
+ Report-Checksum: 2B7DF3A8

+ Scan result:

HKU\S-1-5-21-1547161642-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22} -> Adware.Generic : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Barbara\Application Data\Mozilla\Firefox\Profiles\ll23z3m6.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Kreig\Application Data\Mozilla\Firefox\Profiles\c3zh2231.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.224:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.241:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.243:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.244:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Clickbank : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.277:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.379:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.382:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.398:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.406:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.407:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.408:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.409:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.417:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.418:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.419:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.420:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.421:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.422:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.423:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.425:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.426:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.427:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.428:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.429:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.439:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.443:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.444:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.450:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.451:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.453:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.454:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Ne : Cleaned with backup
:mozilla.480:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.481:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.485:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.486:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.487:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.488:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.489:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.490:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.491:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.506:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.514:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.515:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.516:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.577:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.579:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.604:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.605:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.652:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.395:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.400:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.416:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.428:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.429:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.430:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.431:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.450:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.458:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.459:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.461:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.469:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.470:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.471:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.472:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Ne : Cleaned with backup
:mozilla.507:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.508:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.509:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.511:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.512:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.518:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.519:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.520:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.521:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.522:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.523:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.524:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.542:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned with backup
:mozilla.550:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.551:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup

Again with the character limits! Back to top'> Back to top

#6 Xre

Xre
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:49 PM

Posted 24 March 2006 - 04:04 PM

(ewido log continued)

:mozilla.552:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.568:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.619:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.630:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.631:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.632:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.633:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.653:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.654:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.687:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Directnetadvertising : Cleaned with backup
:mozilla.706:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\gdnUS2296.exe -> Downloader.Small.ayl : Cleaned with backup


::Report End

-------------------------------------------------------------
Panda log (Which formats itself so well </sarcasm>)
-------------------------------------------------------------

Incident Status Location

Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Kreig\Cookies\kreig@atwola[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\cookies.txt[]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\omp19v2n.default\Cache\0C4879FCd01[Process.exe]

--------
smitfiles
--------

smitRem © log file
version 2.8

by noahdfear


Microsoft Windows XP [Version 5.1.2600]
The current date is: Thu 03/23/2006
The current time is: 20:42:53.10

Running from
C:\Documents and Settings\Owner\Desktop\smitRem

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pre-run SharedTask Export

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright© 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!


checking for WinHound.com key


WinHound.com key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~

Security Toolbar


~~~ Shortcuts ~~~

Online Security Guide.url
Security Troubleshooting.url


~~~ Favorites ~~~

Antivirus Test Online.url


~~~ system32 folder ~~~

1024 dir
msvol.tlb
ld****.tmp
ncompat.tlb
nvctrl.exe
hp***.tmp
logfiles


~~~ Icons in System32 ~~~

ts.ico
ot.ico


~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 852 'explorer.exe'

Starting registry repairs

Registry repairs complete

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SharedTask Export after registry fix

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright© 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Deleting files

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Remaining Post-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~


~~~ Wininet.dll ~~~

CLEAN! :thumbsup:

Phew! :flowers:

#7 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:07:49 PM

Posted 24 March 2006 - 04:08 PM

Good job. :thumbsup:

Well, this Ewido log was mainly so huge because it also scanned cookies in firefox and deleted the bad ones.

Anyway, what panda shows are only cookies as well, so it's a good idea to clear your cookies in Firefox and clear the cache in Firefox:

1. Click Tools and select Options.
2. Click the Privacy Icon.
3. Click Clear across from the Cache option.
4. Click Clear cookies
5. Click Ok.
6. Exit and relaunch the browser.

Your hijackthislog looks clean again and it looks like the other tools did a great job as well. :flowers:

How are things running now?
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#8 Xre

Xre
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:49 PM

Posted 24 March 2006 - 04:48 PM

Much faster! :thumbsup:

I clean out my Firefox cookies about once a week, but I decided not to do it this week because I don't want to lose my shopping cart on a online store. I'm building a new comp, and there are a good 20+ items in the cart. I could just save the cookie, but I haven't had enough time to search for it with all this crud going on.

I was suprised...McAfee's virus scanner was able to remove zolob/zlob/puper. I got rid of Norton and took advantage of a 1-year free trial of McAfee through Comcast.

McAfee > Norton AntiVirus (IMO)

(Edit: Typo)

Edited by Xre, 24 March 2006 - 04:49 PM.


#9 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:07:49 PM

Posted 24 March 2006 - 05:06 PM

Glad to hear everything is ok again. :thumbsup:

To keep this clean in the future, I would suggest the following things:

Install Spywareblaster
SpywareBlaster doesn`t scan and clean for so-called spyware, but prevents it from being installed in the first place. It blocks the popular spyware ActiveX controls, and also prevents the installation of any of them via a webpage.

* Avoid illegal sites, because that's where most malware is present.
* Don't click on links inside popups.
* Don't click on links in spam messages claiming to offer anti-spyware software; because most of these so called removers ARE spyware.
* Download free software only from sites you know and trust. Because a lot of free software can bundle other software, including spyware.

Let your antispywarescanner(s) scan frequently and don't forget to update before.

And I do suggest you perform an online virusscan once in a while. (Housecall and/or Bitdefender). Because what one virusscanner can't find another one maybe can.
Also make sure that your virusscanner, the one that is installed on your system is always up to date!

Make sure your windows has the latest updates: http://windowsupdate.microsoft.com/

If you are having XP SP2, read here how to configure Security Features for Internet Explorer:
http://www.microsoft.com/technet/security/...xp/iesecxp.mspx

Also visit this Free Online Scanner for PC Health and Safety and Microsoft Security At Home for tips to Protect your Pc, Protect yourself and Protect your Family.

More info on how to prevent malware you can also find here (By Tony Klein)
and here: http://wiki.castlecops.com/Malware_Prevent...nt_Re-infection

If you want to fight back the Malware Writers that have made your life a misery, please take a look here and read what you can do against it.

Happy surfing again! :flowers:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#10 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:07:49 PM

Posted 26 March 2006 - 05:28 AM

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users