Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack Log Lots Of Popups


  • This topic is locked This topic is locked
6 replies to this topic

#1 ambuyea

ambuyea

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:53 AM

Posted 15 April 2006 - 08:22 PM

so i ran adaware and etc and they found lots of stuff. but i still have popups...


log


Logfile of HijackThis v1.99.1
Scan saved at 9:17:13 PM, on 4/15/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\QWltZWUgQnV5ZWE\command.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UB-VPN\cvpnd.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\msput.exe
C:\Program Files\Network Monitor\netmon.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\NavNT\vptray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\windows\mousepad9.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AIM95\aim.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://education.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system32\wyffd.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,htlinhw.exe
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\NavNT\vptray.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard9.exe
O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad9.exe
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\SYSTEM32\mwinrrag.exe CORN001
O4 - HKLM\..\Run: [webHancer Survey Companion] C:\Program Files\webHancer\Programs\whsurvey.exe
O4 - HKLM\..\Run: [newname] C:\windows\newname9.exe
O4 - HKLM\..\Run: [w003db4e.dll] RUNDLL32.EXE w003db4e.dll,I2 0001079e0003db4e
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - Startup: Zeno.lnk = C:\WINDOWS\SYSTEM32\mwinrrag.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: University at Buffalo VPN Client.lnk = C:\Program Files\UB-VPN\vpngui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pl: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} - http://www.autodesk.com/global/expressview...ViewerSetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6C191AC-C2AA-44A6-8EC9-F556AE203D6E}: NameServer = 128.205.1.2 128.205.106.1
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\h4l2le3o1h.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QWltZWUgQnV5ZWE\command.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\UB-VPN\cvpnd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Microsoft Startup Manager. (Microsoft Startup Manager) - Unknown owner - C:\WINDOWS\msput.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

BC AdBot (Login to Remove)

 


#2 Rawe

Rawe

  • Members
  • 2,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:53 PM

Posted 16 April 2006 - 04:53 AM

Hello and welcome.. Lets get started. :thumbsup:

==

Please download Look2Me-Destroyer to your desktop.

Disconnect your PC from Internet; pull your plug out if necessary.
  • Double-click Look2Me-Destroyer.exe to run it.
  • Put a check next to Run this program as a task.
  • You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 1 minute. Click OK
  • When Look2Me-Destroyer re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.
  • Once it's done scanning, click the Remove L2M button.
  • You will receive a Done Scanning message, click OK.
  • When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.
  • Your computer will then shutdown.
  • Turn your computer back on.
  • Re-connect back to the internet.
  • Please post the contents of C:\Look2Me-Destroyer.txt and a fresh HiJackThis log. :flowers:
If Look2Me-Destroyer does not reopen automatically, reboot and try again.
Hi there, stranger!

#3 ambuyea

ambuyea
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:53 AM

Posted 16 April 2006 - 02:10 PM

thanks for the hlep here are the new logs



Look2Me-Destroyer V1.0.12

Scanning for infected files.....
Scan started at 4/16/2006 3:01:03 PM

Infected! C:\WINDOWS\system32\p46s0ej7eho.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080632.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080641.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080656.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080671.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080682.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080698.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080715.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080731.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080749.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080752.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP937\A0080772.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP937\A0080790.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080830.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080847.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080850.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080865.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080873.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0080896.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0080926.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0080939.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0081953.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082228.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082254.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082270.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082308.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082356.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082363.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082376.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082379.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082395.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP942\A0084406.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP942\A0084409.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0085423.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0085436.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0086789.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0086804.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086931.dll
Infected! C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086945.dll
Infected! C:\WINDOWS\SYSTEM32\beowser.dll
Infected! C:\WINDOWS\SYSTEM32\f42m0ef1eh2.dll
Infected! C:\WINDOWS\SYSTEM32\f8j20i1oe8.dll
Infected! C:\WINDOWS\SYSTEM32\i060lajm1doa.dll
Infected! C:\WINDOWS\SYSTEM32\ibakeng.dll
Infected! C:\WINDOWS\SYSTEM32\ioput.dll
Infected! C:\WINDOWS\SYSTEM32\jtnm0751e.dll
Infected! C:\WINDOWS\SYSTEM32\kauser.dll
Infected! C:\WINDOWS\SYSTEM32\l88m0il1e8q.dll
Infected! C:\WINDOWS\SYSTEM32\mv28l9fu1.dll
Infected! C:\WINDOWS\SYSTEM32\mvj2l91o1.dll
Infected! C:\WINDOWS\SYSTEM32\mzjetoledb40.dll
Infected! C:\WINDOWS\SYSTEM32\p46s0ej7eho.dll
Infected! C:\WINDOWS\SYSTEM32\pmcrt.dll

Attempting to delete infected files...

Attempting to delete: C:\WINDOWS\system32\p46s0ej7eho.dll
C:\WINDOWS\system32\p46s0ej7eho.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080632.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080632.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080641.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080641.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080656.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080656.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080671.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080671.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080682.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080682.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080698.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080698.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080715.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080715.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080731.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080731.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080749.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080749.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080752.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080752.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP937\A0080772.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP937\A0080772.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP937\A0080790.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP937\A0080790.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080830.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080830.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080847.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080847.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080850.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080850.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080865.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080865.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080873.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080873.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0080896.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0080896.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0080926.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0080926.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0080939.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0080939.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0081953.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP939\A0081953.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082228.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082228.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082254.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082254.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082270.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082270.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082308.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082308.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082356.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082356.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082363.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082363.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082376.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082376.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082379.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082379.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082395.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082395.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP942\A0084406.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP942\A0084406.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP942\A0084409.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP942\A0084409.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0085423.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0085423.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0085436.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0085436.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0086789.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0086789.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0086804.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0086804.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086931.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086931.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086945.dll
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086945.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\beowser.dll
C:\WINDOWS\SYSTEM32\beowser.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\f42m0ef1eh2.dll
C:\WINDOWS\SYSTEM32\f42m0ef1eh2.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\f8j20i1oe8.dll
C:\WINDOWS\SYSTEM32\f8j20i1oe8.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\i060lajm1doa.dll
C:\WINDOWS\SYSTEM32\i060lajm1doa.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\ibakeng.dll
C:\WINDOWS\SYSTEM32\ibakeng.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\ioput.dll
C:\WINDOWS\SYSTEM32\ioput.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\jtnm0751e.dll
C:\WINDOWS\SYSTEM32\jtnm0751e.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\kauser.dll
C:\WINDOWS\SYSTEM32\kauser.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\l88m0il1e8q.dll
C:\WINDOWS\SYSTEM32\l88m0il1e8q.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\mv28l9fu1.dll
C:\WINDOWS\SYSTEM32\mv28l9fu1.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\mvj2l91o1.dll
C:\WINDOWS\SYSTEM32\mvj2l91o1.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\mzjetoledb40.dll
C:\WINDOWS\SYSTEM32\mzjetoledb40.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\p46s0ej7eho.dll
C:\WINDOWS\SYSTEM32\p46s0ej7eho.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\pmcrt.dll
C:\WINDOWS\SYSTEM32\pmcrt.dll Deleted successfully!

Making registry repairs.

Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Telephony

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{D440BEEB-3502-4B39-9861-F300F52B5CCA}"
HKCR\Clsid\{D440BEEB-3502-4B39-9861-F300F52B5CCA}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{F8B2AA7C-22B2-42A1-A6E8-C72B62769B25}"
HKCR\Clsid\{F8B2AA7C-22B2-42A1-A6E8-C72B62769B25}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{9B4CA13B-B07D-423D-A457-CA632D399EB2}"
HKCR\Clsid\{9B4CA13B-B07D-423D-A457-CA632D399EB2}

Restoring Windows certificates.

Replaced hosts file with default windows hosts file


Restoring SeDebugPrivilege for Administrators - Succeeded





Logfile of HijackThis v1.99.1
Scan saved at 3:07:10 PM, on 4/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\QWltZWUgQnV5ZWE\command.exe
C:\Program Files\UB-VPN\cvpnd.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\msput.exe
C:\Program Files\Network Monitor\netmon.exe
C:\Program Files\NavNT\rtvscan.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\NavNT\vptray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\windows\mousepad9.exe
C:\WINDOWS\SYSTEM32\mwinrrag.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AIM95\aim.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\uWDF.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://education.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system32\wyffd.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,htlinhw.exe
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\NavNT\vptray.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard9.exe
O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad9.exe
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\SYSTEM32\mwinrrag.exe CORN001
O4 - HKLM\..\Run: [webHancer Survey Companion] C:\Program Files\webHancer\Programs\whsurvey.exe
O4 - HKLM\..\Run: [newname] C:\windows\newname9.exe
O4 - HKLM\..\Run: [w003db4e.dll] RUNDLL32.EXE w003db4e.dll,I2 0001079e0003db4e
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - Startup: Zeno.lnk = C:\WINDOWS\SYSTEM32\mwinrrag.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: University at Buffalo VPN Client.lnk = C:\Program Files\UB-VPN\vpngui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pl: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} - http://www.autodesk.com/global/expressview...ViewerSetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6C191AC-C2AA-44A6-8EC9-F556AE203D6E}: NameServer = 128.205.1.2 128.205.106.1
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QWltZWUgQnV5ZWE\command.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\UB-VPN\cvpnd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Microsoft Startup Manager. (Microsoft Startup Manager) - Unknown owner - C:\WINDOWS\msput.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe

#4 Rawe

Rawe

  • Members
  • 2,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:53 PM

Posted 16 April 2006 - 03:07 PM

Hello again.. Well, you have several infections there, so I need you to be patient and do the steps.

Please stick to it and we'll get it :thumbsup: Go ahead and remove Look2Me-Destroyer if you want.

==

Please print these instructions out, or write them down, as you can't read them during the fix.

1. Please download the trial version of Ewido Anti-malware here:
http://www.ewido.net/en/download/

Please read Ewido Setup Instructions
Install it, and update the definitions to the newest files. Do NOT run a scan yet.

==

2. Please download Brute Force Uninstaller to your desktop.
  • Right-click the BFU folder on your desktop, and choose Extract All
  • Click "Next"
  • In the box to choose where to extract the files to,
  • Click "Browse"
  • Click on the + sign next to "My Computer"
  • Click on "Local Disk (C:) or whatever your primary drive is
  • Click "Make New Folder"
  • Type in BFU
  • Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
3. RIGHT-CLICK HERE and choose "Save As" (in IE it's "Save Target As") in order to download Alcra PLUS Remover.
Save it in the same folder you made earlier (c:\BFU).

==

4. Please download delcmdservice (by Marckie), and save it to your Desktop.
  • Unzip the content to your Desktop (a folder named delcmdservice).
Do not do anything with these yet!

==

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


==

5. Once in Safe Mode, Run Ewido:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close Ewido anti-malware.

==

6. Run delcmdservice:
  • Double-click on the delcmdservice folder on your desktop.
  • Double-click on delreg.bat to launch the tool.
  • When the tool has finished, close it (do NOT reboot!).
==

7. Then, please go to Start > My Computer and navigate to the C:\BFU folder.
  • Start the Brute Force Uninstaller by double-clicking BFU.exe
  • In the Scriptline to execute field type or paste c:\bfu\alcanshorty.bfu
  • Press Execute and let it do itís job. (You ought to see a progress bar if you did this correctly.)
  • Wait for the Complete script execution box to pop up and hit OK.
  • Press Exit to terminate the BFU program.
Reboot into normal Windows and post the contents of Ewido log that you saved along with a fresh HiJackThis log. :flowers:

Edited by Rawe, 16 April 2006 - 03:08 PM.

Hi there, stranger!

#5 ambuyea

ambuyea
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:53 AM

Posted 16 April 2006 - 07:07 PM

i made it through!

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 7:57:07 PM, 4/16/2006
+ Report-Checksum: C15E21FC

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{6001CDF7-6F45-471b-A203-0225615E35A7} -> Adware.Generic : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup
HKU\.DEFAULT\Software\DNS -> Adware.Shorty : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6001CDF7-6F45-471B-A203-0225615E35A7} -> Adware.Generic : Cleaned with backup
HKU\.DEFAULT\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup
HKU\.DEFAULT\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup
HKU\S-1-5-21-1518271752-513734991-2062923646-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6001CDF7-6F45-471B-A203-0225615E35A7} -> Adware.Generic : Cleaned with backup
HKU\S-1-5-21-1518271752-513734991-2062923646-1006\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup
HKU\S-1-5-21-1518271752-513734991-2062923646-1006\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup
HKU\S-1-5-18\Software\DNS -> Adware.Shorty : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6001CDF7-6F45-471B-A203-0225615E35A7} -> Adware.Generic : Cleaned with backup
HKU\S-1-5-18\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup
HKU\S-1-5-18\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.143:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.276:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.277:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.278:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.283:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.284:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.287:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.295:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.306:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.307:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.312:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.313:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.314:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.319:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.320:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.325:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.358:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.359:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.360:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.361:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.370:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.372:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.417:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adorigin : Cleaned with backup
:mozilla.418:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adorigin : Cleaned with backup
:mozilla.419:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adorigin : Cleaned with backup
:mozilla.420:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adorigin : Cleaned with backup
:mozilla.421:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adorigin : Cleaned with backup
:mozilla.422:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adorigin : Cleaned with backup
:mozilla.429:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.436:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Euniverseads : Cleaned with backup
:mozilla.437:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Euniverseads : Cleaned with backup
:mozilla.440:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.449:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.479:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.482:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.492:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.500:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.502:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.511:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.515:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.517:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.518:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.575:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.576:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.577:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.578:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.579:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.580:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.582:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.583:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.584:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.585:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.586:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.587:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.697:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.748:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Clickagents : Cleaned with backup
:mozilla.773:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.814:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.832:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.837:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.838:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.846:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.847:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.853:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.860:C:\Documents and Settings\Aimee Buyea\Application Data\Mozilla\Firefox\Profiles\u7zub19d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@data3.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@h.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@kmpads[1].txt -> TrackingCookie.Kmpads : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Cookies\aimee buyea@www.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Cookies\aimee buyea@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\Temporary Internet Files\Content.IE5\GPYZC9YB\rcverlib[1].exe -> Downloader.Qoologic.ax : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temp\tp7543.exe -> Downloader.Qoologic.ax : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temporary Internet Files\Content.IE5\HEJHTM0A\rcverlib[1].exe -> Downloader.Qoologic.ax : Cleaned with backup
C:\Documents and Settings\Aimee Buyea\Local Settings\Temporary Internet Files\Content.IE5\SHMVGLUN\AppWrap[1].exe -> Adware.Zestyfind : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\JC4H82PX\krw1dn[1].exe -> Downloader.Agent.afi : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\JC4H82PX\mousepad1[1].exe -> Hijacker.VB.li : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\JC4H82PX\NNSCAA638[1].EXE -> Adware.NewDotNet : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\JC4H82PX\visfx500[1].exe -> Dropper.Agent.aie : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OPQRJ2CD\drdata[1].avi -> Dropper.Agent.aac : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OPQRJ2CD\stubNsbg[1].exe -> Adware.Maxifiles : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OPQRJ2CD\ZICORN001[1].exe -> Adware.ZenoSearch : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\WHYEQW8E\Installer[2].exe -> Adware.Look2Me : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z30NFE70\drdata[1].avi -> Dropper.Agent.aac : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z30NFE70\MTE3NDI6ODoxNg[1].exe -> Downloader.Small.buy : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z30NFE70\stub_113_4_0_4_0[1].exe -> Downloader.TSUpdate.o : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z30NFE70\WHCC2[1].exe/whAgent.exe -> Adware.WebHancer : Cleaned with backup
C:\krw1dn.exe -> Downloader.Agent.afi : Cleaned with backup
C:\mousepad1.exe -> Hijacker.VB.li : Cleaned with backup
C:\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Cleaned with backup
C:\NNSCAA638.EXE -> Adware.NewDotNet : Cleaned with backup
C:\Program Files\Common Files\InetGet\mc-110-12-0000325.exe -> Dropper.Agent.aac : Cleaned with backup
C:\Program Files\Common Files\InetGet\mc-1645.exe -> Dropper.Agent.aac : Cleaned with backup
C:\Program Files\Common Files\VCClient\SS1001.exe -> Dropper.Small.qn : Cleaned with backup
C:\Program Files\Common Files\Windows\mc-110-12-0000325.exe -> Dropper.Agent.aac : Cleaned with backup
C:\Program Files\Common Files\Windows\mc-1645.exe -> Dropper.Agent.aac : Cleaned with backup
C:\Program Files\Common Files\Windows\services32.exe -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\Network Monitor\netmon.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Cleaned with backup
C:\RECYCLER\S-1-5-21-1518271752-513734991-2062923646-1006\Dc3\newdotnet7_22.dll -> Adware.NewDotNet : Cleaned with backup
C:\RECYCLER\S-1-5-21-1518271752-513734991-2062923646-1006\Dc6\Programs\whagent.exe -> Adware.WebHancer : Cleaned with backup
C:\RECYCLER\S-1-5-21-1518271752-513734991-2062923646-1006\Dc6\Programs\whiehlpr.dll -> Adware.WebHancer : Cleaned with backup
C:\RECYCLER\S-1-5-21-1518271752-513734991-2062923646-1006\Dc6\Programs\whsurvey.exe -> Adware.WebHancer : Cleaned with backup
C:\stub_113_4_0_4_0.exe -> Downloader.TSUpdate.o : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP927\A0079057.dll -> Adware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP927\A0079091.exe -> Downloader.VB.ya : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP929\A0080315.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP929\A0080316.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP929\A0080319.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080360.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080361.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080364.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080381.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080383.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080386.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080406.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080407.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080410.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080428.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080429.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080432.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP930\A0080435.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP933\A0080485.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP933\A0080487.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP933\A0080490.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP933\A0080498.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP933\A0080502.exe -> Adware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP933\A0080503.exe -> Adware.NewDotNet : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP934\A0080506.srg -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP934\A0080507.dll -> Adware.WebHancer : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP934\A0080531.exe -> Dropper.Small.qn : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP934\snapshot\MFEX-1.DAT -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080556.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080558.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080561.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080563.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080587.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080590.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080593.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080597.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080616.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080676.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP935\A0080678.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080700.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080703.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP936\A0080705.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP938\A0080806.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082243.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082271.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082272.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082274.dll -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082275.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082280.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082281.srg -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP940\A0082286.exe -> Adware.BargainBuddy : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082298.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082299.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082326.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082327.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082334.exe -> Downloader.PurityScan.au : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082335.exe -> Dropper.VB.kk : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP941\A0082394.DLL -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP943\A0086451.dll -> Adware.WurldMedia : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086953.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086954.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086955.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086956.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086957.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086958.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086959.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086960.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086961.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086962.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086963.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086964.dll -> Adware.Look2Me : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP944\A0086965.dll -> Adware.Look2Me : Cleaned with backup
C:\visfx500.exe -> Dropper.Agent.aie : Cleaned with backup
C:\WHCC2.exe/whAgent.exe -> Adware.WebHancer : Cleaned with backup
C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned with backup
C:\WINDOWS\iconu.exe -> Adware.Zestyfind : Cleaned with backup
C:\WINDOWS\Installer.exe -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup
C:\WINDOWS\QWltZWUgQnV5ZWE\asappsrv.dll -> Adware.CommAd : Cleaned with backup
C:\WINDOWS\QWltZWUgQnV5ZWE\command.exe -> Adware.CommAd : Cleaned with backup
C:\WINDOWS\SYSTEM32\dwdsregt.exe -> Adware.ZenoSearch : Cleaned with backup
C:\WINDOWS\SYSTEM32\JSEGLIB.DLL -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\SYSTEM32\NESU2T.DLL -> Adware.Look2Me : Cleaned with backup
C:\

Edited by ambuyea, 16 April 2006 - 07:09 PM.


#6 Rawe

Rawe

  • Members
  • 2,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:53 PM

Posted 17 April 2006 - 03:29 AM

Awesome! :thumbsup:

Your Ewido log got cut off, could you paste the rest of it and then post a fresh HijackThis log Posted Image

I have a feeling we cleaned up the most of the crap with those steps.
Hi there, stranger!

#7 Rawe

Rawe

  • Members
  • 2,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:53 PM

Posted 24 April 2006 - 02:47 AM

Due to lack of feedback, this thread has been closed. If you're the original poster and need this Topic reopened, please PM a Staff member with the address of this thread.
Hi there, stranger!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users