Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected W/ Uuzvke.exe, Adw_se.3703, Tkbellexe


  • This topic is locked This topic is locked
14 replies to this topic

#1 sbruce

sbruce

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 08 June 2006 - 04:17 PM

HIJACK log follows

While on a break from my computer, my keyboard stopped working ( mouse fine)--wireless. Tried other wireless, and even a corded keyboard, nothing works. Ran a lot of spyware programs as advised by BleepingComputer consultant, (ewido, housecall, etc.) and normally running Norton and Adaware. He suspected a virus and finally to post here.

In Ewido and housecall I can't delete these 3 files but not sure if these are the real probs since think they predate keyboard issue.

1. adw_se.3703 - didn't know about this one prior to this

2. c:\windows\system32\uuzvke.exe (but this predates the keyboard problem)
I get this message on startup of my computer, even before keyboard problem
(got rid of it once, it's back and don't remember how to get rid of it) --
it sometimes keeps me from booting up properly:

In Ewido, when I go to analysis, start up and try to delete uuzvke.exe it can't be deleted--i press delete, it goes away for a second then pops right back in. also

3. tkbellexe that, like uuzvke.exe, doesn't want to get deleted.

Here are a 2 related/unrelated issues--
1. After doing some of the stuff logitech suggested, I know also get this
message:
0xc0000033 failed to intitalize properly (i click ok and it goes away, sometimes
pops up again, but then I haven't been using my own computer much lately)

2. Last message on startup:
"the OS or another process currently has exclusive access to this drive or some of its files. Norton Disk Doctor cannot continue with a repair." (also predates keyboard problem.

HIJACK log follows
Logfile of HijackThis v1.99.1
Scan saved at 5:13:39 PM, on 6/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\3M\PSN2Lite\Psn2Lite.exe
C:\WINDOWS\system32\OSK.exe
C:\PROGRA~1\3M\PSN2Lite\PSNGive.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Susan Bruce\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netscape.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_0/home.html"); (C:\Documents and Settings\Susan Bruce\Application Data\Mozilla\Profiles\default\tuois4qs.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_06.src"); (C:\Documents and Settings\Susan Bruce\Application Data\Mozilla\Profiles\default\tuois4qs.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDTServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunOnce: [uuzvke.exe] C:\WINDOWS\System32\uuzvke.exe /k
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe"
O4 - Startup: Norton Disk Doctor.lnk = C:\Program Files\Norton SystemWorks\Norton Utilities\NDD32.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Post-itŪ Software Notes Lite.lnk = C:\Program Files\3M\PSN2Lite\Psn2Lite.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Aim\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.3.3.27/aces...s-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.3.4.49/back...n-ob-assets.cab
O16 - DPF: Canasta by pogo - http://canasta.pogo.com/applet-6.0.0.25/ca...a-ob-assets.cab
O16 - DPF: Checkers by pogo - http://checkers.pogo.com/applet/checkers2/...s-ob-assets.cab
O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.3.4.49/domi...o-ob-assets.cab
O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.3.0.46/euch...e-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://game3.pogo.com/applet-6.0.4.37/soli...2-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.3.4.49/gin/gin-ob-assets.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.3.4.49/lott...o-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://mahjong.pogo.com/applet/mahjong/mahjong-ob-assets.cab
O16 - DPF: NASCAR Web Racing by pogo - http://nascar.pogo.com/applet-5.9.1.18/nas...r-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-5.9.2.31...l-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.3.3.27/flin...r-ob-assets.cab
O16 - DPF: Pinochle by pogo - http://game4.pogo.com/applet-6.0.4.31/pino...e-ob-assets.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.1.5.21/popp...2-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://poppit.pogo.com/applet-5.9.3.38/pop...t-ob-assets.cab
O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.4.1.46/squa...s-ob-assets.cab
O16 - DPF: RaptisoftGameLoader - http://miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: Ricochet by pogo - http://game3.pogo.com/applet-5.9.0.18/rico...t-ob-assets.cab
O16 - DPF: Spades by pogo - http://spades.pogo.com/applet-6.0.0.32/spa...s-ob-assets.cab
O16 - DPF: Spider Solitaire by pogo - http://game4.pogo.com/applet-6.0.4.31/spid...r-ob-assets.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.3.3.38/stax...x-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://sweettooth.pogo.com/applet-6.0.4.31...h-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game4.pogo.com/applet-6.0.4.31/hold...m-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.3.3.27/peak...s-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.3.3.27/turb...1-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://vpoker.pogo.com/applet-6.0.3.28/vid...r-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.3.3.27/word...2-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.3.3.27/whac...n-ob-assets.cab
O16 - DPF: WordJong by pogo - http://game5.pogo.com/applet-6.0.4.31/word...g-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo.com/applet/worldclass...s-ob-assets.cab
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at0_x.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
O16 - DPF: Yahoo! Euchre - http://download.games.yahoo.com/games/clients/y/et0_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt1_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt0_x.cab
O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/wt0_x.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/7d90ae0...all/xscan53.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://playweb02.pogo.com/game/deluxe/insa...aploader_v6.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://studentdocs.andover.edu/htcomnet/XUpload.ocx
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

BC AdBot (Login to Remove)

 


#2 sbruce

sbruce
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 08 June 2006 - 05:22 PM

posting new log--reran hijack from correct drive not desktop.

Logfile of HijackThis v1.99.1
Scan saved at 6:17:42 PM, on 6/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\3M\PSN2Lite\Psn2Lite.exe
C:\WINDOWS\system32\OSK.exe
C:\PROGRA~1\3M\PSN2Lite\PSNGive.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Susan Bruce\Desktop\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\hijack new\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netscape.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_0/home.html"); (C:\Documents and Settings\Susan Bruce\Application Data\Mozilla\Profiles\default\tuois4qs.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_06.src"); (C:\Documents and Settings\Susan Bruce\Application Data\Mozilla\Profiles\default\tuois4qs.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDTServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunOnce: [uuzvke.exe] C:\WINDOWS\System32\uuzvke.exe /k
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe"
O4 - Startup: Norton Disk Doctor.lnk = C:\Program Files\Norton SystemWorks\Norton Utilities\NDD32.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Post-itŪ Software Notes Lite.lnk = C:\Program Files\3M\PSN2Lite\Psn2Lite.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Aim\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.3.3.27/aces...s-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.3.4.49/back...n-ob-assets.cab
O16 - DPF: Canasta by pogo - http://canasta.pogo.com/applet-6.0.0.25/ca...a-ob-assets.cab
O16 - DPF: Checkers by pogo - http://checkers.pogo.com/applet/checkers2/...s-ob-assets.cab
O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.3.4.49/domi...o-ob-assets.cab
O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.3.0.46/euch...e-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://game3.pogo.com/applet-6.0.4.37/soli...2-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.3.4.49/gin/gin-ob-assets.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.3.4.49/lott...o-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://mahjong.pogo.com/applet/mahjong/mahjong-ob-assets.cab
O16 - DPF: NASCAR Web Racing by pogo - http://nascar.pogo.com/applet-5.9.1.18/nas...r-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-5.9.2.31...l-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.3.3.27/flin...r-ob-assets.cab
O16 - DPF: Pinochle by pogo - http://game4.pogo.com/applet-6.0.4.31/pino...e-ob-assets.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.1.5.21/popp...2-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://poppit.pogo.com/applet-5.9.3.38/pop...t-ob-assets.cab
O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.4.1.46/squa...s-ob-assets.cab
O16 - DPF: RaptisoftGameLoader - http://miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: Ricochet by pogo - http://game3.pogo.com/applet-5.9.0.18/rico...t-ob-assets.cab
O16 - DPF: Spades by pogo - http://spades.pogo.com/applet-6.0.0.32/spa...s-ob-assets.cab
O16 - DPF: Spider Solitaire by pogo - http://game4.pogo.com/applet-6.0.4.31/spid...r-ob-assets.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.3.3.38/stax...x-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://sweettooth.pogo.com/applet-6.0.4.31...h-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game4.pogo.com/applet-6.0.4.31/hold...m-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.3.3.27/peak...s-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.3.3.27/turb...1-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://vpoker.pogo.com/applet-6.0.3.28/vid...r-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.3.3.27/word...2-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.3.3.27/whac...n-ob-assets.cab
O16 - DPF: WordJong by pogo - http://game5.pogo.com/applet-6.0.4.31/word...g-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo.com/applet/worldclass...s-ob-assets.cab
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at0_x.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
O16 - DPF: Yahoo! Euchre - http://download.games.yahoo.com/games/clients/y/et0_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt1_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt0_x.cab
O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/wt0_x.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/7d90ae0...all/xscan53.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://playweb02.pogo.com/game/deluxe/insa...aploader_v6.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://studentdocs.andover.edu/htcomnet/XUpload.ocx
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

#3 sbruce

sbruce
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 11 June 2006 - 01:58 AM

Logfile of HijackThis v1.99.1
Scan saved at 2:53:12 AM, on 6/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\3M\PSN2Lite\Psn2Lite.exe
C:\PROGRA~1\3M\PSN2Lite\PSNGive.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\SYSTEM32\osk.exe
C:\WINDOWS\SYSTEM32\MSSWCHX.EXE
C:\Program Files\Common Files\Logitech\WebColct\webcolct.exe
C:\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netscape.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_0/home.html"); (C:\Documents and Settings\Susan Bruce\Application Data\Mozilla\Profiles\default\tuois4qs.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_06.src"); (C:\Documents and Settings\Susan Bruce\Application Data\Mozilla\Profiles\default\tuois4qs.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDTServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\RunOnce: [uuzvke.exe] C:\WINDOWS\System32\uuzvke.exe /k
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe"
O4 - Startup: Norton Disk Doctor.lnk = C:\Program Files\Norton SystemWorks\Norton Utilities\NDD32.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Post-itŪ Software Notes Lite.lnk = C:\Program Files\3M\PSN2Lite\Psn2Lite.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Aim\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.3.3.27/aces...s-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.3.4.49/back...n-ob-assets.cab
O16 - DPF: Canasta by pogo - http://canasta.pogo.com/applet-6.0.0.25/ca...a-ob-assets.cab
O16 - DPF: Checkers by pogo - http://checkers.pogo.com/applet/checkers2/...s-ob-assets.cab
O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.3.4.49/domi...o-ob-assets.cab
O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.3.0.46/euch...e-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://game3.pogo.com/applet-6.0.4.37/soli...2-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.3.4.49/gin/gin-ob-assets.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.3.4.49/lott...o-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://mahjong.pogo.com/applet/mahjong/mahjong-ob-assets.cab
O16 - DPF: NASCAR Web Racing by pogo - http://nascar.pogo.com/applet-5.9.1.18/nas...r-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-5.9.2.31...l-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.3.3.27/flin...r-ob-assets.cab
O16 - DPF: Pinochle by pogo - http://game4.pogo.com/applet-6.0.4.31/pino...e-ob-assets.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.1.5.21/popp...2-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://poppit.pogo.com/applet-5.9.3.38/pop...t-ob-assets.cab
O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.4.1.46/squa...s-ob-assets.cab
O16 - DPF: RaptisoftGameLoader - http://miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: Ricochet by pogo - http://game3.pogo.com/applet-5.9.0.18/rico...t-ob-assets.cab
O16 - DPF: Spades by pogo - http://spades.pogo.com/applet-6.0.0.32/spa...s-ob-assets.cab
O16 - DPF: Spider Solitaire by pogo - http://game4.pogo.com/applet-6.0.4.31/spid...r-ob-assets.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.3.3.38/stax...x-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://sweettooth.pogo.com/applet-6.0.4.31...h-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game4.pogo.com/applet-6.0.4.31/hold...m-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.3.3.27/peak...s-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.3.3.27/turb...1-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://vpoker.pogo.com/applet-6.0.3.28/vid...r-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.3.3.27/word...2-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.3.3.27/whac...n-ob-assets.cab
O16 - DPF: WordJong by pogo - http://game5.pogo.com/applet-6.0.4.31/word...g-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo.com/applet/worldclass...s-ob-assets.cab
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at0_x.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
O16 - DPF: Yahoo! Euchre - http://download.games.yahoo.com/games/clients/y/et0_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt1_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt0_x.cab
O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/wt0_x.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/7d90ae0...all/xscan53.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://playweb02.pogo.com/game/deluxe/insa...aploader_v6.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://studentdocs.andover.edu/htcomnet/XUpload.ocx
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

#4 Bobbi Flekman

Bobbi Flekman

    The computer whisperer


  • Malware Response Team
  • 4,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 PM

Posted 12 June 2006 - 03:59 AM

Hi sbruce,

your log has not been answered because with added posts from yourself it looked like it was already answered.

Update Java:
  • Go to Start > Control Panel double-click on the Software icon > add/remove programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )

    It should have next icon next to it: Posted Image
    Select it and click Remove.
  • Then Download and install the newest version from here:http://www.java.com/en/download/manual.jsp
You might want to save this page on your favorites, so you can find it again when you return. You can also click on your name and click on "Find All Posts" to find your thread.

Run HijackThis, click on "Scan" and check the boxes next to all these items.

O4 - HKLM\..\RunOnce: [uuzvke.exe] C:\WINDOWS\System32\uuzvke.exe /k

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://playweb02.pogo.com/game/deluxe/insa...aploader_v6.cab


Then close all windows, and browsers, except HijackThis. Tell HijackThis to "Fix checked".

Restart your computer in Safe Mode. How do I Safe Boot my computer?

Show hidden files. How do I show hidden files?
At the end if the fix you can return the files to hidden status if you want.

Delete the following files in red (it could be that they are deleted already):

C:\WINDOWS\System32\uuzvke.exe
C:\WINDOWS\SYSTEM32\osk.exe
C:\WINDOWS\SYSTEM32\MSSWCHX.EXE

Restart your computer and post a new log in this thread.

Since I see traces of Fndwhatever, but not the lines connected to HijackThis with them I want you to go to Panda Anti Virus and scan your computer with that. When the scan concludes it gives you the possibility to save the log. Do that and post it here.
Posted Image

#5 sbruce

sbruce
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 12 June 2006 - 07:52 AM

Logfile of HijackThis v1.99.1
Scan saved at 8:25:23 AM, on 6/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\3M\PSN2Lite\Psn2Lite.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NDD32.EXE
C:\PROGRA~1\3M\PSN2Lite\PSNGive.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthis_sfx\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netscape.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_0/home.html"); (C:\Documents and Settings\Susan Bruce\Application Data\Mozilla\Profiles\default\tuois4qs.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_06.src"); (C:\Documents and Settings\Susan Bruce\Application Data\Mozilla\Profiles\default\tuois4qs.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasDTServ.exe
O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Sunbelt Software\CounterSpy Client\sunasServ.exe
O4 - HKLM\..\RunOnce: [uuzvke.exe] C:\WINDOWS\System32\uuzvke.exe /k
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe"
O4 - Startup: Norton Disk Doctor.lnk = C:\Program Files\Norton SystemWorks\Norton Utilities\NDD32.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Post-itŪ Software Notes Lite.lnk = C:\Program Files\3M\PSN2Lite\Psn2Lite.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\npjpi150_07.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\npjpi150_07.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Aim\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.3.3.27/aces...s-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.3.4.49/back...n-ob-assets.cab
O16 - DPF: Canasta by pogo - http://canasta.pogo.com/applet-6.0.0.25/ca...a-ob-assets.cab
O16 - DPF: Checkers by pogo - http://checkers.pogo.com/applet/checkers2/...s-ob-assets.cab
O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.3.4.49/domi...o-ob-assets.cab
O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.3.0.46/euch...e-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo - http://game3.pogo.com/applet-6.0.4.37/soli...2-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.3.4.49/gin/gin-ob-assets.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.3.4.49/lott...o-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://mahjong.pogo.com/applet/mahjong/mahjong-ob-assets.cab
O16 - DPF: NASCAR Web Racing by pogo - http://nascar.pogo.com/applet-5.9.1.18/nas...r-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-5.9.2.31...l-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.3.3.27/flin...r-ob-assets.cab
O16 - DPF: Pinochle by pogo - http://game4.pogo.com/applet-6.0.4.31/pino...e-ob-assets.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.1.5.21/popp...2-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://poppit.pogo.com/applet-5.9.3.38/pop...t-ob-assets.cab
O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.4.1.46/squa...s-ob-assets.cab
O16 - DPF: RaptisoftGameLoader - http://miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: Ricochet by pogo - http://game3.pogo.com/applet-5.9.0.18/rico...t-ob-assets.cab
O16 - DPF: Spades by pogo - http://spades.pogo.com/applet-6.0.0.32/spa...s-ob-assets.cab
O16 - DPF: Spider Solitaire by pogo - http://game4.pogo.com/applet-6.0.4.31/spid...r-ob-assets.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.3.3.38/stax...x-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://sweettooth.pogo.com/applet-6.0.4.31...h-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game4.pogo.com/applet-6.0.4.31/hold...m-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.3.3.27/peak...s-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.3.3.27/turb...1-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://vpoker.pogo.com/applet-6.0.3.28/vid...r-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.3.3.27/word...2-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.3.3.27/whac...n-ob-assets.cab
O16 - DPF: WordJong by pogo - http://game5.pogo.com/applet-6.0.4.31/word...g-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo.com/applet/worldclass...s-ob-assets.cab
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/games/clients/y/at0_x.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
O16 - DPF: Yahoo! Euchre - http://download.games.yahoo.com/games/clients/y/et0_x.cab
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt1_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt0_x.cab
O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/wt0_x.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/7d90ae0...all/xscan53.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://studentdocs.andover.edu/htcomnet/XUpload.ocx
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

#6 sbruce

sbruce
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 12 June 2006 - 08:03 AM

Here is some additional information since I did the steps you suggested above.
First, my onscreen keyboard is not working (I am sending this via another computer) -- all that comes up is the magnifier. I tried turning it off in the accessibilities utilities, rebooting, etc. Something must have gotten modified--so I don't have any type of keyboard

2. I cannot seem to download Panda. Can you send me the direct link so I can cut and paste in in IE. I normally use Netscape. It seems to get hung up on the download even when I do it through IE and try to navigate through the site.

3. I deleted the Java--didn't delete the Java Web file since it was different than you indicated--and reinstalled

4. I deleted 2 of the 3 files you indicated. uuzvke.exe wasn't on the list
However, on reboot, I get the same error message.
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

#7 sbruce

sbruce
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 12 June 2006 - 11:18 AM

Okay, after retrying Panda, it told me I needed to uninstall Norton System Works because it is incompatible with Panda. So I have done that and will now download Panda and run the scan. I will post that log as soon as I have it.

Do I now also need to run a new HJT scan and post a new log since my computer has changed?

It is a real challenge trying to do all this without any type of keyboard. I had to cut and past from other documents to fill in the Panda info screen. Quite funny when I am not pulling my hair out in frustration. I am kind of missing that onscreen keyboard, as much as I hated it previously.

thanks...
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

#8 sbruce

sbruce
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 12 June 2006 - 02:56 PM

Ok, I finally installed Panda (Titanium Antivirus 2006 and antispyware) and got it to run. That log follows in this message.
I had to uninstall Norton System Works in order to install Panda.
Panda found 1674 infected files, disinfected 68, and renamed 1666.

One disturbing thing--my inbox is empty. Those emails in subfolders weren't touched, but all the others in my current inbox were deleted (?). Where are they? I wonder if these 171 messages were part of the 1666 renamed files.

On start up of my computer I still get the can't find the System32\uuzvke.exe message, but it did boot the first time.

I still have no onscreen keyboard, or other keyboard

Should I dump my Norton for Panda? I am leaving Panda on (trial version) and Norton off for now. I feel like my problems are getting worse!! Help! Am I sinking? lol

Here is Panda log: I have to send it in two parts--it is too long. Maybe it will need more parts, sorry.



INBOX: susanbruce

Help Sign Out




















Panda Titanium 2006 Antivirus + Antispyware incident report

EVENT DATE
RESULTS ADDITIONAL INFORMATION
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
------
Adware detected: Adware/Adtomi 06/12/06 14:58:03
Eliminated Location: C:\WINDOWS\SYSTEM32\mirindaspk.exe
Adware detected: Adware/WurldMedia 06/12/06 14:59:12
Eliminated Location: C:\WINDOWS\SYSTEM32\winbpupd.exe
Scan completed 06/12/06 12:48:18
Scan: Pop-up menu
Scan completed 06/12/06 14:59:27
Scan: All hard disks
Scan started 06/12/06 12:48:17
Scan: Pop-up menu
Scan started 06/12/06 12:56:11
Scan: All hard disks
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:40
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2172_5fd4ee5c8_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:17
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:18
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:21
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program


Part 2 of Panda log

Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:55
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:55
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:55
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:55
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:57:53
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:25
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4582_53ef28a1d_[]
Spyware detected: Cookie/2o7 06/12/06 13:57:53
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/2o7 06/12/06 13:57:53
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/2o7 06/12/06 13:57:53
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/2o7 06/12/06 13:57:53
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/2o7 06/12/06 13:57:53
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:25
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4582_53ef28a1d_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:25
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4582_53ef28a1d_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:57:53
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:25
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4582_53ef28a1d_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:25
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4582_53ef28a1d_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:25
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4582_53ef28a1d_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:40
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2172_5fd4ee5c8_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:40
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2172_5fd4ee5c8_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:40
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2172_5fd4ee5c8_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:26
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4627_59bf88ca7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:26
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4627_59bf88ca7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:26
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4627_59bf88ca7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:26
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4627_59bf88ca7_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:26
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4627_59bf88ca7_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:55
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:55
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:09
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:08
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:08
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:08
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:08
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:08
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:08
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:08
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:08
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:59:08
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28213_582fbcf6f_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:32
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2040_5a7bcb54a_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:32
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2040_5a7bcb54a_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:32
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2040_5a7bcb54a_[]
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

#9 sbruce

sbruce
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 12 June 2006 - 03:02 PM

MORE PANDA LOG-
Spyware detected: Cookie/2o7 06/12/06 13:58:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\23256_5e691a2e0_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:32
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2040_5a7bcb54a_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:32
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2040_5a7bcb54a_[]
Spyware detected: Cookie/2o7 06/12/06 13:58:32
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2040_5a7bcb54a_[]
Spyware detected: Cookie/360i 06/12/06 13:58:47
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22286_5793ebbb6_[]
Spyware detected: Cookie/360i 06/12/06 13:58:07
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13662_54030b26f_[]
Spyware detected: Cookie/360i 06/12/06 13:58:07
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13662_54030b26f_[]
Spyware detected: Cookie/360i 06/12/06 13:59:38
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9454_504746d7c_[]
Spyware detected: Cookie/360i 06/12/06 13:59:35
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\8819_5816f8000_[]
Spyware detected: Cookie/360i 06/12/06 13:58:08
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13662_54030b26f_[]
Spyware detected: Cookie/360i 06/12/06 13:57:58
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12954_53f7072f2_[]
Spyware detected: Cookie/360i 06/12/06 13:57:58
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12954_53f7072f2_[]
Spyware detected: Cookie/360i 06/12/06 13:59:02
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\24151_5d1f3fd95_[]
Spyware detected: Cookie/360i 06/12/06 13:59:41
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9499_5fec1c483_[]
Spyware detected: Cookie/360i 06/12/06 13:59:38
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9454_504746d7c_[]
Spyware detected: Cookie/360i 06/12/06 13:59:38
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9454_504746d7c_[]
Spyware detected: Cookie/360i 06/12/06 13:58:44
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22225_55c72494d_[]
Spyware detected: Cookie/360i 06/12/06 13:58:05
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13616_5b519f75e_[]
Spyware detected: Cookie/360i 06/12/06 13:58:05
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13616_5b519f75e_[]
Spyware detected: Cookie/360i 06/12/06 13:58:44
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22225_55c72494d_[]
Spyware detected: Cookie/360i 06/12/06 13:58:05
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13616_5b519f75e_[]
Spyware detected: Cookie/360i 06/12/06 13:58:44
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22225_55c72494d_[]
Spyware detected: Cookie/360i 06/12/06 13:58:01
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13318_54c3011f4_[]
Spyware detected: Cookie/360i 06/12/06 13:58:01
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13318_54c3011f4_[]
Spyware detected: Cookie/360i 06/12/06 13:59:02
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\24151_5d1f3fd95_[]
Spyware detected: Cookie/360i 06/12/06 13:59:36
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9203_5f7f4b7f8_[]
Spyware detected: Cookie/360i 06/12/06 13:59:36
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9203_5f7f4b7f8_[]
Spyware detected: Cookie/360i 06/12/06 13:59:41
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9499_5fec1c483_[]
Spyware detected: Cookie/360i 06/12/06 13:59:02
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\24151_5d1f3fd95_[]
Spyware detected: Cookie/360i 06/12/06 13:58:01
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13318_54c3011f4_[]
Spyware detected: Cookie/360i 06/12/06 13:59:36
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9203_5f7f4b7f8_[]
Spyware detected: Cookie/360i 06/12/06 13:58:10
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13662_5c656b23a_[]
Spyware detected: Cookie/360i 06/12/06 13:58:10
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13662_5c656b23a_[]
Spyware detected: Cookie/360i 06/12/06 13:58:51
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22319_56d1ee3b6_[]
Spyware detected: Cookie/360i 06/12/06 13:58:51
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22319_56d1ee3b6_[]
Spyware detected: Cookie/360i 06/12/06 13:59:40
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9499_5fec1c483_[]
Spyware detected: Cookie/360i 06/12/06 13:57:58
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12954_53f7072f2_[]
Spyware detected: Cookie/360i 06/12/06 13:58:47
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22286_5793ebbb6_[]
Spyware detected: Cookie/360i 06/12/06 13:58:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\19117_5652a60ef_[]
Spyware detected: Cookie/360i 06/12/06 13:59:35
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\8819_5816f8000_[]
Spyware detected: Cookie/360i 06/12/06 13:58:03
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13583_54c4a4c5b_[]
Spyware detected: Cookie/360i 06/12/06 13:58:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\19117_5652a60ef_[]
Spyware detected: Cookie/360i 06/12/06 13:58:03
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13583_54c4a4c5b_[]
Spyware detected: Cookie/360i 06/12/06 13:58:03
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13583_54c4a4c5b_[]
Spyware detected: Cookie/360i 06/12/06 13:58:47
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22286_5793ebbb6_[]
Spyware detected: Cookie/360i 06/12/06 13:58:10
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\13662_5c656b23a_[]
Spyware detected: Cookie/360i 06/12/06 13:59:35
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\8819_5816f8000_[]
Spyware detected: Cookie/360i 06/12/06 13:57:55
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/360i 06/12/06 13:58:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\19117_5652a60ef_[]
Spyware detected: Cookie/360i 06/12/06 13:58:51
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22319_56d1ee3b6_[]
Spyware detected: Cookie/360i 06/12/06 13:59:42
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9860_5b37cec15_[]
Spyware detected: Cookie/360i 06/12/06 13:59:42
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9860_5b37cec15_[]
Spyware detected: Cookie/360i 06/12/06 13:59:42
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\9860_5b37cec15_[]
Spyware detected: Cookie/Adrevolver 06/12/06 13:59:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/Adrevolver 06/12/06 13:57:56
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Adserver 06/12/06 13:58:20
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\19117_5652a60ef_[]
Spyware detected: Cookie/Adserver 06/12/06 13:59:01
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\24151_5d1f3fd95_[]
Spyware detected: Cookie/Adserver 06/12/06 13:58:46
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22286_5793ebbb6_[]
Spyware detected: Cookie/Adserver 06/12/06 13:58:20
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\19117_5652a60ef_[]
Spyware detected: Cookie/Adserver 06/12/06 13:59:27
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4627_59bf88ca7_[]
Spyware detected: Cookie/Adserver 06/12/06 13:59:15
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/Adserver 06/12/06 13:58:50
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22319_56d1ee3b6_[]
Spyware detected: Cookie/Adserver 06/12/06 13:59:26
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4582_53ef28a1d_[]
Spyware detected: Cookie/Adserver 06/12/06 13:59:26
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4582_53ef28a1d_[]
Spyware detected: Cookie/Adserver 06/12/06 13:58:46
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22286_5793ebbb6_[]
Spyware detected: Cookie/Adserver 06/12/06 13:58:42
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22225_55c72494d_[]
Spyware detected: Cookie/Adserver 06/12/06 13:58:42
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22225_55c72494d_[]
Spyware detected: Cookie/Adserver 06/12/06 13:59:01
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\24151_5d1f3fd95_[]
Spyware detected: Cookie/Adserver 06/12/06 13:59:27
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4627_59bf88ca7_[]
Spyware detected: Cookie/Adserver 06/12/06 13:59:15
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\28712_56e467bdd_[]
Spyware detected: Cookie/Adserver 06/12/06 13:58:50
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\22319_56d1ee3b6_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:12
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\16150_5208d362a_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:43
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\10960_559a21cba_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:54
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\12541_54f14e1c1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:36
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\10960_50cdffcf9_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:05
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2693_502d597db_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:05
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2693_502d597db_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:25
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4582_53ef28a1d_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:25
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\4582_53ef28a1d_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:36
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\10960_50cdffcf9_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:18
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\19070_5a099bee0_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:18
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\19070_5a099bee0_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:18
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\19070_5a099bee0_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:05
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2693_5720c69a1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:05
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2693_5720c69a1_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:51
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\11627_59f68f077_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:04
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2444_5d5ef4599_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:23
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:51
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\11627_59f68f077_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:51
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\11627_59f68f077_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:04
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2444_5d5ef4599_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:04
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2647_5053e6479_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:04
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2647_5053e6479_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:49
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\11097_5e433ba84_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:04
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2444_5d5ef4599_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:49
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\11097_5e433ba84_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:49
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\11097_5e433ba84_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:03
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2444_56e0d24e6_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:03
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2444_56e0d24e6_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:48
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\11034_5bd9923c4_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:48
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\11034_5bd9923c4_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:22
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\31674_556dea7f7_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:48
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\11034_5bd9923c4_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:03
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2444_58ba75bac_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:03
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2444_58ba75bac_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:03
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\2444_58ba75bac_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:18
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:18
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:18
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:18
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:31
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\20109_5e0287601_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:43
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\10960_559a21cba_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:43
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\10960_559a21cba_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:31
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\20109_5e0287601_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:33
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\21202_583bb1cdf_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:33
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\21202_583bb1cdf_[]
Spyware detected: Cookie/Advertising 06/12/06 13:59:18
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\29478_5a2ca09fc_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:44
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\10960_5601b96bb_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:33
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\21202_583bb1cdf_[]
Spyware detected: Cookie/Advertising 06/12/06 13:57:46
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\10960_56a13ec3b_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:25
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\19120_54ee1031f_[]
Spyware detected: Cookie/Advertising 06/12/06 13:58:25
Notified Location: C:\Program
Files\Support.com\backup\co\cookies.txt\19120_54ee1031f_[]
Spyware d
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

#10 sbruce

sbruce
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 12 June 2006 - 03:05 PM

There lots more, but this is ridiculous. Let me know if you want it. It will take about 5 or 6 more postings.
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

#11 Bobbi Flekman

Bobbi Flekman

    The computer whisperer


  • Malware Response Team
  • 4,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 PM

Posted 13 June 2006 - 04:35 AM

Hi sbruce,

Launch Notepad, and copy/paste the box below into a new text file. Save it as fixme.reg and save it on your Desktop.

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"uuzvke.exe"=-

Locate fixme.reg on your Desktop and double-click on it.
You will receive a prompt similar to: "Do you wish to merge the information into the registry?".
Answer "Yes" and wait for a message to appear similar to "Merged Successfully".

The above Registry file was written specifically for this infection on this person's computer. It is NOT to be used on another computer, as it may cause damage that could result in a format!

Here is some additional information since I did the steps you suggested above.
First, my onscreen keyboard is not working (I am sending this via another computer) -- all that comes up is the magnifier. I tried turning it off in the accessibilities utilities, rebooting, etc. Something must have gotten modified--so I don't have any type of keyboard

I don't understand this. Since you were able to get Panda working, do I understand that the keyboard is working again?

4. I deleted 2 of the 3 files you indicated. uuzvke.exe wasn't on the list
However, on reboot, I get the same error message.

I think it'll be gone now.

It is a real challenge trying to do all this without any type of keyboard. I had to cut and past from other documents to fill in the Panda info screen. Quite funny when I am not pulling my hair out in frustration. I am kind of missing that onscreen keyboard, as much as I hated it previously.

What program is this? As far as I know I haven't told you to delete something like a keyboard program... So it doesn't ring a bell.

Ok, I finally installed Panda (Titanium Antivirus 2006 and antispyware) and got it to run. That log follows in this message.

You installed Panda itself..... I wanted you to run the online scan! Okay, I can understand that that is trouble with Norton... The online scan would have worked perfectly next to Norton.

One disturbing thing--my inbox is empty. Those emails in subfolders weren't touched, but all the others in my current inbox were deleted (?). Where are they? I wonder if these 171 messages were part of the 1666 renamed files.

Maybe the log will tell me. From what I see a lot of cookies got deleted, but as you said it is not all...

Should I dump my Norton for Panda? I am leaving Panda on (trial version) and Norton off for now. I feel like my problems are getting worse!! Help! Am I sinking? lol

Personally I like Panda more, but as I said before I wanted you to do the online scan.

There lots more, but this is ridiculous. Let me know if you want it. It will take about 5 or 6 more postings.

You can attach the log, if need be. If it doesn't we'll devise another way.
Posted Image

#12 sbruce

sbruce
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 13 June 2006 - 06:43 AM

1. i saved the file on my desktop as fixme.reg as instructed, but when I try to launch it I get the message:

"Cannot import c:\documents.....desktop\figme.reg. The specified file is not a registry script. You can only import binary registry files from within the registry editor."

I cut and pasted the line you indicated into notepad, saved as fixme.reg When I double click, I hit yes, and then I get the error message.


So now what do I do?

2. I HAVE NO KEYBOARD AT ALL NOW. I was able to get Panda working even without a keyboard--very crafty moves on my part with the mouse. Anyway, as far as I know nothing was deleted previously (except the files in HJT), so I don't understand either. It seems that the Magnifier (in Accessories) is what is being launched when I click on onscreen keyboard now. And when I click on Magnifier, it is the same thing, just the magnifier---still no keyboard (thought maybe they got swapped). ( I am using another computer in the house.) Anyway, somehow, the file was corrupted or something. I have looked for a download on line, but can't seem to find one. Remember--my keyboard malfunction is what started this mess. Is there a download that you know of that I can install?

3. I couldn't run your Panda link because of the keyboard not being available, that is why I downloaded Panda. But I gather it did the same thing even though I had to uninstall Norton.

4. What do you want me to do about the Panda scan results. Is there some other way that I can post it??? It is huge. Maybe then we can figure out what happened to my email.

Hope you can help.
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

#13 Bobbi Flekman

Bobbi Flekman

    The computer whisperer


  • Malware Response Team
  • 4,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 PM

Posted 13 June 2006 - 07:56 AM

1. i saved the file on my desktop as fixme.reg as instructed, but when I try to launch it I get the message:

"Cannot import c:\documents.....desktop\figme.reg. The specified file is not a registry script. You can only import binary registry files from within the registry editor."

I cut and pasted the line you indicated into notepad, saved as fixme.reg When I double click, I hit yes, and then I get the error message.

Did you use Notepad? Have you checked that it looks exactly like the part in the box? Did you save it as "All Files"?

2. I HAVE NO KEYBOARD AT ALL NOW. I was able to get Panda working even without a keyboard--very crafty moves on my part with the mouse. Anyway, as far as I know nothing was deleted previously (except the files in HJT), so I don't understand either. It seems that the Magnifier (in Accessories) is what is being launched when I click on onscreen keyboard now. And when I click on Magnifier, it is the same thing, just the magnifier---still no keyboard (thought maybe they got swapped). ( I am using another computer in the house.) Anyway, somehow, the file was corrupted or something. I have looked for a download on line, but can't seem to find one. Remember--my keyboard malfunction is what started this mess. Is there a download that you know of that I can install?

From what I know your system is seriously messed up. Do you have any idea what happened exactly. You can try uninstalling Norton stuff by default. And with uninstalling Norton I mean everything (SytemWorks, Urtilities, Internet Security, anything that says Norton). The reason is that Norton buries itself very, very deep in the system, and can cause trouble that way... If a corded keyboard doesn't work either, then either the port it is connected to has died or the drivers needed for the keyboard got corrupted. This would mean a reinstall of Windows? Have you tried to restore the computer with System Restore to a point that this did not happen?

4. What do you want me to do about the Panda scan results. Is there some other way that I can post it??? It is huge. Maybe then we can figure out what happened to my email.

Have you tried to attach it a post? See the file attachments thingy a few lines down...

Hope you can help.

I can try. :thumbsup:
Posted Image

#14 sbruce

sbruce
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:06:32 AM

Posted 16 June 2006 - 11:03 AM

I reinstalled my OS. Thanks for your help. All set now.

However, at one point in this "fix" I was told to delete osk.exe as it was some sort of malware--turns out it was my On Screen Keyboard.
Also, during one of the Panda scans, my email inbox was wiped out, except for those emails saved in the subfolders.
Even when I returned to pre-wipe out stage of my computer, my emails were gone. Caused me a lot of headaches. Thought you'd like the feedback.
HAGD
XP Pro 2002, SP 2; HP Intell T2400 1.83 GHz
987 Mhz .099 GB RAM; MS Outlook; Anti virus: AVAST; LAVASOFT Ad-aware;
Firefox 2.0.0.9

#15 Bobbi Flekman

Bobbi Flekman

    The computer whisperer


  • Malware Response Team
  • 4,423 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:32 PM

Posted 17 June 2006 - 04:02 AM

Hi sbruce,

However, at one point in this "fix" I was told to delete osk.exe as it was some sort of malware--turns out it was my On Screen Keyboard.

That would have been me... From what I researched I had seen that it was malware.

LiveChat Adware - known file names include: mssetup.exe, kstatus.exe, spoolsv.exe, sptsupd.exe, osk.exe, msswchx.exe, netdde.exe, msbkup.exe

Also from what I gathered you had the keyboard trouble before I told you to get rid of osk.exe... Am I missing something? That goes to show people have to double/triple check. My apologies.

Thought you'd like the feedback.

Thanks for sharing.
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users