Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help With Infected Computer


  • Please log in to reply
9 replies to this topic

#1 hhhisariel

hhhisariel

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 15 June 2006 - 01:10 PM

Hello

I would really appreciate it if anybody could help me out here. I am getting LOADS of popups, most of them saying surf sidekick in the top blue bar. I have searched my computer for surf sidekick and found one folder called surf sidekick 3 but have no way of un-installing it. Please help me.

Here is my hijack this log

Logfile of HijackThis v1.99.1
Scan saved at 19:07:16, on 15/06/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\Lg\command.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\defender26.exe
C:\WINDOWS\System32\csrrs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\test\MYDOCU~1\CROSOF~1.NET\msiexec.exe
C:\Documents and Settings\test\My Documents\?dobe\w?nword.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\msconfig.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\taskmgr.exe
C:\Program Files\TClock\TClock.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\morpheus\morpheus.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\winver.exe
C:\Documents and Settings\test\Desktop\Mike\hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.co.uk/
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file)
O3 - Toolbar: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll
O4 - HKLM\..\Run: [csr] csrrs.exe
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [defender] C:\\defender26.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\RunServices: [csr] csrrs.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - HKCU\..\Run: [Cucr] "C:\DOCUME~1\test\MYDOCU~1\CROSOF~1.NET\msiexec.exe" -vt yazr
O4 - HKCU\..\Run: [Uecsygac] C:\Documents and Settings\test\My Documents\?dobe\w?nword.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Global Startup: msconfig.exe
O4 - Global Startup: svchost.exe
O4 - Global Startup: taskmgr.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll
O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF1FA224-DEDC-4636-80CE-33CA9D50664E}: NameServer = 62.6.40.162 194.74.65.69
O20 - AppInit_DLLs: repairs303169587.dll
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\fp8203loe.dll (file missing)
O20 - Winlogon Notify: Syncmgr - C:\WINDOWS\system32\fpjo0313e.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\Lg\command.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

BC AdBot (Login to Remove)

 


#2 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 17 June 2006 - 04:54 AM

Hi hhhisariel and Welcome to the Bleeping Computer!

Could you also post an uninstall list for me please,
  • Start HijackThis
  • Click on the Config button
  • Click on the Misc Tools button
  • Click on the Open Uninstall Manager button.
  • Click on the Save list... button and specify where you would like to save this file.
  • When you press Save button a notepad will open with the contents of that file.
  • Simply copy and paste the contents of that notepad into this topic please.


#3 hhhisariel

hhhisariel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 17 June 2006 - 10:11 AM

Heya, thankyou for your reply.

Since I posted here I have installed and run Norton Virus Scan, Zone Alarm Pro and Spybot Search & Destroy. So far I have not had any popups after I deleted the 100`s of viruses and spyware that these programs found. However, I will post another Hijack This log followed by my uninstall list, could you have a look and let me know if everythinbg is now ok. Thankyou.



Adobe Reader 6.0.1
Ahead Nero Burning ROM
AVIcodec (remove only)
AviSynth 2.5
Aztech CNR2900 V.90 Modem
Azureus
BT Broadband Basic Help
BT Voyager 105 ADSL Modem
CA eTrust PestPatrol Anti-Spyware
CC_ccStart
ccCommon
Conquest 3.0
DirectX Happy Uninstall v3.86
DivX
DivX Converter
DivX Player
DivX Web Player
eMule
Freecom Personal Media Suite 1.27
Google Earth
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Video Player
HijackThis 1.99.1
Internet Explorer Q867801
iPod for Windows 2005-09-23
iPod for Windows 2006-03-23
IpWins
iTunes
J2SE Runtime Environment 5.0 Update 3
J2SE Runtime Environment 5.0 Update 6
Lexmark Supplies Monitor
Lexmark Z25-Z35
LiveReg (Symantec Corporation)
LiveUpdate 1.90 (Symantec Corporation)
Macromedia Flash Player 8
Macromedia Shockwave Player
MailFrontier Desktop
Microsoft Office XP Professional with FrontPage
Microsoft XML Parser and SDK
Morpheus Toolbar
Mozilla Firefox (1.5.0.4)
MSN Messenger 6.2
MSN Toolbar
MSRedist
Mud Master
MUSHclient (remove only)
Nokia Connectivity Cable Driver
Nokia PC Suite
NokiaFREE Unlock Codes Calculator
Norton AntiVirus 2004 Professional
Norton AntiVirus 2004 Professional (Symantec Corporation)
Norton AntiVirus Parent MSI
Norton AntiVirus SYMLT MSI
Outlook Express Q823353
PCPitstop Panda AntiVirus Scan (remove only)
PowerDVD
QuickTime
SigmaTel C-Major Audio
Spybot - Search & Destroy 1.4
Spyware Doctor 3.8
Symantec Script Blocking Installer
SymNet
ToolBar888
USB Storage Device v1.14e035
VobSub v2.05 (Remove Only)
WinAce Archiver
Windows Media ASF View 9 Series
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player Hotfix [See Q828026 for more information]
Windows XP Application Compatibility Update[Q319580]
Windows XP Hotfix - KB823182
Windows XP Hotfix - KB823559
Windows XP Hotfix - KB824105
Windows XP Hotfix - KB824141
Windows XP Hotfix - KB825119
Windows XP Hotfix - KB828035
Windows XP Hotfix - KB828741
Windows XP Hotfix - KB835732
Windows XP Hotfix - KB837001
Windows XP Hotfix - KB839643
Windows XP Hotfix - KB839645
Windows XP Hotfix - KB840315
Windows XP Hotfix - KB840374
Windows XP Hotfix - KB841873
Windows XP Hotfix - KB842773
Windows XP Hotfix (SP1) [See Q307271 for more information]
Windows XP Hotfix (SP1) [See Q309521 for more information]
Windows XP Hotfix (SP1) [See Q311889 for more information]
Windows XP Hotfix (SP1) [See Q311967 for more information]
Windows XP Hotfix (SP1) [See Q313450 for more information]
Windows XP Hotfix (SP1) [See Q315000 for more information]
Windows XP Hotfix (SP1) [See Q315403 for more information]
Windows XP Hotfix (SP1) [See Q317277 for more information]
Windows XP Hotfix (SP1) [See Q318138 for more information]
Windows XP Hotfix (SP1) [See Q323172 for more information]
Windows XP Hotfix (SP1) [See Q324096 for more information]
Windows XP Hotfix (SP1) [See Q324380 for more information]
Windows XP Hotfix (SP1) [See Q326830 for more information]
Windows XP Hotfix (SP1) [See Q328940 for more information]
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q811493
Windows XP Hotfix (SP1) Q815021
Windows XP Hotfix (SP1) Q817606
Windows XP Hotfix (SP1) Q819696
Windows XP Hotfix (SP2) [See Q329115 for more information]
WinZip
Yazzle by OIN
ZoneAlarm Security Suite




Logfile of HijackThis v1.99.1
Scan saved at 16:11:30, on 17/06/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\defender26.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\test\MYDOCU~1\CROSOF~1.NET\msiexec.exe
C:\Documents and Settings\test\My Documents\?dobe\w?nword.exe
C:\Program Files\TClock\TClock.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\ZoneLabs\isafe.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\test\Desktop\Mike\hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.co.uk/
R3 - Default URLSearchHook is missing
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [defender] C:\\defender26.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - HKCU\..\Run: [Cucr] "C:\DOCUME~1\test\MYDOCU~1\CROSOF~1.NET\msiexec.exe" -vt yazr
O4 - HKCU\..\Run: [Uecsygac] C:\Documents and Settings\test\My Documents\?dobe\w?nword.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF1FA224-DEDC-4636-80CE-33CA9D50664E}: NameServer = 62.6.40.162 194.74.65.69
O20 - AppInit_DLLs: repairs303169587.dll
O20 - Winlogon Notify: SideBySide - C:\WINDOWS\
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\fp8203loe.dll (file missing)
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\System32\ZoneLabs\isafe.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#4 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 17 June 2006 - 10:25 AM

Go to Add\Remove Programs and Remove these,follow any prompts to restart after running each.

Yazzle by OIN

ToolBar888

Morpheus Toolbar

IpWins



1. Please download Ewido Anti-Malware
  • Install ewido anti-malware
  • Launch ewido, there should be an icon on your desktop, double-click it.
  • The program will now open to the main screen.
  • When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.

    You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  • The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")
  • Exit Ewido, do not run the scan yet!
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

2. Please download Brute Force Uninstaller to your desktop.
  • Right click the BFU folder on your desktop, and choose Extract All
  • Click "Next"
  • In the box to choose where to extract the files to,
  • Click "Browse"
  • Click on the + sign next to "My Computer"
  • Click on "Local Disk (C:) or whatever your primary drive is
  • Click "Make New Folder"
  • Type in BFU
  • Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
3. RIGHT-CLICK HERE and choose "Save As" (in IE it's "Save Target As") in order to download Alcra PLUS Remover.
Save it in the same folder you made earlier (c:\BFU).

Do not do anything with these yet!

Reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping F8 until a menu appears. Highlight Safe Mode and hit enter.

4. Once in Safe Mode, Open Ewido:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido anti-malware.

5. Then, please go to Start > My Computer and navigate to the C:\BFU folder.
  • Start the Brute Force Uninstaller by doubleclicking BFU.exe
  • Behind the scriptline to execute field click the folder icon Posted Image and select alcanshorty.bfu
  • Press Execute and let the program do itís job. (You ought to see a progress bar if you did this correctly.)
  • Wait for the complete script execution box to pop up and press OK.
  • Press exit to terminate the BFU program.
Reboot into normal windows and post the contents of Ewido text report that you saved and a new HiJackThis log.

#5 hhhisariel

hhhisariel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 17 June 2006 - 03:10 PM

Hello

Here is the Ewido report, followed by the Hijack log



---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 20:58:40, 17/06/2006
+ Report-Checksum: 60824A32

+ Scan result:

HKLM\SOFTWARE\Classes\TwaintecDll.TwaintecDllObj -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\TwaintecDll.TwaintecDllObj\CLSID -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\TwaintecDll.TwaintecDllObj\CurVer -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTbarISTbar -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-448539723-527237240-725345543-500\Software\180solutions -> Adware.180Solutions : Cleaned with backup
HKU\S-1-5-21-448539723-527237240-725345543-500\Software\msbb -> Adware.180Solutions : Cleaned with backup
C:\defender26.exe -> Hijacker.VB.ly : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@ads18.bpath[1].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@ads49.bpath[1].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\14LUSCHH\bridge-c18[1].cab/BridgeX.dll -> Downloader.Briss.a : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.6:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.9:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.10:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.11:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.12:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.13:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.18:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.19:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.28:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.29:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.30:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.59:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned with backup
:mozilla.60:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.61:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.65:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.66:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.67:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.87:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.88:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.89:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.90:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.95:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.96:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.144:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.212:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.213:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.238:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.255:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.261:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.262:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.263:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.270:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.271:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.272:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.273:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.274:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.285:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.286:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.287:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.288:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.289:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.290:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.291:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.292:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.293:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.307:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.308:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.309:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.310:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.343:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.344:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.346:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.347:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.348:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.349:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.370:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.371:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.372:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.373:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.380:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.381:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.382:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.383:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.384:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.385:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.386:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.387:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.388:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.389:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.390:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.391:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.392:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.393:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.406:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.407:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.424:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.426:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.630:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
:mozilla.832:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.833:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.834:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.835:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.838:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.839:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.840:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.841:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.842:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.843:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.844:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.845:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
:mozilla.851:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.852:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.861:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.862:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.869:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.870:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.871:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.872:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.873:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.874:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.875:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.876:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.877:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.878:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.879:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.880:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.881:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.882:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.883:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.884:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.886:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.887:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@abetterinternet[2].txt -> TrackingCookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ad.adocean[2].txt -> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ads18.bpath[1].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@banner.paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@eztracks.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@h.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ilead.itrack[1].txt -> TrackingCookie.Itrack : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@programs.wegcash[1].txt -> TrackingCookie.Wegcash : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@server.lon.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@service.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@tracking.g3x[1].txt -> TrackingCookie.G3x : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@try.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@www.epilot[1].txt -> TrackingCookie.Epilot : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\Cache\B23E4567d01 -> Not-A-Virus.Downloader.Win32.WinFixer.j : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\!update.exe -> Adware.ClickSpring : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@data4.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@h.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@kmpads[1].txt -> TrackingCookie.Kmpads : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@try.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temporary Internet Files\Content.IE5\PGCJ1TGD\!update-3920[1].0000 -> Adware.ClickSpring : Cleaned with backup
C:\Documents and Settings\test\My Documents\Μіcrosoft.NET\msiexec.exe -> Adware.ClickSpring : Cleaned with backup
C:\Program Files\Common Files\mqmm\mqmmd\mqmmc.dll -> Adware.TargetServer : Cleaned with backup
C:\Program Files\Common Files\services.exe -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\DNS\Catcher.dll -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\DNS\cwebpage.dll -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\SideFind -> Adware.SideFind : Cleaned with backup
C:\Program Files\SideFind\update -> Adware.SideFind : Cleaned with backup
C:\RECYCLER\NPROTECT\00581900.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581901.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581902.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581903.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581904.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581905.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581906.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581907.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581908.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581909.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581910.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581911.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581913.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581914.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581915.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581916.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581917.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581918.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581919.TXT -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\RECYCLER\NPROTECT\00581925.TXT -> TrackingCookie.Overture : Cleaned with backup
C:\RECYCLER\NPROTECT\00581926.TXT -> TrackingCookie.Overture : Cleaned with backup
C:\RECYCLER\NPROTECT\00581949.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581950.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581951.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581955.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581956.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581957.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581958.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581959.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581960.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582079.TXT -> TrackingCookie.Overture : Cleaned with backup
C:\RECYCLER\NPROTECT\00582080.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582081.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582082.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582088.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582089.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582090.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582099.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582100.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582101.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582102.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582103.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582104.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582107.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582108.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582109.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582182.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582183.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582184.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582186.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582187.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582188.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582189.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582190.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582191.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582192.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582193.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582194.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582198.TXT -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\RECYCLER\NPROTECT\00582541.TXT -> TrackingCookie.Casalemedia : Cleaned with backup
C:\RECYCLER\NPROTECT\00582559.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582560.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582561.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582564.TXT -> TrackingCookie.Bluestreak : Cleaned with backup
C:\RECYCLER\NPROTECT\00582566.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582567.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582568.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582569.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582570.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582577.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582578.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582579.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582580.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582581.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582582.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582583.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582584.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582585.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582586.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582587.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582588.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582609.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582610.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582611.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582612.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582627.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582628.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582629.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582630.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582631.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582662.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582664.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582666.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582670.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582671.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582672.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582674.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582675.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582676.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582677.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582678.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582679.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582680.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582681.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582686.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582687.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582688.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582689.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582690.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582691.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582692.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582693.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582694.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582696.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582697.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582698.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582699.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582700.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582701.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582703.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582704.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582705.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582706.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582707.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582708.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582710.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582711.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582712.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582713.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582714.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582715.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582728.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582729.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582730.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582731.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582732.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582733.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582735.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582736.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582737.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582743.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582744.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582745.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582746.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582747.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582748.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582749.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582768.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582769.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582770.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582772.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582773.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582774.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582777.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582778.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582779.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582785.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582786.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582787.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582788.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582795.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582796.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582797.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582798.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582799.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582800.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582803.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582804.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582805.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582806.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582807.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582808.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582813.TXT -> TrackingCookie.Adjuggler : Cleaned with backup
C:\RECYCLER\NPROTECT\00582814.TXT -> TrackingCookie.Adjuggler : Cleaned with backup
C:\RECYCLER\NPROTECT\00582815.TXT -> TrackingCookie.Adjuggler : Cleaned with backup
C:\RECYCLER\NPROTECT\00582833.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582834.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582835.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582836.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582837.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582838.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582839.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582840.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582841.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582854.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582855.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582856.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582858.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582859.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582860.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582863.TXT -> TrackingCookie.2o7 : Cleaned with backup
C:\RECYCLER\NPROTECT\00582864.TXT -> TrackingCookie.2o7 : Cleaned with backup
C:\RECYCLER\NPROTECT\00582869.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582870.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582871.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582877.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582878.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582879.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582880.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582881.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582882.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582883.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582884.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582885.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582886.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00582887.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00582888.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00582889.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00582896.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00582922.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582923.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582924.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582928.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582929.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582930.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582931.TXT -> TrackingCookie.Overture : Cleaned with backup
C:\RECYCLER\NPROTECT\00582932.TXT -> TrackingCookie.Overture : Cleaned with backup
C:\RECYCLER\NPROTECT\00582948.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582949.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582950.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582956.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00582957.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00582958.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00582959.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00582975.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582976.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582977.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582978.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582991.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582992.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582993.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582994.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582997.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582998.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582999.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00583001.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583002.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583003.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583004.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583005.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583006.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583009.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583010.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583011.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583013.TXT -> TrackingCookie.Qksrv : Cleaned with backup
C:\RECYCLER\NPROTECT\00583014.TXT -> TrackingCookie.Statcounter : Cleaned with backup
C:\RECYCLER\NPROTECT\00583015.TXT -> TrackingCookie.Statcounter : Cleaned with backup
C:\RECYCLER\NPROTECT\00583020.TXT -> TrackingCookie.2o7 : Cleaned with backup
C:\RECYCLER\NPROTECT\00583021.TXT -> TrackingCookie.2o7 : Cleaned with backup
C:\RECYCLER\NPROTECT\00583024.TXT -> TrackingCookie.Statcounter : Cleaned with backup
C:\RECYCLER\NPROTECT\00583027.TXT -> TrackingCookie.Statcounter : Cleaned with backup
C:\RECYCLER\NPROTECT\00583029.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583030.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583031.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583034.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583035.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583036.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583037.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583038.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583039.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583040.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583041.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583042.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583043.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583044.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583045.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583046.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583047.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583048.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583049.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00583050.TXT

#6 hhhisariel

hhhisariel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 17 June 2006 - 03:12 PM

Not sure if that worked, will try again here

Logfile of HijackThis v1.99.1
Scan saved at 21:10:20, on 17/06/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\test\My Documents\?dobe\w?nword.exe
C:\Program Files\TClock\TClock.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\ZoneLabs\isafe.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\cidaemon.exe
C:\Documents and Settings\test\Desktop\Mike\hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.co.uk/
R3 - Default URLSearchHook is missing
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - HKCU\..\Run: [Cucr] "C:\DOCUME~1\test\MYDOCU~1\CROSOF~1.NET\msiexec.exe" -vt yazr
O4 - HKCU\..\Run: [Uecsygac] C:\Documents and Settings\test\My Documents\?dobe\w?nword.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF1FA224-DEDC-4636-80CE-33CA9D50664E}: NameServer = 62.6.40.162 194.74.65.69
O20 - AppInit_DLLs: repairs303169587.dll
O20 - Winlogon Notify: SideBySide - C:\WINDOWS\
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\fp8203loe.dll (file missing)
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\System32\ZoneLabs\isafe.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe




---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 20:58:40, 17/06/2006
+ Report-Checksum: 60824A32

+ Scan result:

HKLM\SOFTWARE\Classes\TwaintecDll.TwaintecDllObj -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\TwaintecDll.TwaintecDllObj\CLSID -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\TwaintecDll.TwaintecDllObj\CurVer -> Adware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTbarISTbar -> Adware.HotBar : Cleaned with backup
HKU\S-1-5-21-448539723-527237240-725345543-500\Software\180solutions -> Adware.180Solutions : Cleaned with backup
HKU\S-1-5-21-448539723-527237240-725345543-500\Software\msbb -> Adware.180Solutions : Cleaned with backup
C:\defender26.exe -> Hijacker.VB.ly : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@ads18.bpath[1].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@ads49.bpath[1].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\14LUSCHH\bridge-c18[1].cab/BridgeX.dll -> Downloader.Briss.a : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.6:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.9:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.10:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.11:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.12:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.13:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.18:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.19:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.28:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.29:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.30:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.59:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned with backup
:mozilla.60:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.61:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.65:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.66:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.67:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.87:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.88:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.89:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.90:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.95:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.96:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.144:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.212:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.213:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.238:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.255:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.261:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.262:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.263:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.270:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.271:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.272:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.273:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.274:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.285:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.286:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.287:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.288:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.289:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.290:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.291:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.292:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.293:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.307:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.308:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.309:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.310:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.343:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.344:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.346:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.347:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.348:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.349:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.370:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.371:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.372:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.373:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.380:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.381:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.382:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.383:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.384:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.385:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.386:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.387:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.388:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.389:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.390:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.391:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.392:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.393:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.406:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.407:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.424:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.426:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.630:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
:mozilla.832:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.833:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.834:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.835:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.838:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.839:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.840:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.841:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.842:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.843:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.844:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.845:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
:mozilla.851:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.852:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
:mozilla.861:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.862:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.869:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.870:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.871:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.872:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.873:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.874:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.875:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.876:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.877:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.878:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.879:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.880:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.881:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.882:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.883:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.884:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.886:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
:mozilla.887:C:\Documents and Settings\test\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@aavalue[1].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@abetterinternet[2].txt -> TrackingCookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ad.adocean[2].txt -> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ads18.bpath[1].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@banner.paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@eztracks.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@h.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@ilead.itrack[1].txt -> TrackingCookie.Itrack : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@programs.wegcash[1].txt -> TrackingCookie.Wegcash : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@server.lon.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@service.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@tracking.g3x[1].txt -> TrackingCookie.G3x : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@try.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\test\Cookies\test@www.epilot[1].txt -> TrackingCookie.Epilot : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Application Data\Mozilla\Firefox\Profiles\jyherq7m.default\Cache\B23E4567d01 -> Not-A-Virus.Downloader.Win32.WinFixer.j : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\!update.exe -> Adware.ClickSpring : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@data4.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@h.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@kmpads[1].txt -> TrackingCookie.Kmpads : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@try.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temp\Cookies\test@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\test\Local Settings\Temporary Internet Files\Content.IE5\PGCJ1TGD\!update-3920[1].0000 -> Adware.ClickSpring : Cleaned with backup
C:\Documents and Settings\test\My Documents\Μіcrosoft.NET\msiexec.exe -> Adware.ClickSpring : Cleaned with backup
C:\Program Files\Common Files\mqmm\mqmmd\mqmmc.dll -> Adware.TargetServer : Cleaned with backup
C:\Program Files\Common Files\services.exe -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\DNS\Catcher.dll -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\DNS\cwebpage.dll -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\SideFind -> Adware.SideFind : Cleaned with backup
C:\Program Files\SideFind\update -> Adware.SideFind : Cleaned with backup
C:\RECYCLER\NPROTECT\00581900.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581901.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581902.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581903.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581904.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581905.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581906.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581907.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581908.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581909.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581910.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581911.TXT -> TrackingCookie.Serving-sys : Cleaned with backup
C:\RECYCLER\NPROTECT\00581913.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581914.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581915.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581916.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581917.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581918.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581919.TXT -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\RECYCLER\NPROTECT\00581925.TXT -> TrackingCookie.Overture : Cleaned with backup
C:\RECYCLER\NPROTECT\00581926.TXT -> TrackingCookie.Overture : Cleaned with backup
C:\RECYCLER\NPROTECT\00581949.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581950.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581951.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581955.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581956.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581957.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581958.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581959.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00581960.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582079.TXT -> TrackingCookie.Overture : Cleaned with backup
C:\RECYCLER\NPROTECT\00582080.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582081.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582082.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582088.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582089.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582090.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582099.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582100.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582101.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582102.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582103.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582104.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582107.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582108.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582109.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582182.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582183.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582184.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582186.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582187.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582188.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582189.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582190.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582191.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582192.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582193.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582194.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582198.TXT -> TrackingCookie.Cpvfeed : Cleaned with backup
C:\RECYCLER\NPROTECT\00582541.TXT -> TrackingCookie.Casalemedia : Cleaned with backup
C:\RECYCLER\NPROTECT\00582559.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582560.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582561.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582564.TXT -> TrackingCookie.Bluestreak : Cleaned with backup
C:\RECYCLER\NPROTECT\00582566.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582567.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582568.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582569.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582570.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582577.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582578.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582579.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582580.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582581.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582582.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582583.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582584.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582585.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582586.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582587.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582588.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582609.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582610.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582611.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582612.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582627.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582628.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582629.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582630.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582631.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582662.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582664.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582666.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582670.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582671.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582672.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582674.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582675.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582676.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582677.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582678.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582679.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582680.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582681.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582686.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582687.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582688.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582689.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582690.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582691.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582692.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582693.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582694.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582696.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582697.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582698.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582699.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582700.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582701.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582703.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582704.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582705.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582706.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582707.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582708.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582710.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582711.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582712.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582713.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582714.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582715.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582728.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582729.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582730.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582731.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582732.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582733.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582735.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582736.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582737.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582743.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582744.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582745.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582746.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582747.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582748.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582749.TXT -> TrackingCookie.Reliablestats : Cleaned with backup
C:\RECYCLER\NPROTECT\00582768.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582769.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582770.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582772.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582773.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582774.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582777.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582778.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582779.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582785.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582786.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582787.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582788.TXT -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\RECYCLER\NPROTECT\00582795.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582796.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582797.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582798.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582799.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT\00582800.TXT -> TrackingCookie.Kmpads : Cleaned with backup
C:\RECYCLER\NPROTECT

#7 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 17 June 2006 - 04:19 PM

Navigate Here,Download and Run the OuterInfo Uninstaller.


You allready have BFU which is needed in the next step.

Download sidekickFix.bat (rightclick on that link and choose save as)
  • Place sidekickFix.bat in your C:\BFU - folder. (Important!)
  • Close all browsers and explorer folders.
  • Double-click on sidekickFix.bat
  • Click Yes and follow the prompts, when prompted to restart the PC please do so.
Once restarted,Please download Look2Me-Destroyer.exe to your desktop.
  • Close all windows before continuing.
  • Double-click Look2Me-Destroyer.exe to run it.
  • Put a check next to Run this program as a task.
  • You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 1 minute. Click OK
  • When Look2Me-Destroyer re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.
  • Once it's done scanning, click the Remove L2M button.
  • You will receive a Done Scanning message, click OK.
  • When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.
  • Your computer will then shutdown.
  • Turn your computer back on.
  • Please post the contents of Look2Me-Destroyer.txt (it can be found wherever you saved Look2Me-Destroyer.exe) and a new HiJackThis log.
If Look2Me-Destroyer does not reopen automatically, reboot and try again.

#8 hhhisariel

hhhisariel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:41 AM

Posted 18 June 2006 - 08:57 AM

Here you go, thankyou for all your help.


Look2Me-Destroyer V1.0.12

Scanning for infected files.....
Scan started at 18/06/2006 14:46:19

Infected! C:\WINDOWS\system32\fp8203loe.dll

Attempting to delete infected files...

Making registry repairs.

Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SideBySide
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\StillImage

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{0C87B6C5-ECD3-45E3-99B1-4A22F1DEBB8F}"
HKCR\Clsid\{0C87B6C5-ECD3-45E3-99B1-4A22F1DEBB8F}

Restoring Windows certificates.

Replaced hosts file with default windows hosts file


Restoring SeDebugPrivilege for Administrators - Succeeded





Logfile of HijackThis v1.99.1
Scan saved at 14:56:57, on 18/06/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\TClock\TClock.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\ZoneLabs\isafe.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\test\Desktop\Mike\hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.co.uk/
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &MyToolBar Search - res://C:\Program Files\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF1FA224-DEDC-4636-80CE-33CA9D50664E}: NameServer = 62.6.40.162 194.74.65.69
O20 - AppInit_DLLs: repairs303169587.dll
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\System32\ZoneLabs\isafe.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#9 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 19 June 2006 - 04:45 AM

Did the sidekick fix seem to go OK?


Open HijackThis-> Click "Do a System Scan Only" and put a check by these but DO NOT hit the Fix Checked button yet

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

O3 - Toolbar: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)

O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe

O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)

O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll (file missing)

O20 - AppInit_DLLs: repairs303169587.dll

Now Make sure ALL WINDOWS and BROWSERS are CLOSED and hit the Fix Checked Button


Locate and Delete this folder

C:\Program Files\TClock


Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Be sure to run ATF for Firefox as well as the default settings.


Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
Post back with a fresh HijackThis log and the report from CureIt

#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:41 AM

Posted 13 May 2013 - 06:00 AM

Hi,

 

After trying the instructions in my previous post, please do the following next:

:step1:

Do you know what the below folders are for?

C:\Users\Harish\AppData\Roaming\Dirty
C:\Users\Harish\AppData\Local\Dirty


:step2:

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.

A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:
  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the <ENTER> key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.

 


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users