Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

W32.hllw.donk.b


  • This topic is locked This topic is locked
24 replies to this topic

#1 MadnessLover

MadnessLover

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 30 July 2006 - 12:29 AM

Well, I'm pretty sure W32.HLLW.Donk.B and cool.exe is the same thing. I've tried googling it, and it wants me to shut off automatic updates, and do a full system scan. I did that and 10 minutes later cool.exe was running again... So here I am. I got this computer used from my brother, so sorry the log is so long... I would appreciate some help. I've gone through 4 of 5 other topics, and they all seem to be about 3/4 the length of mine... That's bad right? And my antivirus software (Nod32) keeps giving me a warning about somethign along the lines of 'Busky Trojan' or something... Busky something... And I have to click terminate again every 30 minutes or so.

Logfile of HijackThis v1.99.1
Scan saved at 12:22:13 AM, on 7/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\iTunesHelper.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32.exe
C:\WINDOWS\system32\cleanmgr.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\QuickTime\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunOnce: [DELDIR0.EXE] "C:\DOCUME~1\Owner\LOCALS~1\Temp\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Guardian\"
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM ® - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0DD4ADBE-E91D-48CC-9A04-87EA1674E385} (PerfTesAXDemo Control) - http://gamer.ubicom.com/benchmarks/PerfTes...Xproj_aug23.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2B36F775-8CF5-4489-B454-2D1B80984CF2} (FXPluginCtl Object) - http://www.powerflasher.de/plugin/powerres.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://fastconnectkitsetup.cox.net/wizlet/...flowActiveX.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://utu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O18 - Protocol: bw+0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Iso Recorder\ImapiHelper.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

BC AdBot (Login to Remove)

 


m

#2 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:55 AM

Posted 30 July 2006 - 04:11 AM

First download ewido anti-spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program
  • Once you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run ewido and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close ewido anti-spyware, Do Not run a scan just yet, we will shortly.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
    IMPORTANT: Do not open any other windows or programs while ewido is scanning, it may interfere with the scanning proccess:
  • Lauch ewido-anti-spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • ewido will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close ewido and reboot your system back into Normal Mode and post the results of the ewido report scan and a new HijackThis log.

Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#3 MadnessLover

MadnessLover
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 30 July 2006 - 12:13 PM

Ok, cool.exe is still there. Over a thousand files found, but I don't really see a difference in speed. When cool.exe is there, my mouse freezes up every few seconds. Here's my new HJT log.

Logfile of HijackThis v1.99.1
Scan saved at 12:09:14 PM, on 7/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\QuickTime\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunOnce: [DELDIR0.EXE] "C:\DOCUME~1\Owner\LOCALS~1\Temp\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Guardian\"
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM ® - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0DD4ADBE-E91D-48CC-9A04-87EA1674E385} (PerfTesAXDemo Control) - http://gamer.ubicom.com/benchmarks/PerfTes...Xproj_aug23.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2B36F775-8CF5-4489-B454-2D1B80984CF2} (FXPluginCtl Object) - http://www.powerflasher.de/plugin/powerres.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://fastconnectkitsetup.cox.net/wizlet/...flowActiveX.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://utu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O18 - Protocol: bw+0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Iso Recorder\ImapiHelper.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

And did you want me to give you the report too?

#4 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:55 AM

Posted 30 July 2006 - 11:58 PM

Yes. Do this also. Click here to download SmitfraudFix (by S!Ri). Extract all the files to your Destop. A folder named SmitfraudFix will be created on your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press Enter
This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log in your next reply.

IMPORTANT: Do NOT run any other options until you are asked to do so!
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#5 MadnessLover

MadnessLover
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 31 July 2006 - 12:10 AM

Ok, here's the report.


I'm going to have to split this into 2 posts, the report is too long to be placed in one...

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:48:15 AM 7/30/2006

+ Scan result:



HKLM\SOFTWARE\180solutions -> Adware.180Solutions : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\__unin__.exe -> Adware.Altnet : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq62.tmp\dmfiles.cab/AltnetUninstall.exe -> Adware.Altnet : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq62.tmp\pmexe.cab/Points Manager.exe -> Adware.Altnet : No action taken.
C:\WINDOWS\system32\BO2802040113.dll -> Adware.BargainBuddy : No action taken.
C:\WINDOWS\system32\KVIF_7.dll -> Adware.BargainBuddy : No action taken.
C:\WINDOWS\system32\mbbi8016.dll -> Adware.BargainBuddy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\W3PHWHVP\712995[1].exe -> Adware.Beginto : No action taken.
C:\WINDOWS\712995.exe -> Adware.Beginto : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI1ADA.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI1DC9.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI1DC9.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI226D.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI226D.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI2558.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI2558.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI3099.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI3099.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI3527.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI3527.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI3552.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI3552.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI3CDC.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI3CDC.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI46E1.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI4D51.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI4D51.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI52D9.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI52D9.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI5374.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI5374.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI5630.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI5630.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI56F2.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI56F2.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI5B45.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI62A3.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI62A3.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI6ADE.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI6ADE.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI737D.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI737D.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI74C2.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI74C2.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI7500.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI7500.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI7945.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI7945.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI7B48.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI7FBE.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THI7FBE.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THIF3A.tmp\mxTarget.cab/mxTarget.dll -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\THIF3A.tmp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\mxTarget.cab/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\20040816072039125.zip/WINDOWS/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\20040818172211171.zip/WINDOWS/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\20040903151308156.zip/WINDOWS/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\20040906202247734.zip/WINDOWS/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\20040908220728359.zip/WINDOWS/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\20041006215521062.zip/WINDOWS/preInsMt.exe -> Adware.BiSpy : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq62.tmp\pmfiles.cab/sysdetect.dll -> Adware.BrilliantDigital : No action taken.
HKLM\SOFTWARE\Wast -> Adware.BroadCastPC : No action taken.
C:\WINDOWS\system32\KVIF_11.exe -> Adware.EZula : No action taken.
HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : No action taken.
C:\Program Files\Microsoft AntiSpyware\Quarantine\9DD9EFD2-6096-4C03-A107-0E93F6\77DF9F4E-A5F7-4341-B103-FDBAED -> Adware.NewDotNet : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\wu.exe -> Adware.SaveNow : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5D.tmp -> Adware.TotalVelocity : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5E.tmp -> Adware.TotalVelocity : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5F.tmp -> Adware.TotalVelocity : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq60.tmp\Tvm.exe -> Adware.TotalVelocity : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq60.tmp\TvmBho.dll -> Adware.TotalVelocity : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq60.tmp\TvmCore.dll -> Adware.TotalVelocity : No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\CDABGLAN\bridge-c24[1].cab/SyncroAdX.dll -> Adware.WinAD : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\win9DE.tmp.exe -> Downloader.Small : No action taken.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.a : No action taken.
C:\Program Files\hix\scripts\IPLookup\portscan.exe -> Not-A-Virus.NetTool.Win32.Scan.12 : No action taken.
:mozilla.212:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.7:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.8:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.247realmedia : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq88.tmp -> TrackingCookie.247realmedia : No action taken.
:mozilla.10:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.117:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.118:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.119:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.11:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.120:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.121:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.122:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.123:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.124:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.125:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.126:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.127:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.12:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.13:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.14:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.15:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.16:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.17:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.18:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.19:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.214:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.215:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.216:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.217:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.218:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.219:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.430:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.430:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.440:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.443:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.443:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.52:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.52:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.53:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.53:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.58:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.58:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.59:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.59:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.60:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.60:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.61:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.61:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.62:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.62:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.63:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.63:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.64:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.64:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.65:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.65:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.66:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.66:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.67:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.67:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.68:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.68:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.69:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.69:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.6:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.6:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.70:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.70:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.716:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.716:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.71:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.71:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.72:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.72:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.73:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.73:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.74:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.74:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.75:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.75:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.76:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.76:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.773:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.77:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.77:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.77:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.78:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.78:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.79:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.79:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.7:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.80:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.80:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.81:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.81:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.82:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.82:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.836:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.836:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.83:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.83:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.847:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.84:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.84:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.85:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.85:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.86:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.86:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.873:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.87:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.87:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.88:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.88:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.89:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.89:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.90:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.90:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.91:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.91:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.92:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.92:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.93:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.93:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.94:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.94:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.94:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.95:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.96:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.9:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq89.tmp -> TrackingCookie.2o7 : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAB.tmp -> TrackingCookie.2o7 : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6E.tmp -> TrackingCookie.Ad-logics : No action taken.
:mozilla.131:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.132:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.133:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.259:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.259:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.260:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.260:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.261:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.261:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.262:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.262:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.263:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.263:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.266:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.266:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.267:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.267:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.268:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.268:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.28:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.29:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.320:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.454:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.54:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.55:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.56:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.57:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.58:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.59:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.60:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.643:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.643:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.706:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.832:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.928:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.279:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.304:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.307:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.308:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.309:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.797:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.797:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Addynamix : No action taken.
:mozilla.295:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.296:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.297:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.298:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.423:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.794:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.794:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.795:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.795:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.943:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.944:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.945:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.10:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.141:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.142:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.143:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.144:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.400:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.401:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.402:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.403:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.404:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.412:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.413:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.414:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.586:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.587:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.588:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.589:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.590:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.591:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.804:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.804:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.805:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.805:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.806:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.806:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.807:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.807:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.808:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.808:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.116:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.117:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.341:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.342:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.343:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.344:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.345:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.346:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.429:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.430:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Adserver : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7E.tmp -> TrackingCookie.Adserver : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC3.tmp -> TrackingCookie.Adserver : No action taken.
:mozilla.481:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.482:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.44:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.45:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.46:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.47:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.48:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.49:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.54:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.54:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.55:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.55:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.56:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.56:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.57:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.57:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.70:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.71:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.72:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.73:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.90:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.98:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.98:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.99:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.99:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Advertising : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6F.tmp -> TrackingCookie.Advertising : No action taken.
C:\Program Files\Yah

#6 MadnessLover

MadnessLover
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 31 July 2006 - 12:12 AM

:mozilla.572:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.705:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.839:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.887:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.887:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.888:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.888:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.889:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.889:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Hitbox : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq161.tmp -> TrackingCookie.Hitbox : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq165.tmp -> TrackingCookie.Hitbox : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq166.tmp -> TrackingCookie.Hitbox : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq96.tmp -> TrackingCookie.Hitbox : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB6.tmp -> TrackingCookie.Hitbox : No action taken.
:mozilla.644:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.645:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.646:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.647:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.203:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Hotlog : No action taken.
:mozilla.904:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Hotlog : No action taken.
:mozilla.904:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Hotlog : No action taken.
:mozilla.163:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Hypertracker : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq167.tmp -> TrackingCookie.Hypertracker : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq97.tmp -> TrackingCookie.Hypertracker : No action taken.
:mozilla.186:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Internetfuel : No action taken.
:mozilla.187:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Internetfuel : No action taken.
:mozilla.188:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Internetfuel : No action taken.
:mozilla.189:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Internetfuel : No action taken.
:mozilla.190:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Internetfuel : No action taken.
:mozilla.625:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Ivwbox : No action taken.
:mozilla.205:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Masterstats : No action taken.
:mozilla.304:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Masterstats : No action taken.
:mozilla.304:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Masterstats : No action taken.
:mozilla.401:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Masterstats : No action taken.
:mozilla.105:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.341:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.341:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.342:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.342:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.88:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB7.tmp -> TrackingCookie.Mediaplex : No action taken.
:mozilla.783:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.783:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.784:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.784:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.785:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.785:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.786:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.786:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.787:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.787:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.958:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.959:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.960:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Onestat : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq99.tmp -> TrackingCookie.Onestat : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqBA.tmp -> TrackingCookie.Onestat : No action taken.
:mozilla.216:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.217:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.240:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.392:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Overture : No action taken.
:mozilla.392:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Overture : No action taken.
:mozilla.837:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Overture : No action taken.
:mozilla.837:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Overture : No action taken.
:mozilla.225:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Paycounter : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB8.tmp -> TrackingCookie.Paycounter : No action taken.
:mozilla.226:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Paypopup : No action taken.
:mozilla.227:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Paypopup : No action taken.
:mozilla.228:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Paypopup : No action taken.
:mozilla.229:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Paypopup : No action taken.
:mozilla.230:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Paypopup : No action taken.
:mozilla.207:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.207:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.208:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.208:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.209:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.209:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.210:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.210:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.211:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.211:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.212:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.212:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.351:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.352:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.353:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.354:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.375:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.376:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.377:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.378:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.42:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.43:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.44:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.45:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.736:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.737:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.906:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.906:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.908:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.908:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Qksrv : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq168.tmp -> TrackingCookie.Qksrv : No action taken.
:mozilla.155:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.156:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.157:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.165:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.165:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.166:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.166:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.167:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.167:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.168:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.168:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.246:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.282:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.283:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.284:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.77:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq82.tmp -> TrackingCookie.Questionmarket : No action taken.
:mozilla.368:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Realcastmedia : No action taken.
:mozilla.369:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Realcastmedia : No action taken.
:mozilla.258:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.310:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.311:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.421:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.422:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.423:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.424:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.84:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Revenue : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq83.tmp -> TrackingCookie.Revenue : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB9.tmp -> TrackingCookie.Revenue : No action taken.
:mozilla.901:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Roispy : No action taken.
:mozilla.902:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Roispy : No action taken.
:mozilla.903:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Roispy : No action taken.
:mozilla.116:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.135:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.136:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.137:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.312:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.312:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.313:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.313:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.314:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.314:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.315:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.315:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.316:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.316:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.317:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.317:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.318:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.318:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.464:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.465:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.466:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.467:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Ru4 : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq76.tmp -> TrackingCookie.Ru4 : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq81.tmp -> TrackingCookie.Ru4 : No action taken.
:mozilla.269:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.270:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.271:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.272:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.273:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.633:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.633:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.634:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.634:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.635:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.635:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.636:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.636:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.637:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.637:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.86:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.87:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.88:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.89:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.90:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq80.tmp -> TrackingCookie.Serving-sys : No action taken.
:mozilla.267:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.268:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.269:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.476:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.476:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.477:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.477:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.478:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.478:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Sexlist : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC1.tmp -> TrackingCookie.Sextracker : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC2.tmp -> TrackingCookie.Sextracker : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7B.tmp -> TrackingCookie.Shopathomeselect : No action taken.
:mozilla.397:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.398:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.32:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.33:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.34:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.479:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.479:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.480:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.480:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.481:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.481:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.482:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.482:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.483:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.483:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.540:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.541:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.604:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.605:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.606:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.607:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.608:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Specificclick : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB1.tmp -> TrackingCookie.Specificclick : No action taken.
:mozilla.206:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Spylog : No action taken.
:mozilla.270:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.271:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.271:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.271:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.272:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.272:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.273:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.273:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.274:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.274:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.274:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.275:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.275:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.275:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.276:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.276:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.276:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.276:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.277:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.277:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.277:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.277:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.278:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.278:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.278:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.278:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.279:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.279:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.279:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.279:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.280:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6eb20bky.Default User2\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.280:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.280:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.280:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.281:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.281:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.281:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.282:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.282:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.282:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.283:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.283:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.283:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.284:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.284:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.285:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.285:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.286:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.286:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.287:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.287:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.288:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.288:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.289:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.289:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.290:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.290:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.291:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.291:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.292:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.292:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.293:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.293:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.294:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.294:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.295:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.295:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.296:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.296:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.297:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.297:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.298:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.298:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.299:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.299:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.300:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.300:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.301:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.301:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.302:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.302:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.303:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-2.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.303:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-3.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.419:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.420:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.421:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.422:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.423:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.424:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.97:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq169.tmp -> TrackingCookie.Statcounter : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9A.tmp -> TrackingCookie.Statcounter : No action taken.
:mozilla.101:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.102:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nynk1wtt.Default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.138:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.139:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.140:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\enpm1smr.Default User\cookies-4.txt -> TrackingCookie.Tacoda : No action taken.
:mo

#7 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:55 AM

Posted 31 July 2006 - 12:15 AM

Mostly cookies, however, it's reporting 'No action taken'. You need to set it to quarantine - see my instructions above. Could you repeat and repost.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#8 MadnessLover

MadnessLover
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 31 July 2006 - 08:36 AM

Ok, I did it again (though I'm positive I had it set to quarantine the first time) but the 1000 or so files didn't show up again... What to do...

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:38:57 AM 7/31/2006

+ Scan result:



HKU\S-1-5-21-2168450592-3986728544-612689915-1003\Software\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
:mozilla.44:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.45:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.46:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.47:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.58:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
:mozilla.49:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.50:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
:mozilla.31:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.65:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.68:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.69:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.70:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.71:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.72:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
:mozilla.59:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.60:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\8ak2f468.victor\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win186.tmp -> Trojan.Dialer.pz : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win4C7.tmp -> Trojan.Dialer.pz : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win7B6.tmp -> Trojan.Dialer.pz : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\winB74.tmp -> Trojan.Dialer.pz : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\YF69WH2L\srvgax[1].exe -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\YF69WH2L\srvvko[1].exe -> Trojan.Pakes : Cleaned with backup (quarantined).


::Report end

EDIT: Ok, the report says no action taken (the first report) but I just checked my quarantine, and the files that say 'no action taken' are in there... There's over a thousand in there, so I think it DID quarantine them, but the report just says it didn't... I also seem to have the win???.tmp thing that refuses to die... If you can help me there too, I'd be extremely grateful.

Edited by MadnessLover, 31 July 2006 - 03:00 PM.


#9 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:55 AM

Posted 01 August 2006 - 12:58 AM

OK, post a new HJT log for me to look at.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#10 MadnessLover

MadnessLover
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 01 August 2006 - 01:01 AM

Right then. I haven't seen Cool.EXE for a little bit, that's good right?

Logfile of HijackThis v1.99.1
Scan saved at 1:03:54 AM, on 8/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\QuickTime\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM ® - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0DD4ADBE-E91D-48CC-9A04-87EA1674E385} (PerfTesAXDemo Control) - http://gamer.ubicom.com/benchmarks/PerfTes...Xproj_aug23.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2B36F775-8CF5-4489-B454-2D1B80984CF2} (FXPluginCtl Object) - http://www.powerflasher.de/plugin/powerres.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://fastconnectkitsetup.cox.net/wizlet/...flowActiveX.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://utu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: EGSPIYH - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\EGSPIYH.exe (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Iso Recorder\ImapiHelper.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Edited by MadnessLover, 01 August 2006 - 01:11 AM.


#11 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:55 AM

Posted 01 August 2006 - 01:11 AM

Could you search for cool.exe and post the path to it if found?

Make sure that you have no browser windows open as this could prevent the fix from working properly. Open HijackThis, scan and when complete, remove the following entries by checking the box to the left and clicking 'fixed checked':

O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://utu.popcap.com/games/popcaploader_v5.cab
O23 - Service: EGSPIYH - Unknown owner - C:\DOCUME~1\Owner\LOCALS~1\Temp\EGSPIYH.exe (file missing)


Exit HijackThis when done. Reboot, rescan with HijackThis and post a new log here.

Also do this. Download and run Silent Runners.vbs from HERE

It generates a log, please post the information back in this thread
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#12 MadnessLover

MadnessLover
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 01 August 2006 - 01:57 AM

It took a while, but I got everything done.

Cool.exe is in C:WINDOWS/SYSTEM32

I fixed the three you told me to fix in your last post.

And finally, the Silent Runners log.

"Silent Runners.vbs", revision 46, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"SP2 Connection Patcher" = ""C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200" [null data]
"LDM" = "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [null data]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"PS2" = "C:\WINDOWS\system32\ps2.exe" ["Hewlett-Packard Company"]
"NvCplDaemon" = ""RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]
"nwiz" = ""nwiz.exe" /install" ["NVIDIA Corporation"]
"NvMediaCenter" = ""RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" [MS]
"Windows Defender" = ""C:\Program Files\Windows Defender\MSASCui.exe" -hide" [MS]
"Logitech Hardware Abstraction Layer" = "KHALMNPR.EXE" ["Logitech Inc."]
"iTunesHelper" = ""C:\Program Files\QuickTime\iTunesHelper.exe"" ["Apple Computer, Inc."]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"HP Software Update" = ""C:\Program Files\HP\HP Software Update\HPWuSchd.exe"" ["Hewlett-Packard"]
"HP Component Manager" = ""C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"" ["Hewlett-Packard Company"]
"nod32kui" = ""C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE" ["Eset "]
"Zone Labs Client" = ""C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"" ["Zone Labs, LLC"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{02478D38-C3F9-4EFB-9B51-7695ECA05670}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Yahoo! Toolbar Helper"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\companion\Installs\cpn1\yt.dll" ["Yahoo! Inc."]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{48346A88-125A-422E-8955-C7824382C833}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\mljjh.dll" [null data]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
{E521797A-22DE-4B46-8B2F-8E98AB77B942}\(Default) = (no title provided)
-> {HKLM...CLSID} = "MSEvents Object"
\InProcServer32\(Default) = "C:\WINDOWS\system32\iifgdde.dll" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{DEE12703-6333-4D4E-8F34-738C4DCC2E04}" = "RecordNow! SendToExt"
-> {HKLM...CLSID} = "RecordNow! SendToExt"
\InProcServer32\(Default) = "c:\Program Files\RecordNow!\shlext.dll" ["Sonic Solutions"]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Program Files\Real\RealOne Player\rpshell.dll" ["RealNetworks, Inc."]
"{7F67036B-66F1-411A-AD85-759FB9C5B0DB}" = "SampleView"
-> {HKLM...CLSID} = "SampleView"
\InProcServer32\(Default) = "C:\WINDOWS\System32\ShellvRTF.dll" ["XSS"]
"{6E3C607A-B99C-4FA8-98F5-1AC1ADF7F5B9}" = "MediaFace extension"
-> {HKLM...CLSID} = "ShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\Fellowes\MediaFACE 4.0\MFShlExt.dll" ["Fellowes, Inc."]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {HKLM...CLSID} = "Portable Media Devices"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{1530F7EE-5128-43BD-9977-84A4B0FAD7DF}" = "PhotoToys"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\phototoys.dll" [MS]
"{5464D816-CF16-4784-B9F3-75C0DB52B499}" = "Yahoo! Mail"
-> {HKLM...CLSID} = "YMailShellExt Class"
\InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\ymmapi20041123.dll" ["Yahoo! Inc."]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
-> {HKLM...CLSID} = "Shell Search Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"
-> {HKLM...CLSID} = "iTunes"
\InProcServer32\(Default) = "C:\Program Files\QuickTime\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]
"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "NOD32 Context Menu Shell Extension"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
"{34F4B935-17DC-4885-8BC9-CCD1ADF42F93}" = "Record ISO Image to CD"
-> {HKLM...CLSID} = "CISORecorderContextMenu Object"
\InProcServer32\(Default) = "C:\Program Files\Iso Recorder\ISORecorder.dll" ["Alex Feinman"]
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}" = "ShellLink for Application References"
-> {HKLM...CLSID} = "ShellLink for Application References"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}" = "Shell Icon Handler for Application References"
-> {HKLM...CLSID} = "Shell Icon Handler for Application References"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
INFECTION WARNING! "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" = "Microsoft AntiMalware ShellExecuteHook"
-> {HKLM...CLSID} = "Microsoft AntiMalware ShellExecuteHook"
\InProcServer32\(Default) = "C:\PROGRA~1\WIFD1F~1\MpShHook.dll" [MS]
INFECTION WARNING! "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "ewido anti-spyware 4.0"
-> {HKLM...CLSID} = "CShellExecuteHookImpl Object"
\InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll" ["Anti-Malware Development a.s."]
INFECTION WARNING! "{E521797A-22DE-4B46-8B2F-8E98AB77B942}" = "*b" (unwritable string)
-> {HKLM...CLSID} = "MSEvents Object"
\InProcServer32\(Default) = "C:\WINDOWS\system32\iifgdde.dll" [null data]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! igfxcui\DLLName = "igfxsrvc.dll" ["Intel Corporation"]
INFECTION WARNING! iifgdde\DLLName = "iifgdde.dll" [null data]
INFECTION WARNING! mljjh\DLLName = "C:\WINDOWS\system32\mljjh.dll" [null data]
INFECTION WARNING! WgaLogon\DLLName = "WgaLogon.dll" [MS]
INFECTION WARNING! wineij32\DLLName = "wineij32.dll" [file not found]

HKLM\Software\Classes\PROTOCOLS\Filter\
INFECTION WARNING! text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."]
MediaFaceExtension\(Default) = "{6E3C607A-B99C-4FA8-98F5-1AC1ADF7F5B9}"
-> {HKLM...CLSID} = "ShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\Fellowes\MediaFACE 4.0\MFShlExt.dll" ["Fellowes, Inc."]
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
Yahoo! Mail\(Default) = "{5464D816-CF16-4784-B9F3-75C0DB52B499}"
-> {HKLM...CLSID} = "YMailShellExt Class"
\InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\ymmapi20041123.dll" ["Yahoo! Inc."]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."]
MediaFaceExtension\(Default) = "{6E3C607A-B99C-4FA8-98F5-1AC1ADF7F5B9}"
-> {HKLM...CLSID} = "ShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\Fellowes\MediaFACE 4.0\MFShlExt.dll" ["Fellowes, Inc."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
Create ISO Image from directory\(Default) = "{34F4B935-17DC-4885-8BC9-CCD1ADF42F93}"
-> {HKLM...CLSID} = "CISORecorderContextMenu Object"
\InProcServer32\(Default) = "C:\Program Files\Iso Recorder\ISORecorder.dll" ["Alex Feinman"]
NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" [null data]
SpySweeper\(Default) = "{7C9D5882-CB4A-4090-96C8-430BFE8B795B}"
-> {HKLM...CLSID} = "Webroot Spy Sweeper Context Menu Integration"
\InProcServer32\(Default) = "C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll" [file not found]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Control Panel\Desktop\
"Wallpaper" = "H:\My stuff\Halo Stuff\Halo.bmp"


Startup items in "Owner" & "All Users" startup folders:
-------------------------------------------------------

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
"HP Digital Imaging Monitor" -> shortcut to: "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" ["Hewlett-Packard Co."]
"Logitech Desktop Messenger" -> shortcut to: "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe /start" ["Logitech"]
"Logitech SetPoint" -> shortcut to: "C:\Program Files\Logitech\SetPoint\SetPoint.exe" ["Logitech Inc."]
"Run Nintendo Wi-Fi USB Connector Registration Tool" -> shortcut to: "C:\Program Files\WiFiConnector\NintendoWFCReg.exe" [empty string]


Enabled Scheduled Tasks:
------------------------

"HP DArC Task #Hewlett-Packard#hp psc 1300 series#1152114861" -> launches: "C:\Program Files\HP\hpcoretech\comp\hpdarc.exe /#Hewlett-Packard#hp psc 1300 series#1152114861" ["Hewlett-Packard Company"]
"MP Scheduled Scan" -> launches: "C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges" [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000004\LibraryPath = "%SystemRoot%\System32\nwprovau.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
imon.dll ["Eset "], 01 - 05, 16
%SystemRoot%\system32\mswsock.dll [MS], 06 - 08, 11 - 15, 17 - 28
%SystemRoot%\system32\rsvpsp.dll [MS], 09 - 10


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
-> {HKLM...CLSID} = "Yahoo! Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\companion\Installs\cpn1\yt.dll" ["Yahoo! Inc."]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = (no title provided)
-> {HKLM...CLSID} = "Yahoo! Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\companion\Installs\cpn1\yt.dll" ["Yahoo! Inc."]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_06"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Research"

{AC9E2541-2814-11D5-BC6D-00B0D0A1DE45}\
"ButtonText" = "AIM ®"
"Exec" = "C:\Program Files\AIM95\aim.exe" ["America Online, Inc."]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Miscellaneous IE Hijack Points
------------------------------

C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")

Added lines (compared with English-language version):
[Strings]: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Missing lines (compared with English-language version):
[Strings]: 1 line


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

ewido anti-spyware 4.0 guard, ewido anti-spyware 4.0 guard, "C:\Program Files\ewido anti-spyware 4.0\guard.exe" ["Anti-Malware Development a.s."]
HTTP SSL, HTTPFilter, "C:\WINDOWS\System32\svchost.exe -k HTTPFilter" {"C:\WINDOWS\System32\w3ssl.dll" [MS]}
iPodService, iPodService, "C:\Program Files\iPod\bin\iPodService.exe" ["Apple Computer, Inc."]
MSSQL$SONY_MEDIAMGR, MSSQL$SONY_MEDIAMGR, "C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -sSONY_MEDIAMGR" [MS]
NOD32 Kernel Service, NOD32krn, ""C:\Program Files\Eset\nod32krn.exe"" ["Eset "]
NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]
Pml Driver HPZ12, Pml Driver HPZ12, "C:\WINDOWS\system32\HPZipm12.exe" ["HP"]
TrueVector Internet Monitor, vsmon, "C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service" ["Zone Labs, LLC"]
Windows Defender Service, WinDefend, ""C:\Program Files\Windows Defender\MsMpEng.exe"" [MS]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
HP Standard TCP/IP Port\Driver = "HpTcpMon.dll" ["Hewlett Packard"]
hpzsnt09\Driver = "hpzsnt09.dll" ["HP"]
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]
Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]


----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer "No" at the first message box.
---------- (total run time: 87 seconds, including 19 seconds for message boxes)

The funny thing is, I didn't get a popup window saying Silent Runners was done, so I was sitting there for 15 minutes waiting...

#13 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:55 AM

Posted 01 August 2006 - 02:14 AM

Thought as much - hidden Vundo. Please download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will shutdown your computer, click OK.
  • Turn your computer back on.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.

Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#14 MadnessLover

MadnessLover
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 01 August 2006 - 11:02 AM

No Vundo found. Um... I'll just post the stuff anyway, it's probaly a new variation... Or something... I'm not so great with this kind of stuff...

VundoFix V5.1.6

Checking Java version...

Java version is 1.4.2.3

Java version is 1.4.2.6

Java version is 1.5.0.3

Java version is 1.5.0.4

Java version is 1.5.0.5

Java version is 1.5.0.6

Scan started at 10:13:39 AM 8/1/2006

Listing files found while scanning....

No infected files were found.

No infected files were found.



Logfile of HijackThis v1.99.1
Scan saved at 11:01:27 AM, on 8/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\windows\system32\VundoFix.exe
C:\Program Files\AIM95\aim.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\QuickTime\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [SP2 Connection Patcher] "C:\Program Files\SP2 Connection Patcher\SP2ConnPatcher.exe" -n=200
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM ® - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0DD4ADBE-E91D-48CC-9A04-87EA1674E385} (PerfTesAXDemo Control) - http://gamer.ubicom.com/benchmarks/PerfTes...Xproj_aug23.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2B36F775-8CF5-4489-B454-2D1B80984CF2} (FXPluginCtl Object) - http://www.powerflasher.de/plugin/powerres.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://fastconnectkitsetup.cox.net/wizlet/...flowActiveX.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: bw+0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {BD0B2F7F-9D4E-4724-8605-489C9507D3CF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Iso Recorder\ImapiHelper.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#15 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:55 AM

Posted 01 August 2006 - 04:23 PM

Looks like it. Download The Avenger by Swandog46, and save it to your Desktop. Extract avenger.exe from the Zip file and save it to your desktop

Run avenger.exe by double-clicking on it.
Check the 'Input script manually' box.
Click on the magnifying glass icon.
Copy everything in the code box below (don't copy the word "CODE in the box header, just the box contents starting at Files to delete) and paste it in the box that opens:

WARNING: This script is not a general fix. If you are not this user, running this script could damage your system

Files to delete:
C:\WINDOWS\system32\mljjh.dll
C:\WINDOWS\system32\iifgdde.dll

Now click the 'Done' button.
Click on the traffic light icon and OK the prompt.
You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it manually.

Please post a new HijackThis log and the log file from Avenger at C:\avenger.txt
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users