Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Screen Is Very Dim; May Be A Trojan Zlob


  • Please log in to reply
15 replies to this topic

#1 philhead

philhead

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 30 September 2006 - 03:04 PM

Hi,

My laptop monitor is very dim, so much so that the only way I can see it at all is by having direct light through my window shine on it. I have run scans with AdAware, Spybot, and AVG antivirus, and they have not fixed the problem. I have run HijackThis and created a log, here is a copy:


Logfile of HijackThis v1.99.1
Scan saved at 12:49:06 PM, on 9/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SYSTEM32\Drivers\dadapp.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wltray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://myuw.washington.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.washington.edu
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by the University of Washington
O1 - Hosts: 64.237.53.4 ad.doubleclick.net
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {39A76562-DCFC-F422-D2EB-F00A750AA6CC} - C:\WINDOWS\system32\emyr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Protection Bar - {479fd0cf-5be9-4c63-8cda-b6d371c67bd5} - C:\Program Files\strCodec\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG -off
O4 - HKLM\..\Run: [DadApp] C:\WINDOWS\SYSTEM32\Drivers\dadapp.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKLM\..\Run: [R4z] C:\documents and settings\katie sorg\local settings\temp\R4z.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [PTRGMYGK] rundll32.exe ptmg1v.dll,DllRunMain
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [UWICKCD] D:\AUTORUN\UWICK.EXE D:\AUTORUN
O4 - HKCU\..\Run: [Kitdtj] C:\WINDOWS\system32\w?auclt.exe
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Katie Sorg\Application Data\eetu.exe
O4 - HKCU\..\Run: [CMS_RSChecker] "C:\Documents and Settings\Katie Sorg\Desktop\RSFAN.exe" -m
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.washington.edu
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tri...Transporter.cab?
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/2003...iTunesSetup.exe
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Common Files\Mediafour\MacDriveiTunesPatch.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - C:\WINDOWS\system32\oqabf.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe



Any help on this would be greatly appreciated, as the laptop is needed for classes this quarter.

Thanks,

Phil

BC AdBot (Login to Remove)

 


#2 rubiconeye

rubiconeye

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 30 September 2006 - 03:20 PM

hi, philhead,

have you tried adjusting your screen brightness/contrast settings?

try also starting in safemode, is the screen any better then, if so maybe try to update your graphics/screen drivers

#3 philhead

philhead
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 30 September 2006 - 03:50 PM

Hi rubicon,

I tried adjusting the brightness and contrast, and it was still incredibly dim restarting in safe mode. Anything else I can try?

Phil

#4 rubiconeye

rubiconeye

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Local time:04:14 AM

Posted 30 September 2006 - 04:05 PM

how old is your laptop?

try attaching it to an external monitor, if an external monitor shows ok and your laptop is old, then chances are the screen is kaput, but i'm no expert on laptop displays. you could always try upgrading the drivers anyway, nothing to lose.

maybe someone will have better ideas.

#5 philhead

philhead
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 30 September 2006 - 04:35 PM

It's a pretty old laptop, so I suppose that could be the issue. I actually have tried connecting another monitor, but it didn't work either. Thanks for your help, rubicon. Maybe somebody else knows something!

Phil

#6 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:12:14 AM

Posted 01 October 2006 - 07:35 AM

On the off chance that this is a driver issue - you could try updating your motherboard/chipset drivers and your video drivers to see if it fixes the problem.

To be extra cautious, you can remove the drivers first, then reboot. Don't let the wizard reinstall the drivers (cancel out of it) - then double click on the new drivers to install them.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#7 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:14 PM

Posted 01 October 2006 - 08:38 AM

Hi philhead,

Just glancing a your log, I see some pretty nasty adware and some unknown files. Altho it may not fix your problem, some of it does mess with your desktop so it needs to be dealt with first.

I'm moving this thread to the HijackThis logs forum so that you can get help from someone who is trained to deal with these. Otherwise someone who doesn't know quite what they are doing might tell you to fix something that would make things worse. If after your malware issues are resolved you still have this problem, you can always repost in the XP forum and link to this thread.

I won't have the time for it today but someone will be with you shortly.

The thing about people

is they change

when they walk away.--Mipso


#8 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:05:14 AM

Posted 02 October 2006 - 01:39 PM

* You may want to print out or make a copy of these instructions before starting, because you will not be able to connect to the internet during most of this fix.

* Download smitRem.exe and save the file to your desktop.
Double click on the file to extract it to it's own folder on the desktop.

* First download AVG Anti-Spyware 7.5 from HERE and save that file to your desktop.
This is a 30 day trial of the program
  • Once you have downloaded AVG Anti-Spyware 7.5, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run AVG Anti-Spyware 7.5 and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware 7.5, Do Not run a scan just yet, we will shortly.

* If you do not already have Ad-Aware SE 1.06 installed, follow these download and setup instructions. Also check for updates:
Ad-Aware SE Setup
Again, do NOT run a scan yet.


* Next, please reboot your computer in Safe Mode by doing the following:
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
  • Instead of Windows loading as normal, a menu should appear
  • Select the first option, to run Windows in Safe Mode.
* Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen. Your desktop and icons will disappear and then reappear again --- this is normal.
Wait for the tool to complete and Disk Cleanup to finish --- this may take a while; please be patient.

* Next, run Ad-aware and perform a full scan. Remove everything found.
  • Lauch AVG Anti-Spyware 7.5 by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware 7.5 will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
* Next go to Start -> Control Panel, click Display -> Desktop -> Customize Desktop -> Web -> Uncheck "Security Info" if present.


* Restart your computer in normal mode.

* Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

* Run the Panda online virus scan at http://www.pandasoftware.com/products/activescan.htm

- Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
- When download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.

* Finally, restart your computer once more, and please post a new HijackThis log as well as the log from the AVG Anti-Spyware 7.5 scan and the log from the smitRem tool, which will be located at C:\smitfiles.txt.
Let us know if any problems persist.
Greets Jürgenv

Donation: Click me.

#9 philhead

philhead
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 02 October 2006 - 02:32 PM

Thanks, I'll get right on this!

Phil

#10 philhead

philhead
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 02 October 2006 - 08:23 PM

Ok, I went through all the steps you listed, and here are the new logs:


Logfile of HijackThis v1.99.1
Scan saved at 6:09:13 PM, on 10/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SYSTEM32\Drivers\dadapp.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wltray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.washington.edu
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by the University of Washington
O1 - Hosts: 64.237.53.4 ad.doubleclick.net
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {39A76562-DCFC-F422-D2EB-F00A750AA6CC} - C:\WINDOWS\system32\emyr.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG -off
O4 - HKLM\..\Run: [DadApp] C:\WINDOWS\SYSTEM32\Drivers\dadapp.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKLM\..\Run: [R4z] C:\documents and settings\katie sorg\local settings\temp\R4z.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [PTRGMYGK] rundll32.exe ptmg1v.dll,DllRunMain
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [UWICKCD] D:\AUTORUN\UWICK.EXE D:\AUTORUN
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Katie Sorg\Application Data\eetu.exe
O4 - HKCU\..\Run: [CMS_RSChecker] "C:\Documents and Settings\Katie Sorg\Desktop\RSFAN.exe" -m
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.washington.edu
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tri...Transporter.cab?
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/2003...iTunesSetup.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Common Files\Mediafour\MacDriveiTunesPatch.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe








---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 4:21:11 PM 10/2/2006

+ Scan result:



C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP428\A0034210.dll -> Adware.PurityScan : Cleaned.
C:\WINDOWS\SYSTEM32\rvvon.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP413\A0027672.exe -> Downloader.Zlob.aea : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP413\A0027685.exe -> Downloader.Zlob.aea : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP414\A0027736.exe -> Downloader.Zlob.aea : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP414\A0027750.exe -> Downloader.Zlob.aea : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP413\A0027671.dll -> Downloader.Zlob.akz : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP413\A0027684.dll -> Downloader.Zlob.akz : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP414\A0027737.dll -> Downloader.Zlob.akz : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP414\A0027749.dll -> Downloader.Zlob.akz : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP414\A0027770.dll -> Downloader.Zlob.akz : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP414\A0027783.dll -> Downloader.Zlob.akz : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP414\A0027861.dll -> Downloader.Zlob.akz : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP418\A0028855.dll -> Downloader.Zlob.akz : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP421\A0028923.dll -> Downloader.Zlob.akz : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP421\A0029930.dll -> Downloader.Zlob.akz : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP421\A0029931.exe -> Downloader.Zlob.alw : Cleaned.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP428\A0034212.DLL -> Hijacker.Agent.dh : Cleaned.
:mozilla.141:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.142:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.143:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.144:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.145:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.146:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.147:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.148:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.149:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.150:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.151:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.152:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.153:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.154:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.155:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.156:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.157:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.158:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.159:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.160:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.161:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.162:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.163:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.164:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.165:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.166:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.167:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.168:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.169:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.170:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.171:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.172:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.173:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.174:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.175:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.176:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.177:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.178:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.179:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.180:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.181:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.182:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.183:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.184:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.185:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.186:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.46:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.50:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.51:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.53:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.54:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.56:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.57:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.58:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.59:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.60:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Katie Sorg\Cookies\katie sorg@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.246:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.248:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.250:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.253:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.254:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.255:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.256:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.258:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.259:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.530:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.108:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.109:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.110:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.111:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.112:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.14:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.234:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.31:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.32:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.33:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.277:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.279:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.280:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.281:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.283:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.93:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.94:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.95:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.96:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.97:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.98:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.99:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.562:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.563:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.564:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.565:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.566:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.567:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.568:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.569:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.199:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.200:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.201:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.558:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.559:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.560:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.561:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.70:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.55:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.215:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.217:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.218:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.224:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.535:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.536:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.537:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.226:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.227:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.228:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.229:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.100:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.101:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.103:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.104:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.513:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.514:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.515:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.40:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.492:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.493:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.494:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.495:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.496:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.497:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.238:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.239:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.240:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.241:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.242:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.243:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.113:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.114:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.115:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.457:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.188:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.189:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.190:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.191:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.192:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.193:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.194:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.195:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.196:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.197:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.198:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.548:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.346:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.347:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.348:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.349:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.350:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.351:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.352:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.353:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.354:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.355:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.356:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.357:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.358:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.359:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.360:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.361:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.362:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.363:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.364:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.365:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.366:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.367:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.368:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.369:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.370:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.371:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.372:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.373:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.374:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.375:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.376:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.377:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.378:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.379:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.380:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.381:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.382:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.383:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.384:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.385:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.386:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.387:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.388:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.389:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.390:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.391:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.392:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.393:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.394:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.395:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.337:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.527:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.528:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.529:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.276:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.278:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.282:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.264:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.265:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.266:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.267:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.268:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.42:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.43:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.44:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.45:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.52:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Katie Sorg\Cookies\katie sorg@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.208:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.209:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.210:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.211:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.212:C:\Documents and Settings\Katie Sorg\Application Data\Mozilla\Firefox\Profiles\3iylwn6d.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


::Report end






smitRem © log file
version 3.2

by noahdfear


Microsoft Windows XP [Version 5.1.2600]
"IE"="6.0000"
The current date is: Mon 10/02/2006
The current time is: 15:07:48.58

Running from
C:\Documents and Settings\Katie Sorg\Desktop\smitRem

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pre-run SharedTask Export

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright© 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{4d993022-0899-4599-b4b6-0f887d0802e6}"="considerateness"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4d993022-0899-4599-b4b6-0f887d0802e6}\InProcServer32]
@="C:\WINDOWS\system32\oqabf.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Appinitdll check ........ Thank you Grinler!

dumphive.exe ©2000-2004 Markus Stephany
REGEDIT4

[Windows]
"AppInit_DLLs"=""
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!


checking for WinHound.com key


WinHound.com key not present!


checking for drsmartload2 key


drsmartload2 key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present
AlfaCleaner uninstaller NOT present
SpyFalcon uninstaller NOT present
SpywareQuake uninstaller NOT present
SpywareSheriff uninstaller NOT present
Trust Cleaner uninstaller NOT present
SpyHeal uninstaller NOT present
VirusBurst uninstaller NOT present
BraveSentry uninstaller NOT present

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Online Security Guide.url
Security Troubleshooting.url


~~~ Favorites ~~~



~~~ system32 folder ~~~

amcompat.tlb
nscompat.tlb
logfiles


~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 780 'explorer.exe'
Killing PID 780 'explorer.exe'

Starting registry repairs

Registry repairs complete

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SharedTask Export after registry fix

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright© 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


~~~~~~

#11 philhead

philhead
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 02 October 2006 - 08:29 PM

Oops, looks like I got cut off. Here's the rest:



smitRem © log file
version 3.2

by noahdfear


Microsoft Windows XP [Version 5.1.2600]
"IE"="6.0000"
The current date is: Mon 10/02/2006
The current time is: 15:07:48.58

Running from
C:\Documents and Settings\Katie Sorg\Desktop\smitRem

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pre-run SharedTask Export

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright© 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{4d993022-0899-4599-b4b6-0f887d0802e6}"="considerateness"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4d993022-0899-4599-b4b6-0f887d0802e6}\InProcServer32]
@="C:\WINDOWS\system32\oqabf.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Appinitdll check ........ Thank you Grinler!

dumphive.exe ©2000-2004 Markus Stephany
REGEDIT4

[Windows]
"AppInit_DLLs"=""
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!


checking for WinHound.com key


WinHound.com key not present!


checking for drsmartload2 key


drsmartload2 key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present
AlfaCleaner uninstaller NOT present
SpyFalcon uninstaller NOT present
SpywareQuake uninstaller NOT present
SpywareSheriff uninstaller NOT present
Trust Cleaner uninstaller NOT present
SpyHeal uninstaller NOT present
VirusBurst uninstaller NOT present
BraveSentry uninstaller NOT present

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Online Security Guide.url
Security Troubleshooting.url


~~~ Favorites ~~~



~~~ system32 folder ~~~

amcompat.tlb
nscompat.tlb
logfiles


~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 780 'explorer.exe'
Killing PID 780 'explorer.exe'

Starting registry repairs

Registry repairs complete

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SharedTask Export after registry fix

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright© 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Deleting files

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Remaining Post-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~


~~~ Wininet.dll ~~~

CLEAN! :thumbsup:


Thanks! Let me know if there's anything else to be done. My monitor is still dim, but I suspect the back light is just gone since the laptop is 5 and a half years old.

Thanks again,
Phil

#12 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:05:14 AM

Posted 03 October 2006 - 12:36 AM

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 5.0 Update 8.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-1_5_0_07-windowsi586-p.exe to install the newest version.


* Go to start > controlpanel > software > add/remove programs and uninstall next if present:

Oin
Yazzle by Oin
Purityscan by Oin
Snowballwars by Oin
Cowabanga by OIN
or anything similar with Oin in it.

If OIN not listed, download and run this uninstaller.

* Please open hijackthis and put a check next to the following:

O1 - Hosts: 64.237.53.4 ad.doubleclick.net
O2 - BHO: (no name) - {39A76562-DCFC-F422-D2EB-F00A750AA6CC} - C:\WINDOWS\system32\emyr.dll (file missing)
O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKLM\..\Run: [R4z] C:\documents and settings\katie sorg\local settings\temp\R4z.exe
O4 - HKLM\..\Run: [PTRGMYGK] rundll32.exe ptmg1v.dll,DllRunMain
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Katie Sorg\Application Data\eetu.exe
O4 - HKCU\..\Run: [CMS_RSChecker] "C:\Documents and Settings\Katie Sorg\Desktop\RSFAN.exe" -m


* After you check the items you want to fix, close all browsers and windows, except for HijackThis, then click on the Fix Checked button on HijackThis.

* Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, Click Options > Change settings
  • Choose the "Scan"-tab, remove the mark at "Heuristic analysis".
  • Back at the main window, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look if you can click next icon next to the files found: Posted Image
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    Posted Image
    This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply with a new hijackthis log.

Greets Jürgenv

Donation: Click me.

#13 philhead

philhead
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 04 October 2006 - 12:35 AM

Hi jurgenv,

I ran through these steps, and here are the logs:


Logfile of HijackThis v1.99.1
Scan saved at 10:29:18 PM, on 10/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SYSTEM32\Drivers\dadapp.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.washington.edu
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by the University of Washington
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG -off
O4 - HKLM\..\Run: [DadApp] C:\WINDOWS\SYSTEM32\Drivers\dadapp.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [UWICKCD] D:\AUTORUN\UWICK.EXE D:\AUTORUN
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.washington.edu
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/retro64_loader.dll
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tri...Transporter.cab?
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/9955/2003...iTunesSetup.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Common Files\Mediafour\MacDriveiTunesPatch.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe




Dr Web:

Process.exe;C:\Documents and Settings\Katie Sorg\Desktop\smitRem;Tool.Prockill;Incurable.Moved.;
A0023488.exe;C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP389;Program.mIRC.60;Incurable.Moved.;
A0032005.exe;C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP424;Adware.Minibug;Incurable.Moved.;



Thanks for all your help thus far, let me know if there's anything else to be done!

Phil

#14 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:05:14 AM

Posted 04 October 2006 - 12:42 AM

Looking good, how is everything working? :thumbsup:
Greets Jürgenv

Donation: Click me.

#15 philhead

philhead
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:14 PM

Posted 05 October 2006 - 02:06 AM

Things are working well, everything's running a bit faster and more smoothly. The monitor is still really dim, but it's probably just a bad backlight on an old computer. Thanks for all your help, it really is greatly appreciated! This stuff can really be quite a big problem, as I am sure you know, so it's nice to have someone who knows what they're talking about to help.

Thanks again,

Phil




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users