Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Know I Got Some Kinda Trojan/malware/spyware


  • This topic is locked This topic is locked
12 replies to this topic

#1 xxdawnxx

xxdawnxx

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 04 December 2006 - 06:13 PM

I've been trying to fix it for a week already. I'm desperate. Please someone help me. here's my hijack this log.


Logfile of HijackThis v1.99.1
Scan saved at 7:08:03 AM, on 12/5/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\Com\LSASS.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\Rundll32.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\WINLOGON.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
F2 - REG:system.ini: Shell=Explorer.exe 1
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O3 - Toolbar: |?-μ?(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ItMonitor] C:\WINDOWS\WASAY\MONITOR.EXE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ExFilter] Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\cdnspie.dll",ExecFilter solo
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Torjan Program] C:\WINDOWS\WINLOGON.EXE
O4 - HKLM\..\RunServices: [Torjan Program] C:\WINDOWS\WINLOGON.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue Registry Booster] D:\Program Files\Registry Booster\RegistryBooster.exe /S
O16 - DPF: i.Game MJImpressYHK - http://202.43.223.148/client/MJc/com/igame/MJImpressYHK.cab
O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - http://txn.hkjc.com/BetSlip/object/HKJCSecKey.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160929999484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160929935031
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_7us.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://itv.5qzone.net/pCastCtl_1.0.0.82_20060329.cab
O21 - SSODL: AdobePDF - {D92D666A-0F7B-5892-A7E8-29340333F07E} - "C:\Program Files\Internet Explorer\PLUGINS\nppdf.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

BC AdBot (Login to Remove)

 


m

#2 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:56 AM

Posted 04 December 2006 - 07:21 PM

Please download SUPERAntiSpyware Home Edition (free version)
  • Install it and double-click the icon on your desktop to run it.
  • It will ask if you want to update the program definitions, click Yes.
  • Under Configuration and Preferences, click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked:
    • Close browsers before scanning
    • Scan for tracking cookies
    • Terminate memory threats before quarantining.
    • Please leave the others unchecked.
    • Click the Close button to leave the control center screen.
  • On the main screen, under Scan for Harmful Software click Scan your computer.
  • On the left check C:\Fixed Drive.
  • On the right, under Complete Scan, choose Perform Complete Scan.
  • Click Next to start the scan. Please be patient while it scans your computer.
  • After the scan is complete a summary box will appear. Click OK.
  • Make sure everything in the white box has a check next to it, then click Next.
  • It will quarantine what it found and if it asks if you want to reboot, click Yes.
  • To retrieve the removal information for me please do the following:
    • After reboot, double-click the SUPERAntispyware icon on your desktop.
    • Click Preferences. Click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • It will open in your default text editor (such as Notepad/Wordpad).
    • Please highlight everything in the notepad, then right-click and choose copy.
  • Click close and close again to exit the program.
  • Please paste that information here for me with a new HijackThis log.

Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#3 xxdawnxx

xxdawnxx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 05 December 2006 - 05:47 AM

Thank Daemon.

So here's my SUPERAntiSpyware Scan Log:

SUPERAntiSpyware Scan Log
Generated 12/05/2006 at 06:00 PM

Application Version : 3.3.1020

Core Rules Database Version : 3142
Trace Rules Database Version: 1158

Scan type : Complete Scan
Total Scan Time : 00:16:50

Memory items scanned : 373
Memory threats detected : 0
Registry items scanned : 6385
Registry threats detected : 8
File items scanned : 3338
File threats detected : 75

Adware.Tracking Cookie
C:\Documents and Settings\Ivy\Cookies\ivy@hurricanedigitalmedia[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@atwola[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@pagead[4].txt
C:\Documents and Settings\Ivy\Cookies\ivy@ad.hinet[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@thinkmedia[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@m1.webstats4u[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@windowsmedia[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@adopt.specificclick[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@entrepreneur.us.intellitxt[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@thes[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@ads.realtechnetwork[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@image.masterstats[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@itxt.vibrantmedia[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@tacoda[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@adknowledge[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@server.cpmstar[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@www.burstbeacon[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@belnk[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@adimages.sina.com[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@adlegend[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@smileycentral[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@20690[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@rotator.adjuggler[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@bookssl1141185600[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@revenue[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@buddytracker[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@burstnet[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@qnsr[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@635[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@xtracker[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@cz8.clickzs[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@indextools[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@dist.belnk[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@revsci[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@stat.dealtime[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@pagead[3].txt
C:\Documents and Settings\Ivy\Cookies\ivy@pagead[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@adopt.hbmediapro[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@adinterax[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@server4.web-stat[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@24631554[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@clickability[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@now[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@media101.sitebrand[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@superstats[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@roiservice[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@optimost[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@esl1124794800[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@kanoodle[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@a.websponsors[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@adv.wonderfuland[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@creativeby.viewpoint[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@stats.manticoretechnology[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@pagead[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@pagead[7].txt
C:\Documents and Settings\Ivy\Cookies\ivy@mediametrics.mpsa[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@pagead[6].txt
C:\Documents and Settings\Ivy\Cookies\ivy@1071905584[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@esl1146567600[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@bookssl1139976000[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@itravelsl1140526800[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@ads.cnn[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@ads.mediaturf[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@hits.clickandtrack[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@ads.writing[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@www.burstnet[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@indiads[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@1072556060[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@esl1140523200[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@www.belstat[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@dealtime[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@pagead[5].txt
C:\Documents and Settings\Ivy\Cookies\ivy@esl1141128000[1].txt
C:\Documents and Settings\Ivy\Cookies\ivy@yadro[2].txt
C:\Documents and Settings\Ivy\Cookies\ivy@itravelsl1146571200[1].txt

Unclassified.Unknown Origin
HKCR\CLSID\{1A404685-7563-4D02-B0F6-58B308A406A9}
HKCR\CLSID\{1A404685-7563-4D02-B0F6-58B308A406A9}\InProcServer32
HKCR\CLSID\{1A404685-7563-4D02-B0F6-58B308A406A9}\InProcServer32#ThreadingModel

Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID



and it's the new hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 6:43:33 PM, on 12/5/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\Com\LSASS.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O3 - Toolbar: |?-μ?(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ItMonitor] C:\WINDOWS\WASAY\MONITOR.EXE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O16 - DPF: i.Game MJImpressYHK - http://202.43.223.148/client/MJc/com/igame/MJImpressYHK.cab
O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - http://txn.hkjc.com/BetSlip/object/HKJCSecKey.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160929999484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160929935031
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_7us.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://itv.5qzone.net/pCastCtl_1.0.0.82_20060329.cab
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: AdobePDF - {D92D666A-0F7B-5892-A7E8-29340333F07E} - "C:\Program Files\Internet Explorer\PLUGINS\nppdf.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

#4 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:56 AM

Posted 05 December 2006 - 03:05 PM

Looking better, do one more scan for me. Download AVG Anti-Spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
    IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware and reboot your system back into Normal Mode.
Post the results of the AVG Anti-Spyware report scan together with a new HijackThis log.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#5 xxdawnxx

xxdawnxx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 06 December 2006 - 04:43 AM

ok here's the report from AVG anti-spyware scan

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:26:36 PM 12/6/2006

+ Scan result:



C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : No action taken.
C:\WINDOWS\system32\E13D94A0.DLL -> Backdoor.Agent.ahj : No action taken.
C:\Documents and Settings\Michael\桌面\g0ld.com -> Downloader.Delf.asj : No action taken.
:mozilla.249:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.250:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.251:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.252:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.27:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.370:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@esdlife.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.36:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.37:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.83:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.84:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@adbrite[1].txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.331:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.477:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.152:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@adrevolver[2].txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.280:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.281:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.282:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Adserver : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@z1.adserver[1].txt -> TrackingCookie.Adserver : No action taken.
:mozilla.104:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.105:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.106:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.107:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.307:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.308:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.309:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@servedby.advertising[2].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@servedby.advertising[2].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.29:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.490:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.50:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.66:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.93:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.86:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.90:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.92:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : No action taken.
:mozilla.246:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.380:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@www.burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.176:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.263:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@casalemedia[2].txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@casalemedia[2].txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@casalemedia[1].txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@casalemedia[2].txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@centrport[1].txt -> TrackingCookie.Centrport : No action taken.
:mozilla.272:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.273:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.381:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.382:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.35:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.366:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.36:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.371:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.37:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.51:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.54:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.55:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.56:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@com[2].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@com[2].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Ivy\Cookies\ivy@com[1].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@com[1].txt -> TrackingCookie.Com : No action taken.
:mozilla.497:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Dbbsrv : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@bleep.com.19522.fb.dbbsrv[2].txt -> TrackingCookie.Dbbsrv : No action taken.
:mozilla.30:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.416:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.53:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.54:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Gary\Local Settings\Temp\Cookies\gary@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@as-eu.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
:mozilla.177:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.183:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.184:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@media.fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.218:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.247:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.339:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.340:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.341:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.342:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.343:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.344:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.345:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.429:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.472:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.600:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.623:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.629:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.645:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.88:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.214:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.215:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.216:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.217:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.218:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.41:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.65:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@ehg-citibank.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@ehg-adidas.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@ehg-citibank.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.328:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Hotlog : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@linksynergy[1].txt -> TrackingCookie.Linksynergy : No action taken.
:mozilla.492:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.493:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.597:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.602:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.338:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Masterstats : No action taken.
:mozilla.408:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Masterstats : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@image.masterstats[1].txt -> TrackingCookie.Masterstats : No action taken.
:mozilla.268:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.269:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@mediaplex[2].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.15:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.16:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.677:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.678:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.679:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.113:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.63:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.72:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@data4.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@overture[2].txt -> TrackingCookie.Overture : No action taken.
:mozilla.135:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.136:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.137:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.138:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.190:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.191:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.192:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.194:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@stats3.porntrack[1].txt -> TrackingCookie.Porntrack : No action taken.
:mozilla.139:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.140:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@questionmarket[1].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.135:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.145:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.213:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.470:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.471:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@revenue[1].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@revenue[2].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Gary\Local Settings\Temp\Cookies\gary@revenue[1].txt -> TrackingCookie.Revenue : No action taken.
:mozilla.141:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.142:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.143:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.144:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@edge.ru4[1].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@edge.ru4[1].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.294:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.311:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@sexlist[2].txt -> TrackingCookie.Sexlist : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@counter14.sextracker[2].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@counter15.sextracker[2].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@counter2.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@counter8.sextracker[2].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@counter1.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@counter2.sextracker[1].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@sextracker[2].txt -> TrackingCookie.Sextracker : No action taken.
:mozilla.108:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.109:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.359:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.360:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.520:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.665:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.366:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@h.starware[1].txt -> TrackingCookie.Starware : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@try.starware[1].txt -> TrackingCookie.Starware : No action taken.
:mozilla.117:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.118:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.119:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.120:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.121:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.61:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.62:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.85:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@statcounter[1].txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@statcounter[1].txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.108:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.109:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.110:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.166:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.167:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.397:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.398:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.149:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Targetnet : No action taken.
:mozilla.159:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Targetnet : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@targetnet[2].txt -> TrackingCookie.Targetnet : No action taken.
:mozilla.111:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.403:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Coty\Cookies\coty@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Lan\Cookies\lan@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.190:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.202:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.31:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.32:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.494:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.495:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@web-stat[2].txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.377:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.400:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.494:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.37:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Xxxcounter : No action taken.
:mozilla.43:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Xxxcounter : No action taken.
:mozilla.44:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Xxxcounter : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : No action taken.
:mozilla.169:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Yadro : No action taken.
:mozilla.428:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Yadro : No action taken.
:mozilla.665:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Yadro : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@yadro[1].txt -> TrackingCookie.Yadro : No action taken.
:mozilla.10:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.13:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.14:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.244:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.245:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.246:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.6:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.8:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.9:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Gary\Local Settings\Temp\Cookies\gary@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Michael\Cookies\michael@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.229:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.230:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.231:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.33:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.34:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.35:C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.38:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.39:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.40:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.41:C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
C:\Documents and Settings\Gary\Cookies\gary@zedo[2].txt -> TrackingCookie.Zedo : No action taken.
C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\7C0675.exe -> Trojan.QQRob.is : No action taken.
C:\Documents and Settings\Coty\「開始」功能表\程式集\啟動\7C0675.exe -> Trojan.QQRob.is : No action taken.
C:\Documents and Settings\Gary\「開始」功能表\程式集\啟動\7C0675.exe -> Trojan.QQRob.is : No action taken.
C:\Documents and Settings\Ivy\「開始」功能表\程式集\啟動\7C0675.exe -> Trojan.QQRob.is : No action taken.
C:\Documents and Settings\Lan\「開始」功能表\程式集\啟動\7C0675.exe -> Trojan.QQRob.is : No action taken.
C:\Documents and Settings\Michael\「開始」功能表\程式集\啟動\7C0675.exe -> Trojan.QQRob.is : No action taken.


::Report end





and here's the hijack this log:


Logfile of HijackThis v1.99.1
Scan saved at 5:38:18 PM, on 12/6/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\Com\LSASS.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\Com\LSASS.EXE
D:\Program Files\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O3 - Toolbar: |?-μ?(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ItMonitor] C:\WINDOWS\WASAY\MONITOR.EXE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O16 - DPF: i.Game MJImpressYHK - http://202.43.223.148/client/MJc/com/igame/MJImpressYHK.cab
O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - http://txn.hkjc.com/BetSlip/object/HKJCSecKey.cab
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://www.ppstream.com/bin/powerplayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160929999484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160929935031
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_7us.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://itv.5qzone.net/pCastCtl_1.0.0.82_20060329.cab
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: AdobePDF - {D92D666A-0F7B-5892-A7E8-29340333F07E} - "C:\Program Files\Internet Explorer\PLUGINS\nppdf.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe


what's next?

#6 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:56 AM

Posted 06 December 2006 - 02:51 PM

Let me know how it's running now.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#7 xxdawnxx

xxdawnxx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 07 December 2006 - 03:35 AM

my avg anti-virus still tells me I have 3 infections on my computer.
Objects = C:\\WINDOWS\System32\drivers\etc\hosts
result = change
status = change

Objects = C:\Documents and Settings\Michael\??\g0ld.com
result =
status = Deleted

Objects = C:\Documents and Settings\Michael\??\s38sdf.exe
result =
status = Deleted

Objects = C:\Documents and Settings\Lan\???????\???\??\7C0675.exe
result =
status = Deleted

but I can't get rid of those files

it's what I get after hijack this scan... does it look the same as the old one? Does it look like my computer is clean already?

Logfile of HijackThis v1.99.1
Scan saved at 4:30:23 PM, on 12/7/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\Com\LSASS.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O3 - Toolbar: |?-μ?(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ItMonitor] C:\WINDOWS\WASAY\MONITOR.EXE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O16 - DPF: i.Game MJImpressYHK - http://202.43.223.148/client/MJc/com/igame/MJImpressYHK.cab
O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - http://txn.hkjc.com/BetSlip/object/HKJCSecKey.cab
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://www.ppstream.com/bin/powerplayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160929999484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160929935031
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_7us.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://itv.5qzone.net/pCastCtl_1.0.0.82_20060329.cab
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: AdobePDF - {D92D666A-0F7B-5892-A7E8-29340333F07E} - "C:\Program Files\Internet Explorer\PLUGINS\nppdf.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

#8 xxdawnxx

xxdawnxx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 07 December 2006 - 03:40 AM

my avg anti-virus still tells me I have 3 infections on my computer.
Objects = C:\\WINDOWS\System32\drivers\etc\hosts
result = change
status = change

Objects = C:\Documents and Settings\Michael\??\g0ld.com
result =
status = Deleted

Objects = C:\Documents and Settings\Michael\??\s38sdf.exe
result =
status = Deleted

Objects = C:\Documents and Settings\Lan\???????\???\??\7C0675.exe
result =
status = Deleted

but I can't get rid of those files

it's what I get after hijack this scan... does it look the same as the old one? Does it look like my computer is clean already?

Logfile of HijackThis v1.99.1
Scan saved at 4:30:23 PM, on 12/7/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\Com\LSASS.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O3 - Toolbar: |?-μ?(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\zh-tw\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ItMonitor] C:\WINDOWS\WASAY\MONITOR.EXE
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O16 - DPF: i.Game MJImpressYHK - http://202.43.223.148/client/MJc/com/igame/MJImpressYHK.cab
O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - http://txn.hkjc.com/BetSlip/object/HKJCSecKey.cab
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} (PowerPlayer Control) - http://www.ppstream.com/bin/powerplayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160929999484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160929935031
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_7us.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://itv.5qzone.net/pCastCtl_1.0.0.82_20060329.cab
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: AdobePDF - {D92D666A-0F7B-5892-A7E8-29340333F07E} - "C:\Program Files\Internet Explorer\PLUGINS\nppdf.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

what can I do? or I should just format the computer? :-(

#9 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:56 AM

Posted 07 December 2006 - 08:17 AM

Do this for me - click here to run ActiveScan.
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Paste the contents of the Panda scan report.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#10 xxdawnxx

xxdawnxx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 07 December 2006 - 09:19 AM

My good lord! 152 number of spyware found?

it seems to me that it doesn't let me post the whole report in once. Post is still within length. but...don't know why...


i have to post the report in two post. :thumbsup:


Incident Status Location

Virus:Trj/Downloader.KSR Disinfected C:\WINDOWS\SYSTEM32\Com\SERVICES.EXE
Adware:Adware/Alexa Not disinfected C:\WINDOWS\SYSTEM32\Com\LSASS.EXE
Adware:Adware/Alexa Not disinfected C:\WINDOWS\SYSTEM32\60A72DC0.DLL
Virus:Bck/PopWin.L Disinfected C:\WINDOWS\SYSTEM32\E13D94A0.DLL
Adware:Adware/Alexa Not disinfected C:\WINDOWS\SYSTEM32\60A72DC0T.EXE
Adware:Adware/Alexa-Toolbar Not disinfected C:\WINDOWS\SYSTEM32\ALEXA.EXE
Adware:Adware/Alexa Not disinfected C:\WINDOWS\SYSTEM32\60A72DC0.EXE
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Ivy\Cookies\ivy@com[1].txt
Spyware:Cookie/seeqA Not disinfected C:\Documents and Settings\Ivy\Cookies\ivy@www.seeq[1].txt
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Ivy\Cookies\ivy@www48.seeq[1].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Ivy\Cookies\ivy@rn11[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Ivy\Cookies\ivy@searchportal.information[1].txt
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[stat.onestat.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.doubleclick.net/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.com.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.atdmt.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.statcounter.com/]
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.revenue.net/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.searchportal.information.com/]
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.revenue.net/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.atwola.com/]
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.yadro.ru/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.casalemedia.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.ad.yieldmanager.com/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.burstnet.com/]
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.www48.seeq.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.server.iad.liveperson.net/hc/24631554]
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.adopt.hbmediapro.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.dist.belnk.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.belnk.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\cc1vyof3.default\COOKIES.TXT[.dist.belnk.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.atdmt.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.com.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.zedo.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.doubleclick.net/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.advertising.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.tribalfusion.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.overture.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.ads.pointroll.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.questionmarket.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.atwola.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.belnk.com/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.burstnet.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.go.com/]
Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.hotlog.ru/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.realmedia.com/]
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.revenue.net/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.searchportal.information.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.server.iad.liveperson.net/hc/24631554]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.toplist.cz/]
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.www48.seeq.com/]
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[.yadro.ru/]
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ivy\Application Data\Mozilla\Firefox\Profiles\rmyjcp2k.default\COOKIES.TXT[stat.onestat.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Gary\Local Settings\Temp\Cookies\gary@doubleclick[1].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Gary\Local Settings\Temp\Cookies\gary@revenue[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Gary\Local Settings\Temp\Cookies\gary@ad.yieldmanager[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Gary\Cookies\gary@cgi-bin[1].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Gary\Cookies\gary@maxserving[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Gary\Cookies\gary@dist.belnk[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Gary\Cookies\gary@belnk[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Gary\Cookies\gary@atdmt[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Gary\Cookies\gary@realmedia[1].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Gary\Cookies\gary@yadro[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Gary\Cookies\gary@doubleclick[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Gary\Cookies\gary@counter14.sextracker[2].txt
Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\Gary\Cookies\gary@tucows[2].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Gary\Cookies\gary@counter16.sextracker[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Gary\Cookies\gary@zedo[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Gary\Cookies\gary@com[2].txt
Spyware:Cookie/SpywareStormer Not disinfected C:\Documents and Settings\Gary\Cookies\gary@spywarestormer[2].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Gary\Cookies\gary@z1.adserver[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Gary\Cookies\gary@counter13.sextracker[1].txt
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Gary\Cookies\gary@cs.sexcounter[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Gary\Cookies\gary@mediaplex[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Gary\Cookies\gary@casalemedia[2].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Gary\Cookies\gary@counter2.sextracker[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Gary\Cookies\gary@ehg-dig.hitbox[2].txt
Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\Gary\Cookies\gary@kinghost[1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Gary\Cookies\gary@ads.pointroll[2].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Gary\Cookies\gary@bravenet[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Gary\Cookies\gary@cgi-bin[6].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Gary\Cookies\gary@targetnet[2].txt
Spyware:Cookie/Netster Not disinfected C:\Documents and Settings\Gary\Cookies\gary@lb1.netster[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Gary\Cookies\gary@bluestreak[1].txt
Spyware:Cookie/XXXCounter Not disinfected C:\Documents and Settings\Gary\Cookies\gary@xxxcounter[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Gary\Cookies\gary@counter15.sextracker[2].txt
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\Gary\Cookies\gary@citi.bridgetrack[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Gary\Cookies\gary@hitbox[2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Gary\Cookies\gary@888[1].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Gary\Cookies\gary@cassava[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Gary\Cookies\gary@atwola[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Gary\Cookies\gary@counter8.sextracker[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Gary\Cookies\gary@adopt.hbmediapro[2].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Gary\Cookies\gary@revenue[2].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Gary\Cookies\gary@questionmarket[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Gary\Cookies\gary@searchportal.information[2].txt
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Gary\Cookies\gary@landing.domainsponsor[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Gary\Cookies\gary@fastclick[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Gary\Cookies\gary@adrevolver[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Gary\Cookies\gary@adrevolver[1].txt
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Gary\Cookies\gary@fortunecity[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Gary\Cookies\gary@advertising[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Gary\Cookies\gary@media.fastclick[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Gary\Cookies\gary@tribalfusion[2].txt
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Gary\Cookies\gary@linksynergy[1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Gary\Cookies\gary@2o7[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Gary\Cookies\gary@burstnet[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Gary\Cookies\gary@serving-sys[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Gary\Cookies\gary@statcounter[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Gary\Cookies\gary@statse.webtrendslive[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Gary\Cookies\gary@overture[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Gary\Cookies\gary@ad.yieldmanager[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[ad.yieldmanager.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.ad.yieldmanager.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[ad.yieldmanager.com/]
Spyware:Cookie/XXXCounter Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.xxxcounter.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.hitbox.com/]
Spyware:Cookie/XXXCounter Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.xxxcounter.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.statcounter.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.overture.com/]
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.citi.bridgetrack.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.bluestreak.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.statcounter.com/]
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.targetnet.com/]
Spyware:Cookie/Netster Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.lb1.netster.com/]
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.targetnet.com/]
Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.kinghost.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.fastclick.net/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.bravenet.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.ads.pointroll.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.adultfriendfinder.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.atwola.com/]
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.revenue.net/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.ehg-dig.hitbox.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.zedo.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.2o7.net/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.casalemedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.mediaplex.com/]
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.z1.adserver.com/]
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.cs.sexcounter.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.advertising.com/]
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.cs.sexcounter.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.searchportal.information.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.com.com/]
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.landing.domainsponsor.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.statse.webtrendslive.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.statse.webtrendslive.com/dcs3c1crfqljwp9214t38aj3q_9q3q]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.tribalfusion.com/]
Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.tucows.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.doubleclick.net/]
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.yadro.ru/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.maxserving.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.atdmt.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.statse.webtrendslive.com/dcsqp2wy611e5hibqykurvsnu_2p1b]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.realmedia.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\wovz3i1q.default\COOKIES.TXT[.belnk.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\COOKIES.TXT[.zedo.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\COOKIES.TXT[.2o7.net/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\COOKIES.TXT[.doubleclick.net/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\COOKIES.TXT[.atdmt.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\joiybm5d.default\COOKIES.TXT[.com.com/]

Edited by xxdawnxx, 07 December 2006 - 09:31 AM.


#11 xxdawnxx

xxdawnxx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 07 December 2006 - 09:31 AM

Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Coty\Cookies\coty@doubleclick[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Coty\Cookies\coty@mediaplex[1].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Coty\Cookies\coty@revenue[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Coty\Cookies\coty@realmedia[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Coty\Cookies\coty@casalemedia[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Coty\Cookies\coty@com[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Coty\Cookies\coty@hitbox[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Coty\Cookies\coty@tribalfusion[2].txt
Spyware:Cookie/SpywareStormer Not disinfected C:\Documents and Settings\Coty\Cookies\coty@spywarestormer[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Coty\Cookies\coty@advertising[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Coty\Cookies\coty@servedby.advertising[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Coty\Cookies\coty@ads.pointroll[2].txt
Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\Coty\Cookies\coty@centrport[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Coty\Cookies\coty@searchportal.information[1].txt
Virus:Trj/Downloader.KTL Disinfected C:\Documents and Settings\Michael\桌面\G0LD.COM
Virus:Bck/PopWin.H Disinfected C:\Documents and Settings\Michael\桌面\S38SDF.EXE
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Michael\Cookies\michael@cs.sexcounter[2].txt
Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\Michael\Cookies\michael@webpower[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Michael\Cookies\michael@doubleclick[1].txt
Spyware:Cookie/XXXCounter Not disinfected C:\Documents and Settings\Michael\Cookies\michael@xxxcounter[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Michael\Cookies\michael@atdmt[2].txt
Spyware:Cookie/Barelylegal Not disinfected C:\Documents and Settings\Michael\Cookies\michael@c.fsx[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Michael\Cookies\michael@counter2.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Michael\Cookies\michael@counter1.sextracker[1].txt
Spyware:Cookie/Qsrch Not disinfected C:\Documents and Settings\Michael\Cookies\michael@qsrch[1].txt
Spyware:Cookie/TeensForCash Not disinfected C:\Documents and Settings\Michael\Cookies\michael@teensforcash[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Michael\Cookies\michael@statcounter[1].txt
Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\Michael\Cookies\michael@kinghost[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Michael\Cookies\michael@tribalfusion[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Michael\Cookies\michael@ccbill[1].txt
Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\Michael\Cookies\michael@sexlist[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Michael\Cookies\michael@casalemedia[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Michael\Cookies\michael@overture[2].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Michael\Cookies\michael@2o7[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Michael\Cookies\michael@questionmarket[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Michael\Cookies\michael@fastclick[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Michael\Cookies\michael@ad.yieldmanager[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Michael\Cookies\michael@ads.pointroll[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Michael\Cookies\michael@atwola[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Michael\Cookies\michael@as-eu.falkag[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Michael\Cookies\michael@mediaplex[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Michael\Cookies\michael@serving-sys[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Michael\Cookies\michael@sel.as-eu.falkag[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Michael\Cookies\michael@bs.serving-sys[2].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Michael\Cookies\michael@sextracker[2].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Michael\Cookies\michael@counter13.sextracker[1].txt
Virus:Trj/QQPass.LJ Disinfected C:\Documents and Settings\Lan\「開始」功能表\程式集\啟動\7C0675.EXE
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Lan\Cookies\lan@advertising[2].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Lan\Cookies\lan@2o7[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Lan\Cookies\lan@doubleclick[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Lan\Cookies\lan@servedby.advertising[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Lan\Cookies\lan@atdmt[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Lan\Cookies\lan@perf.overture[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Lan\Cookies\lan@com[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Lan\Cookies\lan@tribalfusion[1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Lan\Cookies\lan@ads.pointroll[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Lan\Cookies\lan@casalemedia[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Lan\Cookies\lan@questionmarket[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Lan\Cookies\lan@atwola[1].txt
Hacktool:HackTool/EvID Not disinfected C:\Program Files\PPLive TV\SynaLiveSetup.exe[EvID4226Patch.exe]
Possible Virus. Not disinfected C:\Program Files\eRightSoft\SUPER\FFMPEG.EXE

#12 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:56 AM

Posted 08 December 2006 - 10:45 AM

Mostly cookies. Do this for me then post a new PandaScan log. Click here to download System Security Suite. Extract it from the zip file into a folder and doubleclick on sss.exe. Check the boxes under the 'Items to Clear' tab and click 'Clear Selected Items'. You will be prompted to reboot, do so. Repeat for all log-in accounts on your computer.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

#13 Daemon

Daemon

    Security Expert


  • Members
  • 1,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:56 AM

Posted 13 December 2006 - 06:08 PM

Due to inactivity this topic will be closed.

If you need this topic reopened, please email the moderating team - be sure to include the address of the thread and the name you posted under.
Posted Image

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users