Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack This And Popups/virus Problems Urgent Help Required.


  • This topic is locked This topic is locked
16 replies to this topic

#1 t3rm3y

t3rm3y

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 20 February 2007 - 09:45 AM

I have just started getting major headaches with PC now, getting popups windows to ebay fishing tackle??? PEdevice, and blank web windows.

I have run sd bot, ad aware, virus scanner, and trend micro, trend seemed to fail, so i dont know what happened there, it found loads of malware, grayware, trojans and stuff but when i clicked clean up it stopped on b104.exe and didnt do anything for ages, so clicked again and window closed.

I have read this page: http://www.bleepingcomputer.com/forums/t/67728/winantivirus-and-other-pop-ups-kaspersky-found-8-viruses-and-18-infected-objects/
and followed the hijack instructions given as sound similar problem, i have also got a few of the programmes mentioned, here is my hijack log, please please help me, im close to verge of smashing the PC :thumbsup:

log:
Logfile of HijackThis v1.99.1
Scan saved at 14:32:04, on 20/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFserv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\WINDOWS\system32\GSICON.EXE
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\mcafee.com\agent\McAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Documents and Settings\Trevor\Desktop\HijackThis\Scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://1-se.com/srchasst.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem219.dll (file missing)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {26379168-EB2F-4FFE-882D-80450328D62A} - (no file)
O2 - BHO: (no name) - {388A612C-B411-0FB2-D350-64550DA7261C} - C:\WINDOWS\System32\fyfwn.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - (no file)
O2 - BHO: (no name) - {C5B26DB5-BAE7-4764-B4D6-3A9FABAADC5B} - (no file)
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\vjpaxglp.dll
O2 - BHO: (no name) - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - (no file)
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [Go!Zilla dial-up fix] "C:\Program Files\GoZilla\Go.exe" /FIXRAS
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [TQ566808] "D:\Setup.exe"
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\dqnowybh.dll",setvm
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1095273600720
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - https://www.telewest.co.uk/motive/files/MotivePreQual.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E73B31AC-0C59-4EEE-A7E1-ECA86C4E9BB9}: NameServer = 194.74.65.69 194.72.9.34
O20 - Winlogon Notify: iifca - C:\WINDOWS\
O20 - Winlogon Notify: opnkhif - C:\WINDOWS\
O20 - Winlogon Notify: winpfq32 - C:\WINDOWS\
O23 - Service: LXCFCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCFserv.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

BC AdBot (Login to Remove)

 


#2 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 February 2007 - 11:54 AM

Welcome to BC t3rm3y :thumbsup:

Download Avenger from the link below:
http://swandog46.geekstogo.com/avenger.zip
Unzip/extract it to your desktop.

Start up Avenger.
Check the 'Input script manually' option.
Click the Magnifying Glass icon.
In the box that opens,copy and paste ALL the following bold bluetext:

Files to delete:
C:\WINDOWS\System32\fyfwn.dll
C:\WINDOWS\system32\vjpaxglp.dll


Then click on 'Done'.
Click the Traffic Light icon to start the program.
Then press OK at the prompts to reboot your PC.

Post the Avenger output.txt, which you can find at C:\Avenger\.txt when you've done.
Also post a new Hijackthis log please.
Posted Image
Posted Image

#3 t3rm3y

t3rm3y
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 20 February 2007 - 12:26 PM

Hi, thank you for help.

I have also ran AVG antispyware.
deleted all the found files. here is the log of that, and i`ll run the file u mentioned and post that log and hijacks new log.

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 17:03:41 20/02/2007

+ Scan result:



HKLM\SOFTWARE\180solutions -> Adware.180Solutions : No action taken.
HKLM\SOFTWARE\msbb -> Adware.180Solutions : No action taken.
HKU\S-1-5-21-2000478354-436374069-854245398-1003\Software\msbb -> Adware.180Solutions : No action taken.
HKLM\SOFTWARE\twaintec -> Adware.BetterInternet : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0077038.exe -> Adware.CommAd : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0077045.dll -> Adware.CommAd : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078053.dll -> Adware.Delfin : No action taken.
HKLM\SOFTWARE\Classes\VCCPGDATAACCESS.PgDataAccessCtrl.1 -> Adware.Delfin : No action taken.
C:\Program Files\Common Files\Uninstall Information\RemoveWebDP.exe -> Adware.DelphinMediaViewer : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0077042.exe -> Adware.DelphinMediaViewer : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078050.exe -> Adware.DelphinMediaViewer : No action taken.
C:\WINDOWS\system32\nfomon\nfo.ocx -> Adware.DelphinMediaViewer : No action taken.
C:\WINDOWS\system32\nfomon\nfom.dll -> Adware.DelphinMediaViewer : No action taken.
C:\sysreset\for everyone\Games\Dope Wars 2.2 Setup.exe -> Adware.Gator : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1412445-4FF8-410e-8D24-F2CF86B171A4} -> Adware.Generic : No action taken.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1412445-4FF8-410E-8D24-F2CF86B171A4} -> Adware.Generic : No action taken.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1412445-4FF8-410E-8D24-F2CF86B171A4} -> Adware.Generic : No action taken.
HKU\S-1-5-21-2000478354-436374069-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1412445-4FF8-410E-8D24-F2CF86B171A4} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : No action taken.
HKU\S-1-5-21-2000478354-436374069-854245398-1003\Software\Avenue Media -> Adware.InternetOptimizer : No action taken.
HKU\S-1-5-21-2000478354-436374069-854245398-1003\Software\Policies\Avenue Media -> Adware.InternetOptimizer : No action taken.
C:\Program Files\Ipwindows\ipwins.dll -> Adware.Maxifiles : No action taken.
C:\Program Files\Ipwindows\ipwins.exe -> Adware.Maxifiles : No action taken.
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj -> Adware.MoneyTree : No action taken.
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj.1 -> Adware.MoneyTree : No action taken.
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj\CLSID -> Adware.MoneyTree : No action taken.
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj\CurVer -> Adware.MoneyTree : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078042.exe -> Adware.NewDotNet : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078043.exe -> Adware.NewDotNet : No action taken.
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : No action taken.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : No action taken.
HKU\S-1-5-21-2000478354-436374069-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\PowerScan -> Adware.PowerScan : No action taken.
HKU\S-1-5-21-2000478354-436374069-854245398-1003\Software\PowerScan -> Adware.PowerScan : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0076032.exe -> Adware.PurityScan : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0076042.exe -> Adware.PurityScan : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0077012.dll -> Adware.PurityScan : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0077013.exe -> Adware.PurityScan : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0077015.dll -> Adware.PurityScan : No action taken.
HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : No action taken.
C:\Program Files\SideFind -> Adware.SideFind : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0077043.dll -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper.1 -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CLSID -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CurVer -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\SideFind.Finder -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\SideFind.Finder.1 -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\SideFind.Finder\CLSID -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Classes\SideFind.Finder\CurVer -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\Microsoft\SideFind -> Adware.SideFind : No action taken.
HKLM\SOFTWARE\SideFind -> Adware.SideFind : No action taken.
C:\Program Files\Common Files\{B0F471DA-0415-1033-0429-020109140001}\system.dll -> Adware.Softomate : No action taken.
C:\Program Files\Common Files\{B0F471DA-0415-1033-0429-02010914002c}\system.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0077040.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0077041.exe -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP638\A0076021.exe -> Adware.ValueAd : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078051.dll -> Adware.Virtumonde : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0076044.exe -> Downloader.Agent.ae : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0077039.exe -> Downloader.Agent.bca : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0076039.exe -> Downloader.PurityScan.dc : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP638\A0076020.exe -> Downloader.PurityScan.dt : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078044.exe -> Downloader.PurityScan.i : No action taken.
C:\WINDOWS\system32\fyfwn.dll -> Downloader.PurityScan.i : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078049.exe -> Downloader.Tiny.fk : No action taken.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078045.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : No action taken.
C:\Program Files\Custom Technology\Cinema Craft Encoder SP\Cinema_Craft_Encoder_2_50_SP_CRC_Patch.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.
C:\Program Files\Custom Technology\Cinema Craft Encoder SP\crcpatch2.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.
C:\Program Files\WinRAR\tsrh-wrar30.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : No action taken.
:mozilla.704:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.151:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.153:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.156:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.158:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.159:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.160:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.161:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.162:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.163:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.164:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.165:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.166:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.195:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.216:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.64:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.65:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.66:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.67:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.68:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.70:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.71:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.726:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.72:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.73:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.74:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.75:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.76:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.77:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.78:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.79:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.80:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.81:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.82:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.83:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.84:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.85:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.86:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.87:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.88:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.89:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.90:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.916:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.91:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.92:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.93:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.94:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.95:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.305:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Admarketplace : No action taken.
:mozilla.306:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Admarketplace : No action taken.
:mozilla.527:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.528:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.529:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.530:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.533:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.767:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.768:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.769:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adserver : No action taken.
:mozilla.424:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.426:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.113:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.114:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.115:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.116:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.81:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.82:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.83:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.133:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Adviva : No action taken.
:mozilla.86:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Adviva : No action taken.
:mozilla.39:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.43:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.152:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Bfast : No action taken.
:mozilla.109:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.190:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.253:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.254:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.255:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.241:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.242:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.243:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.244:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.245:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.246:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.739:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Com : No action taken.
:mozilla.741:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Com : No action taken.
:mozilla.345:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Cqcounter : No action taken.
:mozilla.40:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.42:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.101:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.112:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.117:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.304:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.312:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.330:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.331:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.332:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.339:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.346:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.347:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.362:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.448:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.449:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.450:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.451:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.452:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.453:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.504:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.54:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.583:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.584:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.586:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.587:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.826:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.864:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Esomniture : No action taken.
:mozilla.110:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Etracker : No action taken.
:mozilla.295:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.296:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.297:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.298:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.514:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.515:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.516:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.517:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.692:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.700:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.742:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.743:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.744:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.745:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.129:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.130:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.558:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.559:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.560:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.146:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.147:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.219:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.220:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.221:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.555:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.556:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.557:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.651:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.654:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.655:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.683:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.684:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.846:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.847:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.848:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.849:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.850:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.851:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.852:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.853:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.890:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.909:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.911:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.912:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.913:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.920:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.440:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.441:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.442:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.443:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.735:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.736:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.737:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.738:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.810:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Komtrack : No action taken.
:mozilla.811:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Komtrack : No action taken.
:mozilla.154:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.155:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.177:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.178:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.183:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.184:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.631:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.759:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.335:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Masterstats : No action taken.
:mozilla.15:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.37:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.38:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.8:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.702:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.703:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.125:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Overture : No action taken.
:mozilla.126:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Overture : No action taken.
:mozilla.127:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Overture : No action taken.
:mozilla.128:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Overture : No action taken.
:mozilla.65:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.66:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.67:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.676:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.677:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.678:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.679:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.120:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.121:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.56:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.57:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.336:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.337:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.338:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.227:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.228:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.229:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.390:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.391:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.392:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.393:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.397:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.398:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.399:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.400:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.401:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.402:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.403:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.404:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.405:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.680:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.681:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Ru4 : No action taken.
:mozilla.44:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.45:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.46:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.47:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.48:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.76:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.77:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.78:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.79:C:\Documents and Settings\Trevor\Application Data\Phoenix\Profiles\default\wvce8pe8.slt\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.456:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.457:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.458:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.459:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.460:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.461:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.462:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.463:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.464:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.465:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.466:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.467:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.468:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.469:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.470:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.471:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.472:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.473:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.474:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.475:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.476:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.477:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.478:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.479:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.480:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.481:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.482:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sexlist : No action taken.
:mozilla.790:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.791:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.561:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.562:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.563:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.564:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.565:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.566:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.567:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.568:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies-1.txt -> TrackingCook

#4 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 February 2007 - 12:33 PM

Please follow my instructions and don't go off doing your own thing.
You haven't run AVG Anti Spyware correctly anyway,this is just confusing the issue at hand.

Post the Avenger output.txt, which you can find at C:\Avenger\.txt when you've done.
Also post a new Hijackthis log please.
Posted Image
Posted Image

#5 t3rm3y

t3rm3y
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 20 February 2007 - 12:50 PM

log file of avenger
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\frpsbxgl

*******************

Script file located at: \??\C:\Documents and Settings\fgrbafdn.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\System32\fyfwn.dll not found!
Deletion of file C:\WINDOWS\System32\fyfwn.dll failed!

Could not process line:
C:\WINDOWS\System32\fyfwn.dll
Status: 0xc0000034

File C:\WINDOWS\system32\vjpaxglp.dll deleted successfully.

Completed script processing.

*******************

Finished! Terminate.


hijack log:
Logfile of HijackThis v1.99.1
Scan saved at 17:47:44, on 20/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFserv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\WINDOWS\system32\GSICON.EXE
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS\system32\dslagent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\McAfee.com\Agent\McDash.exe
c:\program files\mcafee.com\shared\mghtml.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Documents and Settings\Trevor\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://1-se.com/srchasst.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.yahoo.com/
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem219.dll (file missing)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {26379168-EB2F-4FFE-882D-80450328D62A} - (no file)
O2 - BHO: (no name) - {388A612C-B411-0FB2-D350-64550DA7261C} - C:\WINDOWS\System32\fyfwn.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - (no file)
O2 - BHO: (no name) - {C5B26DB5-BAE7-4764-B4D6-3A9FABAADC5B} - (no file)
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\vjpaxglp.dll (file missing)
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [Go!Zilla dial-up fix] "C:\Program Files\GoZilla\Go.exe" /FIXRAS
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [TQ566808] "D:\Setup.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1095273600720
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - https://www.telewest.co.uk/motive/files/MotivePreQual.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E73B31AC-0C59-4EEE-A7E1-ECA86C4E9BB9}: NameServer = 194.74.65.69 194.72.9.34
O20 - Winlogon Notify: iifca - C:\WINDOWS\
O20 - Winlogon Notify: opnkhif - C:\WINDOWS\
O20 - Winlogon Notify: winpfq32 - C:\WINDOWS\
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: LXCFCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCFserv.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

did avenger work right? it looks like went wrong?

#6 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 February 2007 - 01:01 PM

Please follow these instructions carefully.

Launch/start up AVG Anti-Spyware.
On the main page click the 'Update' tab,and then 'Start Update'.
Once the updates have been installed,do the following:
Select the 'Scanner' icon at the top of the screen, then select the 'Settings' tab.
Once in the 'Settings' screen,under 'How to act?',then under 'Set default action for detected malware to:', click on 'Recommended actions',then click on 'Quarantine'.
Under 'Reports' select 'Automatically generate report after every scan' and unselect 'Only if threats were found'.
Exit AVG Anti-Spyware,don't run the scan just yet.

You might want to print/copy the following as you need to be in Safe Mode from here on.

Reboot your computer into SAFE MODE" using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:

O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem219.dll (file missing)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - (no file)
O2 - BHO: (no name) - {26379168-EB2F-4FFE-882D-80450328D62A} - (no file)
O2 - BHO: (no name) - {388A612C-B411-0FB2-D350-64550DA7261C} - C:\WINDOWS\System32\fyfwn.dll (file missing)
O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - (no file)
O2 - BHO: (no name) - {C5B26DB5-BAE7-4764-B4D6-3A9FABAADC5B} - (no file)
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\system32\vjpaxglp.dll (file missing)
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O20 - Winlogon Notify: iifca - C:\WINDOWS\
O20 - Winlogon Notify: opnkhif - C:\WINDOWS\
O20 - Winlogon Notify: winpfq32 - C:\WINDOWS\


Still in Safe Mode launch AVG Anti-Spyware.
Click the 'Scanner' icon at the top.
To start the scan click on 'Complete System Scan'.
Please be patient,it takes a while for the scan to finish.

Once the scan is complete,do the following.
If AVG Anti-Spyware detected any infected objects:,click on 'Apply All Actions'.
Next click on 'Save Report'.
Copy and paste that report into your next reply.
The report can be found under the 'Reports' tab at the top.
Close AVG Anti-Spyware when you've done.
Reboot normally.

Post the AVG Anti Spyware report and a new Hijackthis log into your next reply please.
Let me know how your pc is running now.
Posted Image
Posted Image

#7 t3rm3y

t3rm3y
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 20 February 2007 - 01:32 PM

ok, bear with me, this one may take a while until the reply.

#8 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 February 2007 - 01:35 PM

Take your time,there's no rush :thumbsup:
Posted Image
Posted Image

#9 t3rm3y

t3rm3y
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 20 February 2007 - 03:30 PM

here is the new hijack log:
Logfile of HijackThis v1.99.1
Scan saved at 20:31:22, on 20/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFserv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\WINDOWS\system32\GSICON.EXE
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe
C:\WINDOWS\System32\svchost.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\mcafee.com\agent\McDash.exe
c:\program files\mcafee.com\shared\mghtml.exe
C:\Documents and Settings\Trevor\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customi...fo/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://1-se.com/srchasst.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [Go!Zilla dial-up fix] "C:\Program Files\GoZilla\Go.exe" /FIXRAS
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [TQ566808] "D:\Setup.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1095273600720
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - https://www.telewest.co.uk/motive/files/MotivePreQual.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E73B31AC-0C59-4EEE-A7E1-ECA86C4E9BB9}: NameServer = 194.74.65.69 194.72.9.34
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: LXCFCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCFserv.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

(style xp has lost the reg key, so dont work now, may uninstall that)

and the log for AVG:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 02:24:21 29/04/2002

+ Scan result:



C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078110.exe -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078111.ocx -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078112.dll -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078117.exe -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078115.dll -> Adware.Maxifiles : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078116.exe -> Adware.Maxifiles : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078113.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078114.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078109.dll -> Downloader.PurityScan.i : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078118.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078119.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078120.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
:mozilla.79:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.80:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.81:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.82:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.83:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.10:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.9:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.21:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.23:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.26:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.27:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.20:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.55:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.56:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.57:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.58:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.59:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.60:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.100:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.22:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.36:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.37:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.38:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.39:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.41:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.42:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.43:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.44:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.53:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.54:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.45:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.46:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.47:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.48:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.49:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.108:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.109:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.110:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.111:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.112:C:\Documents and Settings\Trevor\Application Data\Mozilla\Firefox\Profiles\default.2x4\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078105.exe -> Trojan.Agent.qt : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078106.vbs -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078107.exe -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{84D83221-1912-487D-85D3-759019BC6C1D}\RP639\A0078108.vbs -> Trojan.Small : Cleaned with backup (quarantined).


::Report end

(the clock got messed up and thats why dodgy date on it.)
also the files were set to quarantine, but some cookies had delete beside them, and didnt change. is that normal or correct?

Edited by t3rm3y, 20 February 2007 - 03:31 PM.


#10 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 February 2007 - 03:53 PM

You should seriously consider uninstalling GoZilla,it's classed as Advertising spyware.
You might want to read up on GoZilla here:
http://www3.ca.com/securityadvisor/pest/pe...px?id=453073194

*****************************

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = http://1-se.com/srchasst.html (obfuscated)
Exit Hijackthis.

*****************************

Other than the above your log is clean :thumbsup:
If all's ok,please do the following:

Clear your 'System Restore' points by doing the following:
Right-click on 'My Computer' and select 'Properties'.
Select 'System Restore'.
Select 'Turn Off System Restore On All Drives'.
Select 'Apply'.
You will then get the following warning:
"You have chosen to turn off System Restore.
If you continue,all existing restore points will be deleted,and you will not be able to track or undo changes to your computer.
Do you want to turn off System Restore?".
Then select 'Yes',your 'System Restore' directories will be purged.

Turn 'System Restore' back on:
Right click on 'My Computer' and select 'Properties'.
Select 'System Restore'.
Unselect 'Turn Off System Restore On All Drives'.
Select 'Apply',then click 'Ok'.

Create a new 'System Restore' point:
Click on Start/All Programs/Accessories/System Tools/System Restore.
In the 'System Restore' window,click 'Create a Restore Point' button,then click 'Next'.
In the window that appears,enter a description,then click on 'Create',then click 'Close'.
The date and time is created automatically.

You should now go to Windows Update and install any available critical/high priority updates.

Read through the info found here,to help you prevent any possible future infections.
How did I get infected?
http://www.bleepingcomputer.com/forums/t/2520/how-did-i-get-infected/

Please Note:
Your version of Sun Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older versions of Sun Java,and then update.
1. Download the latest version of Java Runtime Environment (JRE)
2. Scroll down to where it says 'Java Runtime Environment (JRE) 6.0'.
3. Click the "Download" button to the right.
4. Check the box that says: "Accept License Agreement".
5. The page will refresh.
6. Click on the link to download 'Windows Offline Installation, Multi-language' and save to your desktop.
7. Close any programs you may have running - especially your web browser.
8. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
9. Check any item with Java Runtime Environment (JRE or J2SE) in the name.
10. Click the Change/Remove button.
11. Repeat as many times as necessary to remove each Java versions.
12. Reboot your computer once all Java components are removed.
13. Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.
Posted Image
Posted Image

#11 t3rm3y

t3rm3y
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 20 February 2007 - 04:56 PM

thank you tons, do you know of a programme better then gozilla? or is that against rules? i need something that can pause and resume downloads. for large files for work.
have done the restore points and am getting new java.
thanx again for the help.

im deleting the javas, do i need to remove the j2se runtime environment 5.0 update 6 file?

Edited by t3rm3y, 20 February 2007 - 05:03 PM.


#12 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 February 2007 - 05:01 PM

There you go:
Download Managers:
http://www.spywareinfo.com/downloads.php?cat=dlman#dlman
:thumbsup:
Posted Image
Posted Image

#13 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 February 2007 - 05:27 PM

Then do the following,i thought i had already asked you to run Vundofix,but obviously i did'nt,no harm done.

Please download VundoFix.exe to your desktop.
Double-click VundoFix.exe to run it.
When VundoFix re-opens,click the "Scan for Vundo" button.
Once it's done scanning,click the "Remove Vundo" button.
You will receive a prompt asking if you want to remove the files, click "YES".
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed,it will prompt that it will reboot your computer,click "OK".
Please post the contents of C:\vundofix.txt into your next reply.

Note:
It is possible that VundoFix encountered a file it could not remove.
In this case,VundoFix will run on reboot,simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.
Posted Image
Posted Image

#14 t3rm3y

t3rm3y
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:51 AM

Posted 22 February 2007 - 03:27 PM

VundoFix V6.3.9

Checking Java version...

Java version is 1.5.0.6

Scan started at 18:58:30 22/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\aqgcaanx.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\aqgcaanx.dll
C:\WINDOWS\system32\aqgcaanx.dll Has been deleted!

Performing Repairs to the registry.
Done!


also do i need to remove that j2se file from the add remove programmes bit? is it a java thing?

#15 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 22 February 2007 - 04:35 PM

Reboot,post one more Hijackthis log please.
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users