Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijackthis Log Posted...help Needed


  • This topic is locked This topic is locked
14 replies to this topic

#1 Filmboy

Filmboy

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:12 AM

Posted 20 March 2007 - 10:20 AM

Can someone please help. I'm running Windows XP and am a regular Netscape user. I do on occasion use IE, and I'm recently getting the following dialog box:

"Program has encountered a problem and needs to close. We are sorry for the inconvenience."

This is now happening when I attempt not only to run IE, but also some offline programs (thus preventing me from opening the program at all).

Additionally, upon restart, a dialog box opens stating:

"There is a file or folder on your computer called "C:\Program" which could cause certain applications not to function correctly. Renaming it to "C:\Program1" would solve this problem. Would you like to rename it now?"
There are then two options: Rename & Ignore. I click neither and just close the box.

I've updated the definitions and run Adaware. It found (and deleted) 33 critical objects, but to no avail.

Here is my HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 11:06:53 AM, on 3/20/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\DOCUME~1\MICHAE~1\MYDOCU~1\APPATC~1\msconfig.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Sony\USBSircs\usbsircs.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Documents and Settings\Michael Long\Desktop\New Folder\hijackthis\search.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pennyflix.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {11E5FB32-38F5-4F55-A74F-68E34CE8A992} -

C:\WINDOWS\System32\lrlmszb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton

AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program

Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: OIN Search - {B9F6E8EB-A4E3-478E-88A4-D3995B5C45C8} - C:\Program Files\OIN

Search\OINSearch.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control

Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\Windows\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility]

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common

Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Microsoft Tray] C:\Documents and Settings\Michael Long\Desktop\Games

(1).exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [{F0346802-0AE9-1033-0626-030325030001}] "C:\Program Files\Common

Files\{F0346802-0AE9-1033-0626-030325030001}\Update.exe" te-110-12-0000213
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Iinl] "C:\DOCUME~1\MICHAE~1\MYDOCU~1\APPATC~1\msconfig.exe" -vt yazr
O4 - HKCU\..\Run: [Zyndjbk] C:\Program Files\Common Files\S?mantec\?vchost.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe"

--force_start_minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common

Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft

Office\Office\OSA9.EXE
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD

Monitor.exe
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga

Pocket\ReserveModule.exe
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program

Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} -

C:\Program Files\UltimateBet\UltimateBet.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -

http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation -

C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\System32\svchosts.exe" -e

te-110-12-0000213 (file missing)
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program

Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation -

C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation -

C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -

C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner

- %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file

missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -

C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation -

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga

Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga

Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -

C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown

owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe"

/Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server

(file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) -

Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media

Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony

Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony

Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media

Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony

Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) -

Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media

Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony

Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file

missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony

Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media

Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown

owner - C:\Program Files\Sony\Giga Pocket\GPVSvr.exe"

/Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server

(file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) -

Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media

Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony

Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file

missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony

Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media

Platform\UPnPFramework.exe

BC AdBot (Login to Remove)

 


#2 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 20 March 2007 - 07:11 PM

Welcome to the BleepingComputer HijackThis forum Filmboy :thumbsup:

Please download Combofix and save to the desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
Note:
It is important that it is saved directly to your desktop

Close any open browsers.
Double click on combofix.exe and follow the prompts.
When it's finished it will produce a log.
Post the C:\ComboFix.txt into your next reply.
Note:
Do not mouseclick combofix's window whilst it's running.
That may cause the program to freeze/hang.


********************************

The current formatting of your log makes it difficult to read/evaluate.
Open 'Notepad',click on 'Format' at the top,then uncheck 'Word Wrap' if it's checked.
Restart your pc,post the C:\ComboFix.txt and a new Hijackthis log into your next reply.
Posted Image
Posted Image

#3 Filmboy

Filmboy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:12 AM

Posted 20 March 2007 - 08:48 PM

Thank you and sorry for the Word Wrap thing, it should be fixed now.

Here is my C:\ComboFix.txt file:

"Michael Long" - 07-03-20 21:32:39 Service Pack 1
ComboFix 07-03-20.2 - Running from: "C:\Documents and Settings\Michael Long\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\cowabanga\License.txt
C:\Program Files\oin search\OINSearch.dll
C:\Program Files\oin search\Uninstall.exe
C:\Program Files\outerinfo\OiUninstaller.exe
C:\Program Files\outerinfo\outerinfo.ico
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\Common Files\y1123ou.exe
C:\WINDOWS\system32\unsvchosts.exe
C:\WINDOWS\system32\unsvchosts.lzma
C:\WINDOWS\system32\drivers\npf.sys
C:\Program Files\Common Files\{30346~1
C:\Program Files\Common Files\{F0346~1
C:\Program Files\cowabanga
C:\Program Files\inetget2
C:\Program Files\oin search
C:\Program Files\outerinfo
C:\WINDOWS\system32\components
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\qoobox\purity\DOCUME~1
C:\qoobox\purity\DOCUME~1\MICHAE~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\APPATC~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\from.txt
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\MBOLS~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\SSTEM3~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\APPATC~1\APPATC~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\APPATC~1\msconfig.exe
C:\qoobox\purity\Program Files\Common Files\APPATC~1
C:\qoobox\purity\Program Files\Common Files\CURITY~1
C:\qoobox\purity\Program Files\Common Files\FNTS~1
C:\qoobox\purity\Program Files\Common Files\RACLE~1
C:\qoobox\purity\Program Files\Common Files\SMANTE~1
C:\qoobox\purity\Program Files\Common Files\SSTEM~1
C:\qoobox\purity\WINDOWS\ECURIT~1
C:\qoobox\purity\WINDOWS\FNTS~1
C:\qoobox\purity\WINDOWS\system32\YSTEM3~1


((((((((((((((((((((((((((((((( Files Created from 2007-02-20 to 2007-03-20 ))))))))))))))))))))))))))))))))))


2007-03-20 10:31 60,928 --a------ C:\WINDOWS\system32\lrlmszb.dll
2007-03-14 23:08 2 --a------ C:\WINDOWS\system32\wnstsisv.exe
2007-02-21 11:26 <DIR> d-------- C:\Program Files\Western Digital


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-03-20 18:00 -------- d-------- C:\Program Files\pokerstars
2007-03-20 17:54 -------- d-------- C:\Program Files\full tilt poker
2007-03-20 10:31 2 --a------ C:\WINDOWS\system32\wnstsisv.exe
2007-03-20 09:59 12300 --a--c--- C:\WINDOWS\mozver.dat
2007-03-19 13:30 60928 --a------ C:\WINDOWS\system32\lrlmszb.dll
2007-03-08 22:01 -------- d-------- C:\Program Files\ultimatebet
2007-02-22 14:00 2 --a------ C:\WINDOWS\system32\wnstssv.exe
2007-02-21 11:26 -------- d--h----- C:\Program Files\installshield installation information
2007-02-21 11:26 -------- d-------- C:\Program Files\western digital
2007-02-04 00:09 -------- d-------- C:\Program Files\moodlogic


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MoneyAgent"="\"C:\\Program Files\\Microsoft Money\\System\\mnyexpr.exe\""
"Iinl"="\"C:\\DOCUME~1\\MICHAE~1\\MYDOCU~1\\APPATC~1\\msconfig.exe\" -vt yazr"
"Zyndjbk"="C:\\Program Files\\Common Files\\S?mantec\\?vchost.exe"
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"ATIModeChange"="Ati2mdxx.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"
"ezShieldProtector for Px"="C:\\WINDOWS\\System32\\ezSP_Px.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"VAIO Recovery"="C:\\Windows\\Sonysys\\VAIO Recovery\\PartSeal.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\hpztsb06.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"ccRegVfy"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe\""
"Advanced Tools Check"="C:\\PROGRA~1\\NORTON~1\\AdvTools\\ADVCHK.EXE"
"Microsoft Works Update Detection"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"Microsoft Tray"="C:\\Documents and Settings\\Michael Long\\Desktop\\Games (1).exe"
"NeroCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"UserFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,\
6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,75,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{A4F94C0C-54A7-4DB1-9AF3-B22E63D00322}"="g322"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"SpecifyDefaultButtons"=dword:00000000
"Btn_Search"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
C:\WINDOWS\tasks\Symantec NetDetect.job


********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-03-20 21:34:02



My new Hijackthis log:


Logfile of HijackThis v1.99.1
Scan saved at 9:42:51 PM, on 3/20/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Sony\USBSircs\usbsircs.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Michael Long\Desktop\New Folder\hijackthis\search.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pennyflix.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {11E5FB32-38F5-4F55-A74F-68E34CE8A992} - C:\WINDOWS\System32\lrlmszb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {B9F6E8EB-A4E3-478E-88A4-D3995B5C45C8} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\Windows\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Microsoft Tray] C:\Documents and Settings\Michael Long\Desktop\Games (1).exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Iinl] "C:\DOCUME~1\MICHAE~1\MYDOCU~1\APPATC~1\msconfig.exe" -vt yazr
O4 - HKCU\..\Run: [Zyndjbk] C:\Program Files\Common Files\S?mantec\?vchost.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Giga Pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe



#4 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 20 March 2007 - 09:24 PM

Please make sure all hidden files are showing:

* Click 'Start'.
* Open 'My Computer'.
* Select the 'Tools' menu and click 'Folder Options'.
* Select the 'View' tab.
* Under the 'Hidden files and folders' heading select 'Show hidden files and folders'.
* Uncheck the 'Hide file extensions for known types' option.
* Uncheck the 'Hide protected operating system files (recommended)' option.
* Click Yes to confirm.
* Click OK.

*******************************

Download/install AVG Anti-Spyware 7.5.

Please follow these instructions very carefully.

Launch/start up AVG Anti-Spyware.
On the main page click the 'Update' tab,and then 'Start Update'.
Note:
If you have any problems running the update process prior to running the scan,download/install the 'Full Database' from here:
http://download.ewido.net/avgas-signatures-full-current.exe

Once the updates have been installed,do the following:
Select the 'Scanner' icon at the top of the screen, then select the 'Settings' tab.
Once in the 'Settings' screen,under 'How to act?',then under 'Set default action for detected malware to:', click on 'Recommended actions',then click on 'Quarantine'.
Under 'Reports' select 'Automatically generate report after every scan' and unselect 'Only if threats were found'.
Exit AVG Anti-Spyware,don't run the scan just yet.

You might want to print/copy the following as you need to be in Safe Mode from here on.

Reboot your computer into SAFE MODE using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Have Hijack This fix the following [If still present], by placing a check in the appropriate boxes and selecting 'Fix checked'.
Make sure all browser and all Windows Explorer windows are closed before fixing:

O2 - BHO: (no name) - {11E5FB32-38F5-4F55-A74F-68E34CE8A992} - C:\WINDOWS\System32\lrlmszb.dll
O3 - Toolbar: (no name) - {B9F6E8EB-A4E3-478E-88A4-D3995B5C45C8} - (no file)
O4 - HKCU\..\Run: [Iinl] "C:\DOCUME~1\MICHAE~1\MYDOCU~1\APPATC~1\msconfig.exe" -vt yazr
O4 - HKCU\..\Run: [Zyndjbk] C:\Program Files\Common Files\S?mantec\?vchost.exe

Find and delete if present:
C:\WINDOWS\System32\lrlmszb.dll
C:\WINDOWS\system32\wnstsisv.exe
C:\WINDOWS\system32\wnstssv.exe


Still in Safe Mode launch AVG Anti-Spyware.
Click the 'Scanner' icon at the top.
To start the scan click on 'Complete System Scan'.
Please be patient,it takes a while for the scan to finish.

Once the scan is complete,do the following.
If AVG Anti-Spyware detected any infected objects:,click on 'Apply All Actions'.

Next click on 'Save Report'.
Copy and paste that report into your next reply.
The report can be found under the 'Reports' tab at the top.
Close AVG Anti-Spyware when you've done.
Reboot normally.

Post the AVG Anti Spyware report and a new Hijackthis log into your next reply.
Let me know how your pc is running now please.
Posted Image
Posted Image

#5 Filmboy

Filmboy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:12 AM

Posted 20 March 2007 - 11:58 PM

My computer seems to be worse now. I'm getting constant (every 3-5 seconds)dialog boxes stating:

"Program has encountered a problem and needs to close. We are sorry for the inconvenience."

This happens immediately after startup now and does not stop (regardless of what is running)


Here is my AVG report:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:45:23 AM 3/21/2007

+ Scan result:



C:\RECYCLER\NPROTECT\00445438.exe -> Adware.ClickSpring : Cleaned.
C:\RECYCLER\NPROTECT\00439071.dll -> Adware.PurityScan : Cleaned.
C:\RECYCLER\NPROTECT\00444021.dll -> Adware.PurityScan : Cleaned.
C:\RECYCLER\NPROTECT\00445435.EXE -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1159\A0093211.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1165\A0094137.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1174\A0094548.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1187\A0097027.exe -> Adware.PurityScan : Cleaned.
C:\RECYCLER\NPROTECT\00445443.EXE -> Adware.Softomate : Cleaned.
C:\RECYCLER\NPROTECT\00445444.dll -> Adware.Softomate : Cleaned.
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1157\A0093139.exe -> Adware.Softomate : Cleaned.
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1168\A0094281.exe -> Adware.ValueAd : Cleaned.
C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1157\A0093140.exe -> Downloader.Agent.bca : Cleaned.
C:\Documents and Settings\Michael Long\Local Settings\Temp\upd34.exe -> Downloader.Agent.bdr : Cleaned.
:mozilla.107:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.122:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.123:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.124:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.13:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.141:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.142:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.143:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.14:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.150:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.151:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.151:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.154:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.154:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.154:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.154:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.154:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.15:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.16:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.175:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.17:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.180:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.181:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.200:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.98:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.2o7 : Cleaned.
:mozilla.137:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.138:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.139:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.140:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.144:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.145:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.145:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.145:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.146:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.146:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.146:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.147:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.147:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.147:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.148:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.148:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.148:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.148:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.148:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.148:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.148:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.149:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.149:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.149:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.149:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.149:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.150:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.151:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.151:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.151:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.151:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.151:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.169:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.195:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.168:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.170:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.31:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.34:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.35:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.36:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.40:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.41:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.41:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.42:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.43:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.43:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.43:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.44:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.44:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.44:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.44:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.44:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.44:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.44:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.44:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.45:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.45:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.45:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.46:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.46:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.46:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.46:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.46:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.46:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.46:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.47:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.47:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.47:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.47:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.47:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.48:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.48:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.48:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.48:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.48:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.49:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.49:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.49:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.49:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.49:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Advertising : Cleaned.
:mozilla.115:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.25:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.37:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.46:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.47:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.47:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.50:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.50:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.50:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.50:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.50:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Atdmt : Cleaned.
:mozilla.151:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.158:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.159:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.159:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.162:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.162:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.162:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.162:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.162:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.113:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.138:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.80:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.12:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.21:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.22:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.22:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.25:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.9:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.107:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.108:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.109:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.122:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.123:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.151:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.155:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.157:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.158:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.186:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.187:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.190:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.193:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.194:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.236:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.237:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.242:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.66:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.136:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Euroclick : Cleaned.
:mozilla.143:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Euroclick : Cleaned.
:mozilla.144:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Euroclick : Cleaned.
:mozilla.144:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Euroclick : Cleaned.
:mozilla.147:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.147:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Euroclick : Cleaned.
:mozilla.147:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Euroclick : Cleaned.
:mozilla.147:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Euroclick : Cleaned.
:mozilla.147:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Euroclick : Cleaned.
:mozilla.149:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.156:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.157:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.157:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.160:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.160:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.160:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.160:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.160:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Fastclick : Cleaned.
:mozilla.164:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.118:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.119:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.120:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.148:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.155:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.156:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.156:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.159:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.159:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.159:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.159:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.159:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.176:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.61:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.62:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.63:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.64:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.70:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.71:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.71:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.71:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.72:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.72:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.72:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.73:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.73:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.73:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.75:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.75:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.75:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.75:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.75:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.76:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.76:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.76:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.76:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.76:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.77:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.77:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.77:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.77:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.77:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Hitbox : Cleaned.
:mozilla.78:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.136:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.171:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.194:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.197:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.198:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.199:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.66:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.75:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.76:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.76:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.79:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.79:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.79:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.79:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.79:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.103:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.106:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.106:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Paypal : Cleaned.
:mozilla.21:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Mike's Netscape\y38s125d.slt\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.6:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.93:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Paypal : Cleaned.
C:\Documents and Settings\Michael Long\Cookies\michael long@www.paypal[1].txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.70:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.71:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.72:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.73:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.79:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.80:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.80:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.80:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.81:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.81:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.81:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.82:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.82:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.82:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.83:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.83:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.83:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.83:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.83:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.83:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.83:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.84:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.84:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.84:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.84:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.84:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.85:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.85:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.85:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.85:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.85:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.86:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.86:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.86:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.86:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.86:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Pointroll : Cleaned.
:mozilla.29:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.30:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.38:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.39:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.39:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.39:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.40:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.40:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.42:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.42:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.42:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.42:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.42:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.43:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.43:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.43:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.43:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.43:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.101:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.102:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.110:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.111:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.112:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.114:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.114:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.115:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.115:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Realmedia : Cleaned.
:mozilla.160:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.161:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.44:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.150:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.157:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.158:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.158:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.161:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.161:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.161:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.161:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.161:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.165:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.166:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.191:C:\Documents and Settings\Michael Long\Application Data\Mozilla\Profiles\Nicole's Netscape\mo9isdhf.slt\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.39:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.40:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.41:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.48:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.49:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.49:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.49:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.50:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.50:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.50:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.51:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.51:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.52:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.52:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.52:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.52:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.52:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.53:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.53:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.53:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.53:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.53:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.54:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.54:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.54:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.54:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.54:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Revsci : Cleaned.
:mozilla.68:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.69:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.77:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.78:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.78:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.78:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.79:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.79:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.81:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.81:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.81:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.81:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.81:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.82:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.82:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.82:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.82:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.82:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Ru4 : Cleaned.
:mozilla.74:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.75:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.76:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.77:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.78:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.83:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.84:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.84:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.84:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.85:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.85:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.85:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.86:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.86:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.86:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.87:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.87:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.87:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.87:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.87:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.87:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.87:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.87:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.88:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.88:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.88:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.88:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.88:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.88:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.88:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.89:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.89:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.89:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.89:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.89:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.90:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.90:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.90:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.90:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.90:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.91:C:\Documents and Settings\Michael Long\Application Data\Netscape\NSB\Profiles\jcfjbe0o.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.91:C:\RECYCLER\NPROTECT\00444429.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.91:C:\RECYCLER\NPROTECT\00444437.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.91:C:\RECYCLER\NPROTECT\00444438.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.91:C:\RECYCLER\NPROTECT\00444496.MOZ -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.43:C:\RECYCLER\NPROTECT\00444416.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.52:C:\RECYCLER\NPROTECT\00444426.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.53:C:\RECYCLER\NPROTECT\00444427.MOZ -> TrackingCookie.Specificclick : Cleaned.
:mozilla.53:C:\RECYCLER\NPROTECT\00444428.MOZ -> TrackingCookie.Spec

#6 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 21 March 2007 - 02:58 AM

Reboot your computer into SAFE MODE using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Rescan with Hijackthis and post a new log into your next reply please.
Posted Image
Posted Image

#7 Filmboy

Filmboy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:12 AM

Posted 21 March 2007 - 07:33 AM

While in Safe Mode, upon startup I still get the dialog box that states:

"There is a file or folder on your computer called "C:\Program" which could cause certain applications not to function correctly. Renaming it to "C:\Program1" would solve this problem. Would you like to rename it now?"

I do not get the constant ones that say "Program has encountered a problem and needs to close. We are sorry for the inconvenience." however. These are only in regular mode.

My new HJT log:


Logfile of HijackThis v1.99.1
Scan saved at 8:22:44 AM, on 3/21/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Michael Long\Desktop\New Folder\hijackthis\search.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pennyflix.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\Windows\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Microsoft Tray] C:\Documents and Settings\Michael Long\Desktop\Games (1).exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Giga Pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe

#8 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 21 March 2007 - 08:33 AM

Please download DrWeb-CureIt & save it to your desktop. DO NOT perform a scan yet.

You should copy/print the following because you need to be in Safe Mode from here on.

Reboot your computer into SAFE MODE" using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Scan with DrWeb-CureIt as follows:
* Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.
* Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.
* Once the short scan has finished, Click Options > Change settings
* Choose the "Scan tab" and UNcheck "Heuristic analysis"
* Back at the main window, click "Select drives" (a red dot will show which drives have been chosen)
* Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.
* When done, a message will be displayed at the bottom advising if any viruses were found.
* Click "Yes to all" if it asks if you want to cure/move the file.
* When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable".
(This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
* Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
* Save the DrWeb.csv report to your desktop.
* Exit Dr.Web Cureit when done.
* Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
* After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)
Posted Image
Posted Image

#9 Filmboy

Filmboy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:12 AM

Posted 21 March 2007 - 05:36 PM

Nothing has changed, still the same annoying dialog box every 3-5 seconds. I'm also getting the same dialogbox at startup.

I did everything you instructed, and here's my DrWeb Log:

msconfig.exe;C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\APPATC~1;Trojan.PurityAd;Deleted.;
00445439.EXE;C:\RECYCLER\NPROTECT;Trojan.Spambot;Deleted.;
A0097385.dll;C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1192;Adware.Lucky;Incurable.Moved.;
A0097387.dll;C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1192;Trojan.DownLoader.19109;Deleted.;
A0097388.dll;C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1192;Adware.ClickSpring;Incurable.Moved.;
A0097469.exe;C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1192;Trojan.PurityAd;Deleted.;
A0097470.EXE;C:\System Volume Information\_restore{543848E5-A971-4387-BA47-9852573A650F}\RP1192;Trojan.Spambot;Deleted.;
gebyw.dll;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
ssttt.dll;C:\VundoFix Backups;Trojan.Virtumod;Deleted.;
burp.exe;C:\WINDOWS\desktop;Joke.Burper;Incurable.Moved.;
B900fafitlgt_Nude.bmp;D:\Games\Sim Stuff\The Sims\Skins\DaleneKurtis\Dalene Kurtis\Skins;Modification of Win32.Vesic;Moved.;

#10 Filmboy

Filmboy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:12 AM

Posted 21 March 2007 - 08:06 PM

I thought I should tell you that upon my last restart I clicked "Rename" on the first dialog box and when startup finished, everything worked fine. My programs that were not running properly before, are now. There are no more pop up dialog boxes either.

Just thought you should know.

I will still do whatever you recommend though.

#11 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 22 March 2007 - 06:17 AM

Great,rescan with Combofix and post the C:\Combofix.txt into your next reply.
Also post a new Hijackthis log please.
Posted Image
Posted Image

#12 Filmboy

Filmboy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:12 AM

Posted 22 March 2007 - 09:02 AM

Here is my ComboFix Log:

"Michael Long" - 07-03-22 9:38:21 Service Pack 1
ComboFix 07-03-20.2 - Running from: "C:\Documents and Settings\Michael Long\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\qoobox\purity\DOCUME~1
C:\qoobox\purity\DOCUME~1\MICHAE~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\APPATC~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\from.txt
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\MBOLS~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\SSTEM3~1
C:\qoobox\purity\DOCUME~1\MICHAE~1\MYDOCU~1\APPATC~1\APPATC~1
C:\qoobox\purity\Program Files\Common Files\APPATC~1
C:\qoobox\purity\Program Files\Common Files\CURITY~1
C:\qoobox\purity\Program Files\Common Files\FNTS~1
C:\qoobox\purity\Program Files\Common Files\RACLE~1
C:\qoobox\purity\Program Files\Common Files\SMANTE~1
C:\qoobox\purity\Program Files\Common Files\SSTEM~1
C:\qoobox\purity\WINDOWS\ECURIT~1
C:\qoobox\purity\WINDOWS\FNTS~1
C:\qoobox\purity\WINDOWS\system32\YSTEM3~1


((((((((((((((((((((((((((((((( Files Created from 2007-02-22 to 2007-03-22 ))))))))))))))))))))))))))))))))))


2007-03-21 16:05 <DIR> d-------- C:\DOCUME~1\MICHAE~1\DoctorWeb
2007-03-20 22:35 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-03-21 22:58 -------- d-------- C:\Program Files\full tilt poker
2007-03-21 21:15 -------- d--h----- C:\Program Files\installshield installation information
2007-03-21 21:14 -------- d-------- C:\Program Files\ebay
2007-03-20 22:49 12300 --a--c--- C:\WINDOWS\mozver.dat
2007-03-20 18:00 -------- d-------- C:\Program Files\pokerstars
2007-03-08 22:01 -------- d-------- C:\Program Files\ultimatebet
2007-02-21 11:26 -------- d-------- C:\Program Files\western digital
2007-02-04 00:09 -------- d-------- C:\Program Files\moodlogic


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MoneyAgent"="\"C:\\Program Files\\Microsoft Money\\System\\mnyexpr.exe\""
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"ATIModeChange"="Ati2mdxx.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"
"ezShieldProtector for Px"="C:\\WINDOWS\\System32\\ezSP_Px.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"VAIO Recovery"="C:\\Windows\\Sonysys\\VAIO Recovery\\PartSeal.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\hpztsb06.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"ccRegVfy"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe\""
"Advanced Tools Check"="C:\\PROGRA~1\\NORTON~1\\AdvTools\\ADVCHK.EXE"
"Microsoft Works Update Detection"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"Microsoft Tray"="C:\\Documents and Settings\\Michael Long\\Desktop\\Games (1).exe"
"NeroCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"UserFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,\
6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,75,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{A4F94C0C-54A7-4DB1-9AF3-B22E63D00322}"="g322"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"SpecifyDefaultButtons"=dword:00000000
"Btn_Search"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
C:\WINDOWS\tasks\Symantec NetDetect.job


********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-03-22 9:40:32


My new HJT Log:


Logfile of HijackThis v1.99.1
Scan saved at 9:59:46 AM, on 3/22/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Sony\USBSircs\usbsircs.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sony\Giga Pocket\RM_SV.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Sony\Giga Pocket\halsv.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Documents and Settings\Michael Long\Desktop\New Folder\hijackthis\search.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pennyflix.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\Windows\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Microsoft Tray] C:\Documents and Settings\Michael Long\Desktop\Games (1).exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Giga Pocket\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe

#13 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 22 March 2007 - 09:10 AM

Your log is clean :thumbsup:
If all's ok,please do the following:

* Click 'Start'.
* Open 'My Computer'.
* Select the 'Tools' menu and click 'Folder Options'.
* Select the 'View' tab.
* Under the 'Hidden files and folders' heading unselect 'Show hidden files and folders'.
* Re-check the 'Hide file extensions for known types' option.
* Re-check the 'Hide protected operating system files (recommended)' option.
* Click Yes to confirm.

Clear your 'System Restore' points by doing the following:
Right-click on 'My Computer' and select 'Properties'.
Select 'System Restore'.
Select 'Turn Off System Restore On All Drives'.
Select 'Apply'.
You will then get the following warning:
"You have chosen to turn off System Restore.
If you continue,all existing restore points will be deleted,and you will not be able to track or undo changes to your computer.
Do you want to turn off System Restore?".
Then select 'Yes',your 'System Restore' directories will be purged.

Turn 'System Restore' back on:
Right click on 'My Computer' and select 'Properties'.
Select 'System Restore'.
Unselect 'Turn Off System Restore On All Drives'.
Select 'Apply',then click 'Ok'.

Create a new 'System Restore' point:
Click on Start/All Programs/Accessories/System Tools/System Restore.
In the 'System Restore' window,click 'Create a Restore Point' button,then click 'Next'.
In the window that appears,enter a description,then click on 'Create',then click 'Close'.
The date and time is created automatically.

Read through the information found here,to help you prevent any possible future infections.
Simple and easy ways to keep your computer safe and secure on the Internet:
http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Posted Image
Posted Image

#14 Filmboy

Filmboy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:12 AM

Posted 22 March 2007 - 03:49 PM

I have done evrything you recommended, and I just printed the tutorial link for my future reference.

I cannot thank you enough for your help and support!

Mike

#15 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:02:12 PM

Posted 22 March 2007 - 04:13 PM

You're most welcome Mike :thumbsup:

This thread will now be closed.
If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter.
Everyone else please begin a New Topic.
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users