Tech Support Forum - View Single Post

rachsrib · 12-02-2005, 01:45 PM

ok so did that stuff, but when ever i try top use the online scan my comp would just shut down so i couldnt do those but here are the new logs. the icon in the tool bar no longer pops up and for some reason my internet explore shortcut disapeared, no big deal, havent got the popup in while so thats good. it looks like the main problem now is my computer shutting down frequently, could this be a memory or hard drive problem?

Logfile of HijackThis v1.99.1
Scan saved at 4:59:20 PM, on 11/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CU VPN\cvpnd.exe
C:\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\hjt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.r4.attbi.com:8000
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *r4.attbi.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7A97B913-C0A6-6EAC-43F1-2AC5E32BFB43} - C:\WINDOWS\system32\appxg.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: University of Colorado at Boulder VPN Client.lnk = C:\Program Files\CU VPN\vpngui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://register3.valueactive.com/22...CX/FlashAX.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://antu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...02/mcfscan.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://moviefone.kontiki.com/secured...y/main/kdx.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\CU VPN\cvpnd.exe
O23 - Service: ewido security suite control - ewido networks - C:\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

C:\WINDOWS\aucfg.ini : okwpgl (3567 bytes)
C:\WINDOWS\bootstat.dat : dyjqcv (13581 bytes)
C:\WINDOWS\bootstat.dat : qmxndr (11736 bytes)
C:\WINDOWS\cadx2.ini : vztdef (11151 bytes)
C:\WINDOWS\clock.avi : ifqaxb (7471 bytes)
C:\WINDOWS\dahotfix.log : agifzm (3567 bytes)
C:\WINDOWS\FHM 100 Sexiest 2002.dat : ljnncp (11736 bytes)
C:\WINDOWS\GetServer.ini : ebytfz (7471 bytes)
C:\WINDOWS\iis6.log : wcryzj (3567 bytes)
C:\WINDOWS\KB839645.log : cpiwsl (13581 bytes)
C:\WINDOWS\KB839645.log : jopeok (13581 bytes)
C:\WINDOWS\KB840987.log : bpikqm (11152 bytes)
C:\WINDOWS\KB840987.log : vpakmv (11151 bytes)
C:\WINDOWS\KB841873.log : lhapkx (3567 bytes)
C:\WINDOWS\KB841873.log : nqtpgy (3567 bytes)
C:\WINDOWS\msgsocm.log : alamll (11736 bytes)
C:\WINDOWS\msnsetuplog.txt : smtsnw (5207 bytes)
C:\WINDOWS\nsw.log : kmmxhg (3567 bytes)
C:\WINDOWS\n_jewhgg.txt : vkfufi (0 bytes)
C:\WINDOWS\n_kmrgot.txt : nkqaht (0 bytes)
C:\WINDOWS\n_majpxc.log : glifbv (0 bytes)
C:\WINDOWS\n_qhngqc.dat : yebsdg (0 bytes)
C:\WINDOWS\Q814033.log : pmrrvn (11736 bytes)
C:\WINDOWS\Q819696.log : hncwpy (7471 bytes)
C:\WINDOWS\zkvmx.log : gkwpdp (13581 bytes)
C:\WINDOWS\_default.pif : azcrfk (3567 bytes)
C:\WINDOWS\_default.pif : ddxpuy (13581 bytes)
C:\WINDOWS\_default.pif : djlxjq (11736 bytes)
C:\WINDOWS\_default.pif : enkpif (3567 bytes)
C:\WINDOWS\_default.pif : eseawl (11736 bytes)
C:\WINDOWS\_default.pif : fykxdz (11736 bytes)
C:\WINDOWS\_default.pif : gxizql (3567 bytes)
C:\WINDOWS\_default.pif : hnzymi (3567 bytes)
C:\WINDOWS\_default.pif : ityxqb (11152 bytes)
C:\WINDOWS\_default.pif : iysela (4870 bytes)
C:\WINDOWS\_default.pif : kgmaxg (3567 bytes)
C:\WINDOWS\_default.pif : mmzkod (11157 bytes)
C:\WINDOWS\_default.pif : pihtdo (11736 bytes)
C:\WINDOWS\_default.pif : pmhssy (7473 bytes)
C:\WINDOWS\_default.pif : qanqzm (3567 bytes)
C:\WINDOWS\_default.pif : rdzizk (3567 bytes)
C:\WINDOWS\_default.pif : rjlmaa (3567 bytes)
C:\WINDOWS\_default.pif : sgtvdw (7471 bytes)
C:\WINDOWS\_default.pif : tvbimn (3567 bytes)
C:\WINDOWS\_default.pif : vwquoa (11152 bytes)
C:\WINDOWS\_default.pif : wkecda (7471 bytes)
C:\WINDOWS\_default.pif : xegtpn (11736 bytes)
C:\WINDOWS\_default.pif : xsnfto (13581 bytes)
C:\WINDOWS\_default.pif : xzclxc (7423 bytes)
C:\WINDOWS\_default.pif : zfahbt (11736 bytes)
C:\WINDOWS\_default.pif : zjagyy (4870 bytes)

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 1:38:13 PM, 12/2/2005
+ Report-Checksum: E3C1B18A

+ Scan result:

:mozilla.12:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.15:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.20:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.33:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.45:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.60:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.61:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.62:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.63:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\user\Cookies\user@doubleclick[2].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup

::Report End

12-02-2005, 01:45 PM	#13 (permalink)
rachsrib Registered User Join Date: Nov 2005 Posts: 10 OS: xp	ok so did that stuff, but when ever i try top use the online scan my comp would just shut down so i couldnt do those but here are the new logs. the icon in the tool bar no longer pops up and for some reason my internet explore shortcut disapeared, no big deal, havent got the popup in while so thats good. it looks like the main problem now is my computer shutting down frequently, could this be a memory or hard drive problem? Logfile of HijackThis v1.99.1 Scan saved at 4:59:20 PM, on 11/30/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CU VPN\cvpnd.exe C:\ewido\security suite\ewidoctrl.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\D-Tools\daemon.exe C:\WINDOWS\kdx\KHost.exe C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\hjt\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.r4.attbi.com:8000 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *r4.attbi.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {7A97B913-C0A6-6EAC-43F1-2AC5E32BFB43} - C:\WINDOWS\system32\appxg.dll (file missing) O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: University of Colorado at Boulder VPN Client.lnk = C:\Program Files\CU VPN\vpngui.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://register3.valueactive.com/22...CX/FlashAX.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://antu.popcap.com/games/popcaploader_v5.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...02/mcfscan.cab O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://moviefone.kontiki.com/secured...y/main/kdx.cab O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\CU VPN\cvpnd.exe O23 - Service: ewido security suite control - ewido networks - C:\ewido\security suite\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) C:\WINDOWS\aucfg.ini : okwpgl (3567 bytes) C:\WINDOWS\bootstat.dat : dyjqcv (13581 bytes) C:\WINDOWS\bootstat.dat : qmxndr (11736 bytes) C:\WINDOWS\cadx2.ini : vztdef (11151 bytes) C:\WINDOWS\clock.avi : ifqaxb (7471 bytes) C:\WINDOWS\dahotfix.log : agifzm (3567 bytes) C:\WINDOWS\FHM 100 Sexiest 2002.dat : ljnncp (11736 bytes) C:\WINDOWS\GetServer.ini : ebytfz (7471 bytes) C:\WINDOWS\iis6.log : wcryzj (3567 bytes) C:\WINDOWS\KB839645.log : cpiwsl (13581 bytes) C:\WINDOWS\KB839645.log : jopeok (13581 bytes) C:\WINDOWS\KB840987.log : bpikqm (11152 bytes) C:\WINDOWS\KB840987.log : vpakmv (11151 bytes) C:\WINDOWS\KB841873.log : lhapkx (3567 bytes) C:\WINDOWS\KB841873.log : nqtpgy (3567 bytes) C:\WINDOWS\msgsocm.log : alamll (11736 bytes) C:\WINDOWS\msnsetuplog.txt : smtsnw (5207 bytes) C:\WINDOWS\nsw.log : kmmxhg (3567 bytes) C:\WINDOWS\n_jewhgg.txt : vkfufi (0 bytes) C:\WINDOWS\n_kmrgot.txt : nkqaht (0 bytes) C:\WINDOWS\n_majpxc.log : glifbv (0 bytes) C:\WINDOWS\n_qhngqc.dat : yebsdg (0 bytes) C:\WINDOWS\Q814033.log : pmrrvn (11736 bytes) C:\WINDOWS\Q819696.log : hncwpy (7471 bytes) C:\WINDOWS\zkvmx.log : gkwpdp (13581 bytes) C:\WINDOWS\_default.pif : azcrfk (3567 bytes) C:\WINDOWS\_default.pif : ddxpuy (13581 bytes) C:\WINDOWS\_default.pif : djlxjq (11736 bytes) C:\WINDOWS\_default.pif : enkpif (3567 bytes) C:\WINDOWS\_default.pif : eseawl (11736 bytes) C:\WINDOWS\_default.pif : fykxdz (11736 bytes) C:\WINDOWS\_default.pif : gxizql (3567 bytes) C:\WINDOWS\_default.pif : hnzymi (3567 bytes) C:\WINDOWS\_default.pif : ityxqb (11152 bytes) C:\WINDOWS\_default.pif : iysela (4870 bytes) C:\WINDOWS\_default.pif : kgmaxg (3567 bytes) C:\WINDOWS\_default.pif : mmzkod (11157 bytes) C:\WINDOWS\_default.pif : pihtdo (11736 bytes) C:\WINDOWS\_default.pif : pmhssy (7473 bytes) C:\WINDOWS\_default.pif : qanqzm (3567 bytes) C:\WINDOWS\_default.pif : rdzizk (3567 bytes) C:\WINDOWS\_default.pif : rjlmaa (3567 bytes) C:\WINDOWS\_default.pif : sgtvdw (7471 bytes) C:\WINDOWS\_default.pif : tvbimn (3567 bytes) C:\WINDOWS\_default.pif : vwquoa (11152 bytes) C:\WINDOWS\_default.pif : wkecda (7471 bytes) C:\WINDOWS\_default.pif : xegtpn (11736 bytes) C:\WINDOWS\_default.pif : xsnfto (13581 bytes) C:\WINDOWS\_default.pif : xzclxc (7423 bytes) C:\WINDOWS\_default.pif : zfahbt (11736 bytes) C:\WINDOWS\_default.pif : zjagyy (4870 bytes) --------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 1:38:13 PM, 12/2/2005 + Report-Checksum: E3C1B18A + Scan result: :mozilla.12:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup :mozilla.15:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup :mozilla.20:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup :mozilla.33:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup :mozilla.45:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup :mozilla.60:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup :mozilla.61:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup :mozilla.62:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup :mozilla.63:C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\zraki9rs.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup C:\Documents and Settings\user\Cookies\user@doubleclick[2].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup ::Report End