Tech Support Forum - View Single Post

Roomba · 09-24-2006, 09:38 PM

First off, thanks for your rapid relpy. You came highly recommended from my wife who had a similar problem.

Second, I did all that you said and there were some big improvements. After the step with ewido, there were no popups! I had the anitvirus ones but they werent catching them. I was able to finish a Battlefiled2 round! I'll admit it was the third time but I was connected to a server for 5-10 minutes. I think something is going on in the BF2 world. Not sure. But that showed great promise.

Of the four entries from HJT, the third one was the only one I saw in Safe mode. I fixed it.

Again, my thanks. Let me know what else you see. Or if you need something else.

OK. Here are the logs you asked for:

ComboFix.txt
Jeff - 06-09-24 14:56:10.76 Service Pack 2
ComboFix 06.09.23.2 - Running from: "C:\Documents and Settings\Jeff\desktop"
Command switches used :: /v FM2dit

(((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log )))))))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\FM2dit.dll

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

((((((((((((((((((((((((((((((( Files Created from 2006-08-24 to 2006-09-24 ))))))))))))))))))))))))))))))))))

2006-09-24 14:50 276,406 --a------ C:\combofix.exe
2006-09-24 14:47 6,020,448 --a------ C:\ewido-setup_4.0.0.172c.exe
2006-09-24 14:46 339,257 --a------ C:\CleanUp452.exe
2006-09-23 18:18 1,314,816 --a------ C:\pbsetup.exe
2006-09-23 17:22 7,050,552 --a------ C:\psa30se_en_us.exe
2006-08-31 22:38 746,880 --a------ C:\FRAPS274.EXE

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-09-24 14:52 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-09-24 14:46 -------- d-------- C:\Program Files\CleanUp!
2006-09-23 23:06 -------- d-------- C:\Documents and Settings\Jeff\Application Data\AdobeUM
2006-09-23 22:55 -------- d-------- C:\Program Files\SpywareBlaster
2006-09-23 22:47 -------- d-------- C:\Program Files\AntiVir PersonalEdition Classic
2006-09-23 17:26 -------- d-------- C:\Program Files\Adobe
2006-09-23 17:25 1015 --a------ C:\Documents and Settings\Jeff\Application Data\AdobeDLM.log
2006-09-23 17:25 0 --a------ C:\Documents and Settings\Jeff\Application Data\dm.ini
2006-09-23 17:22 -------- d-------- C:\Documents and Settings\Jeff\Application Data\Adobe
2006-09-17 15:36 -------- d-------- C:\Documents and Settings\Jeff\Application Data\U3
2006-09-15 21:47 -------- d---s---- C:\Documents and Settings\Jeff\Application Data\Microsoft
2006-09-09 15:11 -------- d-------- C:\Documents and Settings\Jeff\Application Data\Google
2006-09-08 19:25 -------- d-------- C:\Program Files\Google
2006-08-26 17:16 -------- d-------- C:\Program Files\Firefox
2006-08-17 21:38 -------- d-------- C:\Program Files\Internet Explorer
2006-07-21 03:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
2006-07-13 22:22 57384 --a------ C:\WINDOWS\system32\avsda.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus COLOR 580"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_AICN03.EXE /P22 \"EPSON Stylus COLOR 580\" /O6 \"USB001\" /M \"Stylus COLOR 580\""
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.0.720.3640\\GoogleToolbarNotifier.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
@=""
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime"
"RoxioEngineUtility"="\"C:\\Program Files\\Common Files\\Roxio Shared\\System\\EngUtil.exe\""
"avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"ASUS Probe"="C:\\Program Files\\ASUS\\Probe\\AsusProb.exe"
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_07\\bin\\jusched.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,a2,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
@=""
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
@=""
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoDriveAutoRun"=hex:80,02,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Gamma Loader.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma Loader.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma Loader"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\ATI CATALYST System Tray.lnk"
"backup"="C:\\WINDOWS\\pss\\ATI CATALYST System Tray.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\ATITEC~1\\ATI.ACE\\CLI.exe SystemTray"
"item"="ATI CATALYST System Tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^D-Link AirPlus G Configuration Utility.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\D-Link AirPlus G Configuration Utility.lnk"
"backup"="C:\\WINDOWS\\pss\\D-Link AirPlus G Configuration Utility.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\D-LINK~1\\AirPlus.exe "
"item"="D-Link AirPlus G Configuration Utility"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\InterVideo WinCinema Manager.lnk"
"backup"="C:\\WINDOWS\\pss\\InterVideo WinCinema Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\INTERV~1\\Common\\Bin\\WINCIN~1.EXE "
"item"="InterVideo WinCinema Manager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\InCD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="InCD"
"hkey"="HKLM"
"command"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="C:\\Program Files\\iTunes\\iTunesHelper.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NeroCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\RoxioAudioCentral]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RxMon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Roxio\\Easy CD Creator 6\\AudioCentral\\RxMon.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\RoxioDragToDisc]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DrgToDsc"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Roxio\\Easy CD Creator 6\\DragToDisc\\DrgToDsc.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\services]
"PhotoshopElementsDeviceConnect"=dword:00000002
"iPodService"=dword:00000003
"AdobeActiveFileMonitor"=dword:00000002

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

Completion time: 06-09-24 14:58:30.28
ComboFix.txt

Ewido scan report
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 16:00 06-09-24

+ Scan result:

D:\WINDOWS\SYSTEM\angelex.exe -> Adware.BargainBuddy : No action taken.
D:\WINDOWS\SYSTEM\exdl.exe -> Adware.BargainBuddy : No action taken.
D:\WINDOWS\SYSTEM\exdl0.exe -> Adware.BargainBuddy : No action taken.
D:\WINDOWS\SYSTEM\exul.exe -> Adware.BargainBuddy : No action taken.
D:\WINDOWS\SYSTEM\javexulm.vxd -> Adware.BargainBuddy : No action taken.
D:\WINDOWS\SYSTEM\mqexdlm.srg -> Adware.BargainBuddy : No action taken.
D:\Program Files\Common Files\WhenU\EmbedSE.dll -> Adware.SaveNow : No action taken.
D:\WINDOWS\Temporary Internet Files\Content.IE5\NBFKI7S6\saveupdate[1].exe/Save.exe -> Adware.SaveNow : No action taken.
D:\WINDOWS\Temporary Internet Files\Content.IE5\NBFKI7S6\saveupdate[1].exe/SaveUninst.exe -> Adware.SaveNow : No action taken.
C:\WINDOWS\system32\pmnli.exe -> Downloader.ConHook.ab : No action taken.
D:\NULL -> Downloader.QDown.d : No action taken.
D:\WINDOWS\Cookies\jeff burger@zero.ads360[1].txt -> TrackingCookie.Ads360 : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom.zip/jeff burger@servedby.advertising[1].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom1.zip/jeff burger@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom10.zip/jeff burger@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom11.zip/jeff burger@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom12.zip/jeff burger@servedby.advertising[1].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom13.zip/jeff burger@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom2.zip/jeff burger@advertising[3].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom3.zip/jeff burger@servedby.advertising[2].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom4.zip/jeff burger@advertising[4].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom5.zip/jeff burger@servedby.advertising[3].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom6.zip/jeff burger@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom7.zip/jeff burger@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom8.zip/jeff burger@servedby.advertising[1].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom9.zip/jeff burger@servedby.advertising[2].txt -> TrackingCookie.Advertising : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc.zip/jeff burger@atdmt[3].txt -> TrackingCookie.Atdmt : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc1.zip/jeff burger@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc2.zip/jeff burger@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc3.zip/jeff burger@atdmt[3].txt -> TrackingCookie.Atdmt : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc4.zip/jeff burger@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc5.zip/jeff burger@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast.zip/jeff burger@bfast[2].txt -> TrackingCookie.Bfast : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast1.zip/jeff burger@bfast[1].txt -> TrackingCookie.Bfast : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast2.zip/jeff burger@bfast[2].txt -> TrackingCookie.Bfast : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast3.zip/jeff burger@bfast[3].txt -> TrackingCookie.Bfast : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast4.zip/jeff burger@bfast[1].txt -> TrackingCookie.Bfast : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast5.zip/jeff burger@bfast[1].txt -> TrackingCookie.Bfast : No action taken.
D:\WINDOWS\Cookies\jeff burger@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : No action taken.
D:\WINDOWS\Cookies\jeff burger@www.burstbeacon[3].txt -> TrackingCookie.Burstbeacon : No action taken.
D:\WINDOWS\Cookies\jeff burger@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
D:\WINDOWS\Cookies\jeff burger@burstnet[3].txt -> TrackingCookie.Burstnet : No action taken.
D:\WINDOWS\Cookies\jeff burger@com[1].txt -> TrackingCookie.Com : No action taken.
D:\WINDOWS\Cookies\jeff burger@com[2].txt -> TrackingCookie.Com : No action taken.
D:\WINDOWS\Cookies\jeff burger@com[4].txt -> TrackingCookie.Com : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics.zip/jeff burger@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics1.zip/jeff burger@data.coremetrics[2].txt -> TrackingCookie.Coremetrics : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics2.zip/jeff burger@twci.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics3.zip/jeff burger@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics4.zip/jeff burger@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics5.zip/jeff burger@twci.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick.zip/jeff burger@doubleclick[3].txt -> TrackingCookie.Doubleclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick1.zip/jeff burger@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick2.zip/jeff burger@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick3.zip/jeff burger@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick4.zip/jeff burger@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick5.zip/jeff burger@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
D:\WINDOWS\Cookies\jeff burger@a-1shz2prbmdj6wvny-1sez2pra2d...ure[2].txt -> TrackingCookie.Esomniture : No action taken.
D:\WINDOWS\Cookies\jeff burger@a-1shz2prbmdj6wvny-1sez2pra2d...ure[2].txt -> TrackingCookie.Esomniture : No action taken.
D:\WINDOWS\Cookies\jeff burger@y-1shz2prbmdj6wvny-1sez2pra2d...ure[2].txt -> TrackingCookie.Esomniture : No action taken.
D:\WINDOWS\Cookies\jeff burger@y-1shz2prbmdj6wvny-1sez2pra2d...ure[2].txt -> TrackingCookie.Esomniture : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick.zip/jeff burger@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick1.zip/jeff burger@fastclick[4].txt -> TrackingCookie.Fastclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick2.zip/jeff burger@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick3.zip/jeff burger@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick4.zip/jeff burger@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick5.zip/jeff burger@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick6.zip/jeff burger@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
D:\WINDOWS\Cookies\jeff burger@gamershell[1].txt -> TrackingCookie.Gamershell : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox.zip/jeff burger@ehg-idg.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox1.zip/jeff burger@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox10.zip/jeff burger@ehg-bestbuy.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox11.zip/jeff burger@ehg-ubisoft.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox12.zip/jeff burger@hg1.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox13.zip/jeff burger@ehg-espn.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox14.zip/jeff burger@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox15.zip/jeff burger@ehg-canon.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox16.zip/jeff burger@hitbox[3].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox17.zip/jeff burger@ehg.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox18.zip/jeff burger@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox19.zip/jeff burger@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox2.zip/jeff burger@w101.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox20.zip/jeff burger@ehg-paintball.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox21.zip/jeff burger@ehg-bestbuy.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox22.zip/jeff burger@ehg-tigerdirect.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox23.zip/jeff burger@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox24.zip/jeff burger@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox25.zip/jeff burger@ehg-newscientist.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox26.zip/jeff burger@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox27.zip/jeff burger@ehg-tigerdirect2.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox28.zip/jeff burger@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox29.zip/jeff burger@ehg-micron.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox3.zip/jeff burger@hg1.hitbox[4].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox30.zip/jeff burger@ehg-mtv.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox31.zip/jeff burger@ehg-bestbuy.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox32.zip/jeff burger@ehg-newegg.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox33.zip/jeff burger@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox34.zip/jeff burger@ehg-bcstore.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox35.zip/jeff burger@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox4.zip/jeff burger@ehg-bestbuy.hitbox[4].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox5.zip/jeff burger@ehg-dig.hitbox[3].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox6.zip/jeff burger@ehg-ubisoft.hitbox[3].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox7.zip/jeff burger@ehg-sonicblue.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox8.zip/jeff burger@hg1.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox9.zip/jeff burger@ehg-bestbuy.hitbox[3].txt -> TrackingCookie.Hitbox : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink.zip/jeff burger@counter.hitslink[3].txt -> TrackingCookie.Hitslink : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink1.zip/jeff burger@counter.hitslink[2].txt -> TrackingCookie.Hitslink : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink2.zip/jeff burger@counter.hitslink[2].txt -> TrackingCookie.Hitslink : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex.zip/jeff burger@mediaplex[2].txt -> TrackingCookie.Mediaplex : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex1.zip/jeff burger@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex2.zip/jeff burger@mediaplex[2].txt -> TrackingCookie.Mediaplex : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex3.zip/jeff burger@mediaplex[3].txt -> TrackingCookie.Mediaplex : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex4.zip/jeff burger@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex5.zip/jeff burger@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
D:\WINDOWS\Cookies\jeff burger@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : No action taken.
D:\WINDOWS\Cookies\jeff burger@www.popuptraffic[2].txt -> TrackingCookie.Popuptraffic : No action taken.
D:\WINDOWS\Cookies\jeff burger@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : No action taken.
D:\WINDOWS\Cookies\jeff burger@login.tracking101[1].txt -> TrackingCookie.Tracking101 : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick.zip/jeff burger@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick1.zip/jeff burger@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick2.zip/jeff burger@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick3.zip/jeff burger@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick4.zip/jeff burger@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.
D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick5.zip/jeff burger@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

::Report end

Panda Scan report

Incident Status Location

Adware:Adware/WhenUSearch Not disinfected D:\Program Files\Common Files\WhenU\EmbedSE.dll
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom.zip[jeff burger@servedby.advertising[1].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom1.zip[jeff burger@advertising[2].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom2.zip[jeff burger@advertising[3].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom3.zip[jeff burger@servedby.advertising[2].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom4.zip[jeff burger@advertising[4].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom5.zip[jeff burger@servedby.advertising[3].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom6.zip[jeff burger@advertising[1].txt]
Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc.zip[jeff burger@atdmt[3].txt]
Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc1.zip[jeff burger@atdmt[2].txt]
Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast.zip[jeff burger@bfast[2].txt]
Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast1.zip[jeff burger@bfast[1].txt]
Spyware:Cookie/Coremetrics Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics.zip[jeff burger@data.coremetrics[1].txt]
Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick.zip[jeff burger@doubleclick[3].txt]
Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick1.zip[jeff burger@doubleclick[1].txt]
Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick.zip[jeff burger@fastclick[2].txt]
Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick1.zip[jeff burger@fastclick[4].txt]
Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick2.zip[jeff burger@fastclick[1].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox.zip[jeff burger@ehg-idg.hitbox[2].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox1.zip[jeff burger@hitbox[1].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox3.zip[jeff burger@hg1.hitbox[4].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox5.zip[jeff burger@ehg-dig.hitbox[3].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox6.zip[jeff burger@ehg-ubisoft.hitbox[3].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox8.zip[jeff burger@hg1.hitbox[1].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox11.zip[jeff burger@ehg-ubisoft.hitbox[2].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox12.zip[jeff burger@hg1.hitbox[2].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox14.zip[jeff burger@ehg-dig.hitbox[2].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox16.zip[jeff burger@hitbox[3].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox17.zip[jeff burger@ehg.hitbox[2].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox18.zip[jeff burger@hitbox[2].txt]
Spyware:Cookie/Hitslink Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink.zip[jeff burger@counter.hitslink[3].txt]
Spyware:Cookie/Hitslink Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink1.zip[jeff burger@counter.hitslink[2].txt]
Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex.zip[jeff burger@mediaplex[2].txt]
Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex1.zip[jeff burger@mediaplex[1].txt]
Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick.zip[jeff burger@valueclick[2].txt]
Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick1.zip[jeff burger@valueclick[1].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom7.zip[jeff burger@advertising[2].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom8.zip[jeff burger@servedby.advertising[1].txt]
Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc2.zip[jeff burger@atdmt[2].txt]
Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast2.zip[jeff burger@bfast[2].txt]
Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick2.zip[jeff burger@doubleclick[1].txt]
Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick3.zip[jeff burger@fastclick[1].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox19.zip[jeff burger@hitbox[1].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox23.zip[jeff burger@ehg-dig.hitbox[2].txt]
Spyware:Cookie/Hitslink Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink2.zip[jeff burger@counter.hitslink[2].txt]
Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex2.zip[jeff burger@mediaplex[2].txt]
Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick2.zip[jeff burger@valueclick[2].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom9.zip[jeff burger@servedby.advertising[2].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom10.zip[jeff burger@advertising[2].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom11.zip[jeff burger@advertising[1].txt]
Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc3.zip[jeff burger@atdmt[3].txt]
Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc4.zip[jeff burger@atdmt[2].txt]
Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast3.zip[jeff burger@bfast[3].txt]
Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast4.zip[jeff burger@bfast[1].txt]
Spyware:Cookie/Coremetrics Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics1.zip[jeff burger@data.coremetrics[2].txt]
Spyware:Cookie/Coremetrics Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics3.zip[jeff burger@data.coremetrics[1].txt]
Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick3.zip[jeff burger@doubleclick[2].txt]
Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick4.zip[jeff burger@doubleclick[1].txt]
Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick4.zip[jeff burger@fastclick[1].txt]
Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick5.zip[jeff burger@fastclick[2].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox24.zip[jeff burger@ehg-dig.hitbox[1].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox26.zip[jeff burger@hitbox[2].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox28.zip[jeff burger@ehg-dig.hitbox[2].txt]
Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex3.zip[jeff burger@mediaplex[3].txt]
Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex4.zip[jeff burger@mediaplex[1].txt]
Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick3.zip[jeff burger@valueclick[2].txt]
Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick4.zip[jeff burger@valueclick[1].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom12.zip[jeff burger@servedby.advertising[1].txt]
Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom13.zip[jeff burger@advertising[2].txt]
Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc5.zip[jeff burger@atdmt[2].txt]
Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast5.zip[jeff burger@bfast[1].txt]
Spyware:Cookie/Coremetrics Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics4.zip[jeff burger@data.coremetrics[1].txt]
Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick5.zip[jeff burger@doubleclick[1].txt]
Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick6.zip[jeff burger@fastclick[2].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox29.zip[jeff burger@ehg-micron.hitbox[1].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox33.zip[jeff burger@ehg-dig.hitbox[2].txt]
Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox35.zip[jeff burger@hitbox[2].txt]
Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex5.zip[jeff burger@mediaplex[1].txt]
Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick5.zip[jeff burger@valueclick[1].txt]
Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\SYSTEM\exdl.exe
Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\SYSTEM\exul.exe
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\SYSTEM\exdl0.exe
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\SYSTEM\mqexdlm.srg
Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\SYSTEM\javexulm.vxd
Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\SYSTEM\exclean.exe
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\SYSTEM\angelex.exe
Adware:Adware/SaveNow Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\NBFKI7S6\saveupdate[1].exe
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[²èÇ]
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[exdl.exe]
Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[exul.exe]
Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[trkgif.exe]
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[ahadp.exe][angelex.exe]
Hacktool:HackTool/SRunner.B Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[ahadp.exe][instsrv.exe]
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[ahadp.exe][msexreg.exe]
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[adp8033_OUTB.exe]
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[adp8033_OUTB.exe][bargains.exe]
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[adp8033_OUTB.exe][adv.exe]
Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[adp8033_OUTB.exe][adx.exe]
Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[exclean.exe]
Possible Virus. Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\4FDFAQ3D\prutfct[1].exe
Possible Virus. Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\WJNJI4LT\pruthct[1].exe
Possible Virus. Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\94OZHD8P\prutjct[1].exe
Spyware:Cookie/Buzztone Not disinfected D:\WINDOWS\Cookies\jeff burger@www.buzztone[2].txt
Spyware:Cookie/Tucows Not disinfected D:\WINDOWS\Cookies\jeff burger@tucows[2].txt
Spyware:Cookie/Toplist Not disinfected D:\WINDOWS\Cookies\jeff burger@www.toplist[1].txt
Spyware:Cookie/Cd Freaks Not disinfected D:\WINDOWS\Cookies\jeff burger@cdfreaks[1].txt
Spyware:Cookie/GoStats Not disinfected D:\WINDOWS\Cookies\jeff burger@c2.gostats[2].txt
Spyware:Cookie/Go Not disinfected D:\WINDOWS\Cookies\jeff burger@go[1].txt
Spyware:Cookie/Go Not disinfected D:\WINDOWS\Cookies\jeff burger@go[4].txt
Spyware:Cookie/Com.com Not disinfected D:\WINDOWS\Cookies\jeff burger@com[2].txt
Spyware:Cookie/Santa Monica networks inc Not disinfected D:\WINDOWS\Cookies\jeff burger@smni[2].txt
Spyware:Cookie/GoStats Not disinfected D:\WINDOWS\Cookies\jeff burger@gostats[2].txt
Spyware:Cookie/Go Not disinfected D:\WINDOWS\Cookies\jeff burger@go[2].txt
Spyware:Cookie/myaffiliateprogram Not disinfected D:\WINDOWS\Cookies\jeff burger@www.myaffiliateprogram[1].txt
Spyware:Cookie/Gorillanation Not disinfected D:\WINDOWS\Cookies\jeff burger@ads.gorillanation[1].txt
Spyware:Cookie/Go Not disinfected D:\WINDOWS\Cookies\jeff burger@go[3].txt
Spyware:Cookie/BurstNet Not disinfected D:\WINDOWS\Cookies\jeff burger@burstnet[2].txt
Spyware:Cookie/Xiti Not disinfected D:\WINDOWS\Cookies\jeff burger@xiti[1].txt
Spyware:Cookie/Affiliate fuel Not disinfected D:\WINDOWS\Cookies\jeff burger@www.affiliatefuel[2].txt
Spyware:Cookie/BurstBeacon Not disinfected D:\WINDOWS\Cookies\jeff burger@www.burstbeacon[1].txt
Spyware:Cookie/Com.com Not disinfected D:\WINDOWS\Cookies\jeff burger@com[1].txt
Spyware:Cookie/Go Not disinfected D:\WINDOWS\Cookies\jeff burger@go[6].txt
Spyware:Cookie/Rightmedia Not disinfected D:\WINDOWS\Cookies\jeff burger@rightmedia[2].txt
Spyware:Cookie/Target Not disinfected D:\WINDOWS\Cookies\jeff burger@target[1].txt
Spyware:Cookie/Com.com Not disinfected D:\WINDOWS\Cookies\jeff burger@com[4].txt
Spyware:Cookie/BurstBeacon Not disinfected D:\WINDOWS\Cookies\jeff burger@www.burstbeacon[3].txt
Spyware:Cookie/BurstNet Not disinfected D:\WINDOWS\Cookies\jeff burger@burstnet[3].txt
Adware:Adware/Qdown Not disinfected D:\NULL

new HiJackThis log taken after the online scan finishes

Logfile of HijackThis v1.99.1
Scan saved at 21:44, on 06-09-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_AICN03.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Jeff\My Documents\Unzipped\hijackthis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [EPSON Stylus COLOR 580] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_AICN03.EXE /P22 "EPSON Stylus COLOR 580" /O6 "USB001" /M "Stylus COLOR 580"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

09-24-2006, 09:38 PM	#3 (permalink)
Roomba Registered User Join Date: Sep 2006 Posts: 5 OS: Win XP	IE popups, gaming disconnect, shutdown First off, thanks for your rapid relpy. You came highly recommended from my wife who had a similar problem. Second, I did all that you said and there were some big improvements. After the step with ewido, there were no popups! I had the anitvirus ones but they werent catching them. I was able to finish a Battlefiled2 round! I'll admit it was the third time but I was connected to a server for 5-10 minutes. I think something is going on in the BF2 world. Not sure. But that showed great promise. Of the four entries from HJT, the third one was the only one I saw in Safe mode. I fixed it. Again, my thanks. Let me know what else you see. Or if you need something else. OK. Here are the logs you asked for: ComboFix.txt Jeff - 06-09-24 14:56:10.76 Service Pack 2 ComboFix 06.09.23.2 - Running from: "C:\Documents and Settings\Jeff\desktop" Command switches used :: /v FM2dit (((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log ))))))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\FM2dit.dll * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ((((((((((((((((((((((((((((((( Files Created from 2006-08-24 to 2006-09-24 )))))))))))))))))))))))))))))))))) 2006-09-24 14:50 276,406 --a------ C:\combofix.exe 2006-09-24 14:47 6,020,448 --a------ C:\ewido-setup_4.0.0.172c.exe 2006-09-24 14:46 339,257 --a------ C:\CleanUp452.exe 2006-09-23 18:18 1,314,816 --a------ C:\pbsetup.exe 2006-09-23 17:22 7,050,552 --a------ C:\psa30se_en_us.exe 2006-08-31 22:38 746,880 --a------ C:\FRAPS274.EXE (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-09-24 14:52 -------- d-------- C:\Program Files\ewido anti-spyware 4.0 2006-09-24 14:46 -------- d-------- C:\Program Files\CleanUp! 2006-09-23 23:06 -------- d-------- C:\Documents and Settings\Jeff\Application Data\AdobeUM 2006-09-23 22:55 -------- d-------- C:\Program Files\SpywareBlaster 2006-09-23 22:47 -------- d-------- C:\Program Files\AntiVir PersonalEdition Classic 2006-09-23 17:26 -------- d-------- C:\Program Files\Adobe 2006-09-23 17:25 1015 --a------ C:\Documents and Settings\Jeff\Application Data\AdobeDLM.log 2006-09-23 17:25 0 --a------ C:\Documents and Settings\Jeff\Application Data\dm.ini 2006-09-23 17:22 -------- d-------- C:\Documents and Settings\Jeff\Application Data\Adobe 2006-09-17 15:36 -------- d-------- C:\Documents and Settings\Jeff\Application Data\U3 2006-09-15 21:47 -------- d---s---- C:\Documents and Settings\Jeff\Application Data\Microsoft 2006-09-09 15:11 -------- d-------- C:\Documents and Settings\Jeff\Application Data\Google 2006-09-08 19:25 -------- d-------- C:\Program Files\Google 2006-08-26 17:16 -------- d-------- C:\Program Files\Firefox 2006-08-17 21:38 -------- d-------- C:\Program Files\Internet Explorer 2006-07-21 03:24 72704 --a------ C:\WINDOWS\system32\hlink.dll 2006-07-13 22:22 57384 --a------ C:\WINDOWS\system32\avsda.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) Note empty entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus COLOR 580"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_AICN03.EXE /P22 \"EPSON Stylus COLOR 580\" /O6 \"USB001\" /M \"Stylus COLOR 580\"" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.0.720.3640\\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" @="" "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime" "RoxioEngineUtility"="\"C:\\Program Files\\Common Files\\Roxio Shared\\System\\EngUtil.exe\"" "avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" "ASUS Probe"="C:\\Program Files\\ASUS\\Probe\\AsusProb.exe" "Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_07\\bin\\jusched.exe" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,a2,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] @="" "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime" [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] @="" "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "NoDriveAutoRun"=hex:80,02,00,00 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "CDRAutoRun"=dword:00000000 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "CDRAutoRun"=dword:00000000 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Gamma Loader.lnk" "backup"="C:\\WINDOWS\\pss\\Adobe Gamma Loader.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE " "item"="Adobe Gamma Loader" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\ATI CATALYST System Tray.lnk" "backup"="C:\\WINDOWS\\pss\\ATI CATALYST System Tray.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\ATITEC~1\\ATI.ACE\\CLI.exe SystemTray" "item"="ATI CATALYST System Tray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^D-Link AirPlus G Configuration Utility.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\D-Link AirPlus G Configuration Utility.lnk" "backup"="C:\\WINDOWS\\pss\\D-Link AirPlus G Configuration Utility.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\D-LINK~1\\AirPlus.exe " "item"="D-Link AirPlus G Configuration Utility" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\InterVideo WinCinema Manager.lnk" "backup"="C:\\WINDOWS\\pss\\InterVideo WinCinema Manager.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\INTERV~1\\Common\\Bin\\WINCIN~1.EXE " "item"="InterVideo WinCinema Manager" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\InCD] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="InCD" "hkey"="HKLM" "command"="C:\\Program Files\\Ahead\\InCD\\InCD.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="C:\\Program Files\\iTunes\\iTunesHelper.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NeroCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\RoxioAudioCentral] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RxMon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Roxio\\Easy CD Creator 6\\AudioCentral\\RxMon.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\RoxioDragToDisc] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DrgToDsc" "hkey"="HKLM" "command"="\"C:\\Program Files\\Roxio\\Easy CD Creator 6\\DragToDisc\\DrgToDsc.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\services] "PhotoshopElementsDeviceConnect"=dword:00000002 "iPodService"=dword:00000003 "AdobeActiveFileMonitor"=dword:00000002 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll Completion time: 06-09-24 14:58:30.28 ComboFix.txt Ewido scan report --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 16:00 06-09-24 + Scan result: D:\WINDOWS\SYSTEM\angelex.exe -> Adware.BargainBuddy : No action taken. D:\WINDOWS\SYSTEM\exdl.exe -> Adware.BargainBuddy : No action taken. D:\WINDOWS\SYSTEM\exdl0.exe -> Adware.BargainBuddy : No action taken. D:\WINDOWS\SYSTEM\exul.exe -> Adware.BargainBuddy : No action taken. D:\WINDOWS\SYSTEM\javexulm.vxd -> Adware.BargainBuddy : No action taken. D:\WINDOWS\SYSTEM\mqexdlm.srg -> Adware.BargainBuddy : No action taken. D:\Program Files\Common Files\WhenU\EmbedSE.dll -> Adware.SaveNow : No action taken. D:\WINDOWS\Temporary Internet Files\Content.IE5\NBFKI7S6\saveupdate[1].exe/Save.exe -> Adware.SaveNow : No action taken. D:\WINDOWS\Temporary Internet Files\Content.IE5\NBFKI7S6\saveupdate[1].exe/SaveUninst.exe -> Adware.SaveNow : No action taken. C:\WINDOWS\system32\pmnli.exe -> Downloader.ConHook.ab : No action taken. D:\NULL -> Downloader.QDown.d : No action taken. D:\WINDOWS\Cookies\jeff burger@zero.ads360[1].txt -> TrackingCookie.Ads360 : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom.zip/jeff burger@servedby.advertising[1].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom1.zip/jeff burger@advertising[2].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom10.zip/jeff burger@advertising[2].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom11.zip/jeff burger@advertising[1].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom12.zip/jeff burger@servedby.advertising[1].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom13.zip/jeff burger@advertising[2].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom2.zip/jeff burger@advertising[3].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom3.zip/jeff burger@servedby.advertising[2].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom4.zip/jeff burger@advertising[4].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom5.zip/jeff burger@servedby.advertising[3].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom6.zip/jeff burger@advertising[1].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom7.zip/jeff burger@advertising[2].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom8.zip/jeff burger@servedby.advertising[1].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom9.zip/jeff burger@servedby.advertising[2].txt -> TrackingCookie.Advertising : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc.zip/jeff burger@atdmt[3].txt -> TrackingCookie.Atdmt : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc1.zip/jeff burger@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc2.zip/jeff burger@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc3.zip/jeff burger@atdmt[3].txt -> TrackingCookie.Atdmt : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc4.zip/jeff burger@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc5.zip/jeff burger@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast.zip/jeff burger@bfast[2].txt -> TrackingCookie.Bfast : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast1.zip/jeff burger@bfast[1].txt -> TrackingCookie.Bfast : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast2.zip/jeff burger@bfast[2].txt -> TrackingCookie.Bfast : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast3.zip/jeff burger@bfast[3].txt -> TrackingCookie.Bfast : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast4.zip/jeff burger@bfast[1].txt -> TrackingCookie.Bfast : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast5.zip/jeff burger@bfast[1].txt -> TrackingCookie.Bfast : No action taken. D:\WINDOWS\Cookies\jeff burger@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : No action taken. D:\WINDOWS\Cookies\jeff burger@www.burstbeacon[3].txt -> TrackingCookie.Burstbeacon : No action taken. D:\WINDOWS\Cookies\jeff burger@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken. D:\WINDOWS\Cookies\jeff burger@burstnet[3].txt -> TrackingCookie.Burstnet : No action taken. D:\WINDOWS\Cookies\jeff burger@com[1].txt -> TrackingCookie.Com : No action taken. D:\WINDOWS\Cookies\jeff burger@com[2].txt -> TrackingCookie.Com : No action taken. D:\WINDOWS\Cookies\jeff burger@com[4].txt -> TrackingCookie.Com : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics.zip/jeff burger@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics1.zip/jeff burger@data.coremetrics[2].txt -> TrackingCookie.Coremetrics : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics2.zip/jeff burger@twci.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics3.zip/jeff burger@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics4.zip/jeff burger@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics5.zip/jeff burger@twci.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick.zip/jeff burger@doubleclick[3].txt -> TrackingCookie.Doubleclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick1.zip/jeff burger@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick2.zip/jeff burger@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick3.zip/jeff burger@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick4.zip/jeff burger@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick5.zip/jeff burger@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken. D:\WINDOWS\Cookies\jeff burger@a-1shz2prbmdj6wvny-1sez2pra2d...ure[2].txt -> TrackingCookie.Esomniture : No action taken. D:\WINDOWS\Cookies\jeff burger@a-1shz2prbmdj6wvny-1sez2pra2d...ure[2].txt -> TrackingCookie.Esomniture : No action taken. D:\WINDOWS\Cookies\jeff burger@y-1shz2prbmdj6wvny-1sez2pra2d...ure[2].txt -> TrackingCookie.Esomniture : No action taken. D:\WINDOWS\Cookies\jeff burger@y-1shz2prbmdj6wvny-1sez2pra2d...ure[2].txt -> TrackingCookie.Esomniture : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick.zip/jeff burger@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick1.zip/jeff burger@fastclick[4].txt -> TrackingCookie.Fastclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick2.zip/jeff burger@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick3.zip/jeff burger@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick4.zip/jeff burger@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick5.zip/jeff burger@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick6.zip/jeff burger@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken. D:\WINDOWS\Cookies\jeff burger@gamershell[1].txt -> TrackingCookie.Gamershell : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox.zip/jeff burger@ehg-idg.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox1.zip/jeff burger@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox10.zip/jeff burger@ehg-bestbuy.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox11.zip/jeff burger@ehg-ubisoft.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox12.zip/jeff burger@hg1.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox13.zip/jeff burger@ehg-espn.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox14.zip/jeff burger@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox15.zip/jeff burger@ehg-canon.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox16.zip/jeff burger@hitbox[3].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox17.zip/jeff burger@ehg.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox18.zip/jeff burger@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox19.zip/jeff burger@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox2.zip/jeff burger@w101.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox20.zip/jeff burger@ehg-paintball.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox21.zip/jeff burger@ehg-bestbuy.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox22.zip/jeff burger@ehg-tigerdirect.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox23.zip/jeff burger@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox24.zip/jeff burger@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox25.zip/jeff burger@ehg-newscientist.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox26.zip/jeff burger@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox27.zip/jeff burger@ehg-tigerdirect2.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox28.zip/jeff burger@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox29.zip/jeff burger@ehg-micron.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox3.zip/jeff burger@hg1.hitbox[4].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox30.zip/jeff burger@ehg-mtv.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox31.zip/jeff burger@ehg-bestbuy.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox32.zip/jeff burger@ehg-newegg.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox33.zip/jeff burger@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox34.zip/jeff burger@ehg-bcstore.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox35.zip/jeff burger@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox4.zip/jeff burger@ehg-bestbuy.hitbox[4].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox5.zip/jeff burger@ehg-dig.hitbox[3].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox6.zip/jeff burger@ehg-ubisoft.hitbox[3].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox7.zip/jeff burger@ehg-sonicblue.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox8.zip/jeff burger@hg1.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox9.zip/jeff burger@ehg-bestbuy.hitbox[3].txt -> TrackingCookie.Hitbox : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink.zip/jeff burger@counter.hitslink[3].txt -> TrackingCookie.Hitslink : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink1.zip/jeff burger@counter.hitslink[2].txt -> TrackingCookie.Hitslink : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink2.zip/jeff burger@counter.hitslink[2].txt -> TrackingCookie.Hitslink : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex.zip/jeff burger@mediaplex[2].txt -> TrackingCookie.Mediaplex : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex1.zip/jeff burger@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex2.zip/jeff burger@mediaplex[2].txt -> TrackingCookie.Mediaplex : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex3.zip/jeff burger@mediaplex[3].txt -> TrackingCookie.Mediaplex : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex4.zip/jeff burger@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex5.zip/jeff burger@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken. D:\WINDOWS\Cookies\jeff burger@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : No action taken. D:\WINDOWS\Cookies\jeff burger@www.popuptraffic[2].txt -> TrackingCookie.Popuptraffic : No action taken. D:\WINDOWS\Cookies\jeff burger@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : No action taken. D:\WINDOWS\Cookies\jeff burger@login.tracking101[1].txt -> TrackingCookie.Tracking101 : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick.zip/jeff burger@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick1.zip/jeff burger@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick2.zip/jeff burger@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick3.zip/jeff burger@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick4.zip/jeff burger@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken. D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick5.zip/jeff burger@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken. ::Report end Panda Scan report Incident Status Location Adware:Adware/WhenUSearch Not disinfected D:\Program Files\Common Files\WhenU\EmbedSE.dll Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom.zip[jeff burger@servedby.advertising[1].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom1.zip[jeff burger@advertising[2].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom2.zip[jeff burger@advertising[3].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom3.zip[jeff burger@servedby.advertising[2].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom4.zip[jeff burger@advertising[4].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom5.zip[jeff burger@servedby.advertising[3].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom6.zip[jeff burger@advertising[1].txt] Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc.zip[jeff burger@atdmt[3].txt] Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc1.zip[jeff burger@atdmt[2].txt] Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast.zip[jeff burger@bfast[2].txt] Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast1.zip[jeff burger@bfast[1].txt] Spyware:Cookie/Coremetrics Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics.zip[jeff burger@data.coremetrics[1].txt] Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick.zip[jeff burger@doubleclick[3].txt] Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick1.zip[jeff burger@doubleclick[1].txt] Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick.zip[jeff burger@fastclick[2].txt] Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick1.zip[jeff burger@fastclick[4].txt] Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick2.zip[jeff burger@fastclick[1].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox.zip[jeff burger@ehg-idg.hitbox[2].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox1.zip[jeff burger@hitbox[1].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox3.zip[jeff burger@hg1.hitbox[4].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox5.zip[jeff burger@ehg-dig.hitbox[3].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox6.zip[jeff burger@ehg-ubisoft.hitbox[3].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox8.zip[jeff burger@hg1.hitbox[1].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox11.zip[jeff burger@ehg-ubisoft.hitbox[2].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox12.zip[jeff burger@hg1.hitbox[2].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox14.zip[jeff burger@ehg-dig.hitbox[2].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox16.zip[jeff burger@hitbox[3].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox17.zip[jeff burger@ehg.hitbox[2].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox18.zip[jeff burger@hitbox[2].txt] Spyware:Cookie/Hitslink Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink.zip[jeff burger@counter.hitslink[3].txt] Spyware:Cookie/Hitslink Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink1.zip[jeff burger@counter.hitslink[2].txt] Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex.zip[jeff burger@mediaplex[2].txt] Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex1.zip[jeff burger@mediaplex[1].txt] Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick.zip[jeff burger@valueclick[2].txt] Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick1.zip[jeff burger@valueclick[1].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom7.zip[jeff burger@advertising[2].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom8.zip[jeff burger@servedby.advertising[1].txt] Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc2.zip[jeff burger@atdmt[2].txt] Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast2.zip[jeff burger@bfast[2].txt] Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick2.zip[jeff burger@doubleclick[1].txt] Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick3.zip[jeff burger@fastclick[1].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox19.zip[jeff burger@hitbox[1].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox23.zip[jeff burger@ehg-dig.hitbox[2].txt] Spyware:Cookie/Hitslink Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitsLink2.zip[jeff burger@counter.hitslink[2].txt] Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex2.zip[jeff burger@mediaplex[2].txt] Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick2.zip[jeff burger@valueclick[2].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom9.zip[jeff burger@servedby.advertising[2].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom10.zip[jeff burger@advertising[2].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom11.zip[jeff burger@advertising[1].txt] Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc3.zip[jeff burger@atdmt[3].txt] Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc4.zip[jeff burger@atdmt[2].txt] Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast3.zip[jeff burger@bfast[3].txt] Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast4.zip[jeff burger@bfast[1].txt] Spyware:Cookie/Coremetrics Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics1.zip[jeff burger@data.coremetrics[2].txt] Spyware:Cookie/Coremetrics Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics3.zip[jeff burger@data.coremetrics[1].txt] Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick3.zip[jeff burger@doubleclick[2].txt] Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick4.zip[jeff burger@doubleclick[1].txt] Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick4.zip[jeff burger@fastclick[1].txt] Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick5.zip[jeff burger@fastclick[2].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox24.zip[jeff burger@ehg-dig.hitbox[1].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox26.zip[jeff burger@hitbox[2].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox28.zip[jeff burger@ehg-dig.hitbox[2].txt] Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex3.zip[jeff burger@mediaplex[3].txt] Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex4.zip[jeff burger@mediaplex[1].txt] Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick3.zip[jeff burger@valueclick[2].txt] Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick4.zip[jeff burger@valueclick[1].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom12.zip[jeff burger@servedby.advertising[1].txt] Spyware:Cookie/Advertising Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\Advertisingcom13.zip[jeff burger@advertising[2].txt] Spyware:Cookie/Atlas DMT Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\AvenueAInc5.zip[jeff burger@atdmt[2].txt] Spyware:Cookie/Bfast Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\BFast5.zip[jeff burger@bfast[1].txt] Spyware:Cookie/Coremetrics Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\CoreMetrics4.zip[jeff burger@data.coremetrics[1].txt] Spyware:Cookie/Doubleclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\DoubleClick5.zip[jeff burger@doubleclick[1].txt] Spyware:Cookie/FastClick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\FastClick6.zip[jeff burger@fastclick[2].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox29.zip[jeff burger@ehg-micron.hitbox[1].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox33.zip[jeff burger@ehg-dig.hitbox[2].txt] Spyware:Cookie/Hitbox Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\HitBox35.zip[jeff burger@hitbox[2].txt] Spyware:Cookie/Mediaplex Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\MediaPlex5.zip[jeff burger@mediaplex[1].txt] Spyware:Cookie/Valueclick Not disinfected D:\Program Files\Spybot - Search & Destroy 1.1\Recovery\ValueClick5.zip[jeff burger@valueclick[1].txt] Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\SYSTEM\exdl.exe Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\SYSTEM\exul.exe Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\SYSTEM\exdl0.exe Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\SYSTEM\mqexdlm.srg Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\SYSTEM\javexulm.vxd Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\SYSTEM\exclean.exe Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\SYSTEM\angelex.exe Adware:Adware/SaveNow Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\NBFKI7S6\saveupdate[1].exe Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[²èÇ] Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[exdl.exe] Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[exul.exe] Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[trkgif.exe] Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[ahadp.exe][angelex.exe] Hacktool:HackTool/SRunner.B Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[ahadp.exe][instsrv.exe] Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[ahadp.exe][msexreg.exe] Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[adp8033_OUTB.exe] Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[adp8033_OUTB.exe][bargains.exe] Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[adp8033_OUTB.exe][adv.exe] Adware:Adware/Exact.BargainBuddy Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[adp8033_OUTB.exe][adx.exe] Adware:Adware/Exact.SearchBar Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\I9SBIXU5\adp8033[1].exe[exclean.exe] Possible Virus. Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\4FDFAQ3D\prutfct[1].exe Possible Virus. Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\WJNJI4LT\pruthct[1].exe Possible Virus. Not disinfected D:\WINDOWS\Temporary Internet Files\Content.IE5\94OZHD8P\prutjct[1].exe Spyware:Cookie/Buzztone Not disinfected D:\WINDOWS\Cookies\jeff burger@www.buzztone[2].txt Spyware:Cookie/Tucows Not disinfected D:\WINDOWS\Cookies\jeff burger@tucows[2].txt Spyware:Cookie/Toplist Not disinfected D:\WINDOWS\Cookies\jeff burger@www.toplist[1].txt Spyware:Cookie/Cd Freaks Not disinfected D:\WINDOWS\Cookies\jeff burger@cdfreaks[1].txt Spyware:Cookie/GoStats Not disinfected D:\WINDOWS\Cookies\jeff burger@c2.gostats[2].txt Spyware:Cookie/Go Not disinfected D:\WINDOWS\Cookies\jeff burger@go[1].txt Spyware:Cookie/Go Not disinfected D:\WINDOWS\Cookies\jeff burger@go[4].txt Spyware:Cookie/Com.com Not disinfected D:\WINDOWS\Cookies\jeff burger@com[2].txt Spyware:Cookie/Santa Monica networks inc Not disinfected D:\WINDOWS\Cookies\jeff burger@smni[2].txt Spyware:Cookie/GoStats Not disinfected D:\WINDOWS\Cookies\jeff burger@gostats[2].txt Spyware:Cookie/Go Not disinfected D:\WINDOWS\Cookies\jeff burger@go[2].txt Spyware:Cookie/myaffiliateprogram Not disinfected D:\WINDOWS\Cookies\jeff burger@www.myaffiliateprogram[1].txt Spyware:Cookie/Gorillanation Not disinfected D:\WINDOWS\Cookies\jeff burger@ads.gorillanation[1].txt Spyware:Cookie/Go Not disinfected D:\WINDOWS\Cookies\jeff burger@go[3].txt Spyware:Cookie/BurstNet Not disinfected D:\WINDOWS\Cookies\jeff burger@burstnet[2].txt Spyware:Cookie/Xiti Not disinfected D:\WINDOWS\Cookies\jeff burger@xiti[1].txt Spyware:Cookie/Affiliate fuel Not disinfected D:\WINDOWS\Cookies\jeff burger@www.affiliatefuel[2].txt Spyware:Cookie/BurstBeacon Not disinfected D:\WINDOWS\Cookies\jeff burger@www.burstbeacon[1].txt Spyware:Cookie/Com.com Not disinfected D:\WINDOWS\Cookies\jeff burger@com[1].txt Spyware:Cookie/Go Not disinfected D:\WINDOWS\Cookies\jeff burger@go[6].txt Spyware:Cookie/Rightmedia Not disinfected D:\WINDOWS\Cookies\jeff burger@rightmedia[2].txt Spyware:Cookie/Target Not disinfected D:\WINDOWS\Cookies\jeff burger@target[1].txt Spyware:Cookie/Com.com Not disinfected D:\WINDOWS\Cookies\jeff burger@com[4].txt Spyware:Cookie/BurstBeacon Not disinfected D:\WINDOWS\Cookies\jeff burger@www.burstbeacon[3].txt Spyware:Cookie/BurstNet Not disinfected D:\WINDOWS\Cookies\jeff burger@burstnet[3].txt Adware:Adware/Qdown Not disinfected D:\NULL new HiJackThis log taken after the online scan finishes Logfile of HijackThis v1.99.1 Scan saved at 21:44, on 06-09-24 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_AICN03.EXE C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\WINDOWS\system32\cidaemon.exe C:\Documents and Settings\Jeff\My Documents\Unzipped\hijackthis\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [EPSON Stylus COLOR 580] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_AICN03.EXE /P22 "EPSON Stylus COLOR 580" /O6 "USB001" /M "Stylus COLOR 580" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe