Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads
Reload this Page More problems than I can name!
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


Resolved HJT Threads Resolved spyware and popup issues.

 
Page 1 of 2 1 2
 
LinkBack Thread Tools
Old 10-25-2006, 06:53 PM   #1 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


More problems than I can name!
I have been having problems with my computer freezing during restart lately, and I have noticed that in the display properties I have missing tabs. Also, the safely remove hardware icon is missing from my taskbar. I ran adaware se and it detected 157 problems, which I quarantined. I also did an additional scan in adaware which found an additional 333 problems which I also quarantined. I was advised to download hijack this and provide you guys with a log....So here it is. Be prepared for a bunch of errors...

Logfile of HijackThis v1.99.1
Scan saved at 8:14:51 PM, on 10/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1100968254\ee\AOLSoftware.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
c:\program files\common files\aol\1100968254\ee\services\antiSpywareApp\ver2_0_25_1\AOLSP Scheduler.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\system32\cidaemon.exe
c:\program files\common files\aol\1100968254\ee\aolsoftware.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\RACHEL~1\LOCALS~1\Temp\Temporary Directory 3 for hijackthis.zip\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uncw.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.joltid.com/index.php/peer...p2p_networking
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100968254\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [GoBack Install] C:\Documents and Settings\All Users\Application Data\AOL Downloads\CCU_SUITE_1.1.10.4\setup.exe /minor2
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here

Old 10-26-2006, 11:48 AM   #2 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,860
OS: WinXP and Vista


Hello red1152 and welcome to TSF,

Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

***************************************************

You are running Hijack This from a temporary directory. It needs to be in a permanent folder as the program creates backup files that we may need to use later. If the program is in a Temporary folder, files may be deleted by you or automatically if your system is set to empty temp files.

Please go into Windows Explorer, (My Computer)
click on C: then click on File > New > Folder and call it HJT , or another name of your choice.


***************************************************

Download AVG Anti-Spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program
  1. Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  2. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
  3. On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  4. Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  5. Once in the Settings screen click on " Recommended actions" and then select " Quarantine".
  6. Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware. Do Not run a scan just yet, we will shortly.

------------------

Download and install CleanUp! but do not run it yet. (Not Recommended for XP64).

-----------------------------------

Please disable the following program(s) as they may interfere with the fixes below. You may re-enable them when we are through cleaning your system:

Windows Defender:
  • Open Windows Defender.
  • Click on Tools, Options.
  • Scroll down and uncheck Turn on real-time protection (recommended).
  • After you uncheck this, click on the Save button and close Windows Defender.

-----------------------------------

Please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Use the up arrow key to highlight Safe Mode and press Enter.
5) Login with your usual account. Make sure to close any open browsers.

-----------------------------------

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

Need2Find Bar

-----------------------------------

Open HijackThis and click on 'Do a System Scan Only'. Check the following entries if they exist:

O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXEO16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -


Click 'Fix Checked' and close HijackThis.

-----------------------------------

Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading:
* select Show hidden files and folders.
* Uncheck Hide protected operating system files (recommended) option.
*Also, make sure there is no checkmark beside Hide file extensions for known file types.
* Click OK.

-----------------------------------

Delete the following Folder if it still exists.

C:\Program Files\ Need2Find


-----------------------------------

*WARNING* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp! or move them to a permanent location.

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Cleanup! All Users
  • Click on the "Temporary Files" and uncheck the box for "Scan drives for file matching" if it's checked.
Click OK
Press the CleanUp! button to start the program. Do NOT reboot/logoff when prompted.

------------------------------------------------

IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, **Please ensure it is set to Quarantine then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware.
**AVG Anti-Spyware is compatible with most AV and anti-spyware products, and the free version will continue to be useful as a second anti-malware scanner.

-----------------------------------

Reboot into Normal Mode.

-----------------------------------

Perform an online scan using Internet Explorer with Panda ActiveScan
** click on "Free use ActiveScan" located on the top right hand corner
  1. Click Check Now & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
  2. Enter your e-mail address, country, and state & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer
  • If it finds any malware, it will offer you a report.
  • Please ignore any entry it finds and wants you to buy the program for removal as we will address this later.
  • Click on see report. Then click Save report

Please include the following in your next reply:

AVG Anti-Spyware results
Panda results
New HijackThis log
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-26-2006, 01:29 PM   #3 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


I recreated the folder just like you said for hjt, but when I tried to open it up, it says that it is temporary still...I tried uninstalling and reinstalling the program but that didn't work...Any ideas??
Last edited by red1152; 10-26-2006 at 01:57 PM.
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-26-2006, 04:53 PM   #4 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,860
OS: WinXP and Vista


Hi red1152,

When you go to unzip the HijackThis.zip, take a look at the path it's showing in the thin white box --that's the location it's going to unzip to. Change it using the browse button--you can put it on your desktop if that's easier for you.

If you still can't get it out of the temp folder, download HijackThis.exe from this location.
  • A dialog box will pop up.
  • Choose 'Save'
  • A 'Save in' box will pop up showing where it is currently set to be saved.
  • Look at the location it's showing and change it to 'Desktop' using the little blue arrow just to the right of the location box.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-27-2006, 10:08 AM   #5 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:35:19 AM 10/27/2006

+ Scan result:



C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107030.EXE/clientax.dll -> Adware.180Solutions : Cleaned.
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP568\A0105483.exe -> Adware.Altnet : Cleaned.
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP568\A0105486.exe -> Adware.Altnet : Cleaned.
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP568\A0105490.exe -> Adware.Altnet : Cleaned.
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP510\A0091888.exe -> Adware.Relevant : Cleaned.
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP529\A0097576.dll -> Adware.Zango : Cleaned.
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP530\A0097664.dll -> Adware.Zango : Cleaned.
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP531\A0097697.dll -> Adware.Zango : Cleaned.
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP555\A0102282.dll -> Adware.Zango : Cleaned.
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP565\A0104104.dll -> Adware.Zango : Cleaned.
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP566\A0105088.dll -> Adware.Zango : Cleaned.
C:\WINDOWS\system32\drivers\df_kmd.sys -> Rootkit.Agent.af : Cleaned.
:mozilla.6:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\30r18oov.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.9:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\30r18oov.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.11:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\30r18oov.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.16:C:\RECYCLER\NPROTECT\00001359.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.16:C:\RECYCLER\NPROTECT\00001402.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.16:C:\RECYCLER\NPROTECT\00001406.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.16:C:\RECYCLER\NPROTECT\00001408.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.6:C:\Documents and Settings\Iris\Application Data\Mozilla\Firefox\Profiles\j9janor7.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.6:C:\RECYCLER\NPROTECT\00001357.MOZ -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.36:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\30r18oov.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.20:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\30r18oov.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.12:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\30r18oov.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.15:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\30r18oov.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.16:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\30r18oov.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.17:C:\Documents and Settings\Dale\Application Data\Mozilla\Firefox\Profiles\30r18oov.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.11:C:\RECYCLER\NPROTECT\00001327.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.12:C:\RECYCLER\NPROTECT\00001343.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.12:C:\RECYCLER\NPROTECT\00001345.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.12:C:\RECYCLER\NPROTECT\00001347.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.13:C:\RECYCLER\NPROTECT\00001343.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.13:C:\RECYCLER\NPROTECT\00001345.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.13:C:\RECYCLER\NPROTECT\00001347.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.14:C:\RECYCLER\NPROTECT\00001327.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.14:C:\RECYCLER\NPROTECT\00001343.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.14:C:\RECYCLER\NPROTECT\00001345.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.14:C:\RECYCLER\NPROTECT\00001347.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.15:C:\RECYCLER\NPROTECT\00001327.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.16:C:\RECYCLER\NPROTECT\00001327.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.17:C:\RECYCLER\NPROTECT\00001327.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.19:C:\RECYCLER\NPROTECT\00001349.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.19:C:\RECYCLER\NPROTECT\00001356.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.20:C:\RECYCLER\NPROTECT\00001357.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.20:C:\RECYCLER\NPROTECT\00001359.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.20:C:\RECYCLER\NPROTECT\00001402.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.20:C:\RECYCLER\NPROTECT\00001406.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.20:C:\RECYCLER\NPROTECT\00001408.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.22:C:\RECYCLER\NPROTECT\00001349.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.22:C:\RECYCLER\NPROTECT\00001356.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\00001349.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\00001356.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\00001357.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\00001359.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\00001402.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\00001406.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.23:C:\RECYCLER\NPROTECT\00001408.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.24:C:\RECYCLER\NPROTECT\00001349.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.24:C:\RECYCLER\NPROTECT\00001356.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.24:C:\RECYCLER\NPROTECT\00001357.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.24:C:\RECYCLER\NPROTECT\00001359.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.24:C:\RECYCLER\NPROTECT\00001402.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.24:C:\RECYCLER\NPROTECT\00001406.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.24:C:\RECYCLER\NPROTECT\00001408.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00001357.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00001359.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00001402.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00001406.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.25:C:\RECYCLER\NPROTECT\00001408.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.9:C:\RECYCLER\NPROTECT\00001343.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.9:C:\RECYCLER\NPROTECT\00001345.MOZ -> TrackingCookie.Tacoda : Cleaned.
:mozilla.9:C:\RECYCLER\NPROTECT\00001347.MOZ -> TrackingCookie.Tacoda : Cleaned.


::Report end


I didn't know if you wanted me to disinfect in Panda or not so I didn't do anything yet. Let me know
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-27-2006, 11:31 AM   #6 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,860
OS: WinXP and Vista


Hi,

Yes, please continue and perform the online scan at Panda. Be sure to save the report and post the results here. It will not disinfect everything--we will take care of that here.

**Please do not purchase Panda Anti Virus if you are prompted to.**

After you run the scan at Panda and save the results, run a new scan with HijackThis and post the log here as well.

So, I'll need:

Panda results
New HijackThis log
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-27-2006, 01:01 PM   #7 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


Incident Status Location

Adware:adware/keenvalue Not disinfected c:\windows\browserxtras\pn\remove.exe
Potentially unwanted tool:application/myway Not disinfected c:\program files\MyWay
Adware:adware/cydoor Not disinfected c:\windows\cdmxtras
Potentially unwanted tool:application/need2find Not disinfected hkey_local_machine\software\microsoft\windows\currentversion\uninstall\Need2FindBar Uninstall
Spyware:spyware/searchcentrix Not disinfected Windows Registry
Potentially unwanted tool:application/regclean32 Not disinfected hkey_current_user\software\RegistryOptimizer.com
Potentially unwanted tool:application/winfixer2005 Not disinfected hkey_current_user\software\WinSoftware
Potentially unwanted tool:application/altnet Not disinfected hkey_local_machine\software\microsoft\windows\currentversion\app management\arpcache\AltnetDM
Adware:adware/savenow Not disinfected Windows Registry
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Rachel D\Application Data\Mozilla\Firefox\Profiles\hn96uiv4.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Rachel D\Application Data\Mozilla\Firefox\Profiles\hn96uiv4.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Rachel D\Application Data\Mozilla\Firefox\Profiles\hn96uiv4.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Rachel D\Application Data\Mozilla\Firefox\Profiles\hn96uiv4.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Rachel D\Application Data\Mozilla\Firefox\Profiles\hn96uiv4.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Rachel D\Application Data\Mozilla\Firefox\Profiles\hn96uiv4.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Rachel D\Application Data\Mozilla\Firefox\Profiles\hn96uiv4.default\cookies.txt[.bluestreak.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Rachel D\Cookies\rachel_d@atdmt[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Rachel D\Cookies\rachel_d@mediaplex[1].txt
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Possible Virus. Not disinfected C:\Program Files\AOL\Active Security Monitor\SetupDLL.dll
Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\InterMute\SpySubtract\Backup\Clean Session - 1104715984.ssb[C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL]
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
Potentially unwanted tool:Application/Need2Find Not disinfected C:\Program Files\Mozilla Firefox\plugins\NPNd2fn.dll
Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003312.MOZ[.fastclick.net/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003315.MOZ[.fastclick.net/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003321.MOZ[.fastclick.net/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003323.MOZ[.bluestreak.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003323.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003323.MOZ[.fastclick.net/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003331.MOZ[.bluestreak.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003331.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003331.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003333.MOZ[.realmedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003333.MOZ[.bluestreak.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003333.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003333.MOZ[.fastclick.net/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003335.MOZ[.bluestreak.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003335.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003335.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003335.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003335.MOZ[.fastclick.net/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003339.MOZ[.bluestreak.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003339.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003339.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003339.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003339.MOZ[.fastclick.net/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003341.MOZ[.bluestreak.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003341.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003341.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003341.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003341.MOZ[.fastclick.net/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003342.MOZ[.trafficmp.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003342.MOZ[.bluestreak.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003342.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003342.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003342.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003342.MOZ[.fastclick.net/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003345.MOZ[.trafficmp.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003345.MOZ[.bluestreak.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003345.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003345.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003345.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003345.MOZ[.fastclick.net/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003350.MOZ[.casalemedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003350.MOZ[.trafficmp.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003350.MOZ[.realmedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003350.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003350.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003350.MOZ[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003350.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003351.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003351.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003351.MOZ[.casalemedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003351.MOZ[.trafficmp.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003351.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003351.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003354.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003354.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003354.MOZ[.casalemedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003354.MOZ[.trafficmp.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003354.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003354.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003355.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003355.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003355.MOZ[.casalemedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003355.MOZ[.trafficmp.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003355.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003355.MOZ[.fastclick.net/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003359.MOZ[.trafficmp.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003359.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003359.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003359.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003359.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003359.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003361.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003361.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003361.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003361.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003361.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003361.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003366.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003366.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003366.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003366.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003366.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003366.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003369.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003369.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003369.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003369.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003369.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003369.MOZ[.fastclick.net/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003371.MOZ[.trafficmp.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003371.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003371.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003371.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003371.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003371.MOZ[.fastclick.net/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003380.MOZ[.trafficmp.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003380.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003380.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003380.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003380.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003380.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003382.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003382.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003382.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003382.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003382.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003382.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003385.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003385.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003385.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003385.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003385.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003385.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003390.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003390.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003390.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003390.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003390.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003390.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003393.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003393.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003393.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003393.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003393.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003393.MOZ[.fastclick.net/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003396.MOZ[.trafficmp.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003396.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003396.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003396.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003396.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003396.MOZ[.fastclick.net/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003397.MOZ[.trafficmp.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003397.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003397.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003397.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003397.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003397.MOZ[.fastclick.net/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003402.MOZ[.fastclick.net/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003402.MOZ[.trafficmp.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003402.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003402.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003402.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003402.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003405.MOZ[.trafficmp.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003405.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003405.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003405.MOZ[.mediaplex.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003405.MOZ[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003405.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003407.MOZ[.casalemedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003407.MOZ[.trafficmp.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003407.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003407.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003407.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003407.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003411.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003411.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003411.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003411.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003411.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003411.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003412.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003412.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003412.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003412.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003412.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003412.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003416.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003416.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003416.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003416.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003416.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003416.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003422.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003422.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003422.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003422.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003422.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003422.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003423.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003423.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003423.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003423.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003423.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003423.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003426.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003426.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003426.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003426.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003426.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003426.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003444.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003444.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003444.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003444.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003444.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003444.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003450.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003450.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003450.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003450.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003450.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003450.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003454.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003454.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003454.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003454.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003454.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003454.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003468.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003468.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003468.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003468.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003468.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003468.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003476.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003476.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003476.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003476.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003476.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003476.MOZ[.bluestreak.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003478.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003478.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003478.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003478.MOZ[.realmedia.com/]
Last edited by red1152; 10-27-2006 at 01:05 PM.
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-27-2006, 01:20 PM   #8 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003478.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003478.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003478.MOZ[.bluestreak.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003484.MOZ[.adrevolver.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003484.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003484.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003484.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003484.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003484.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003484.MOZ[.bluestreak.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003488.MOZ[.adrevolver.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003488.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003488.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003488.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003488.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003488.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003488.MOZ[.bluestreak.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003491.MOZ[.adrevolver.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003491.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003491.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003491.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003491.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003491.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003491.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003493.MOZ[.fastclick.net/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003493.MOZ[.adrevolver.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003493.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003493.MOZ[.casalemedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003493.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003493.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003493.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003496.MOZ[.fastclick.net/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003496.MOZ[.adrevolver.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003496.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003496.MOZ[.casalemedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003496.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003496.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003496.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003497.MOZ[.fastclick.net/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003497.MOZ[.adrevolver.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003497.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003497.MOZ[.casalemedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003497.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003497.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003497.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003503.MOZ[.fastclick.net/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003503.MOZ[.adrevolver.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003503.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003503.MOZ[.casalemedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003503.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003503.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003503.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003504.MOZ[.fastclick.net/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003504.MOZ[.adrevolver.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003504.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003504.MOZ[.casalemedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003504.MOZ[.realmedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003504.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003504.MOZ[.bluestreak.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003509.MOZ[.fastclick.net/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003509.MOZ[.adrevolver.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003509.MOZ[.trafficmp.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003509.MOZ[.casalemedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003509.MOZ[.realmedia.com/]
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-27-2006, 01:22 PM   #9 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003745.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003745.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003758.MOZ[.casalemedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003758.MOZ[.fastclick.net/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003758.MOZ[.adrevolver.com/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003758.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003758.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003758.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003758.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003759.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003759.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003759.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003759.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003759.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003759.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003759.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003762.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003762.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003762.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003762.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003762.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003762.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003762.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003768.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003768.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003768.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003768.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003768.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003768.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003768.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003777.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003777.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003777.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003777.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003777.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003777.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003777.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003782.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003782.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003782.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003782.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003782.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003782.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003782.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003786.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003786.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003786.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003786.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003786.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003786.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003786.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003789.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003789.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003789.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003789.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003789.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003789.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003789.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003791.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003791.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003791.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003791.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003791.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003791.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003791.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003794.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003794.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003794.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003794.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003794.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003794.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003794.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003796.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003796.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003796.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003796.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003796.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003796.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003796.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003797.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003797.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003797.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003797.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003797.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003797.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003797.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003799.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003799.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003799.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003799.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003799.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003799.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003799.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003804.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003804.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003804.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003804.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003804.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003804.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003804.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003805.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003805.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003805.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003805.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003805.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003805.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003805.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003813.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003813.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003813.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003813.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003813.MOZ[.trafficmp.com/]
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-27-2006, 01:23 PM   #10 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003813.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003813.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003822.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003822.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003822.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003822.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003822.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003822.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003822.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003832.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003832.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003832.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003832.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003832.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003832.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003832.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003886.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003886.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003886.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003886.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003886.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003886.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003886.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00003904.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00003904.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00003904.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00003904.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00003904.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00003904.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00003904.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004099.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004099.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004099.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004099.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004099.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004099.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004099.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004102.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004102.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004102.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004102.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004102.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004102.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004102.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004103.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004103.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004103.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004103.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004103.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004103.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004103.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004108.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004108.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004108.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004108.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004108.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004108.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004108.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004112.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004112.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004112.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004112.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004112.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004112.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004112.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004114.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004114.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004114.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004114.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004114.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004114.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004114.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004121.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004121.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004121.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004121.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004121.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004121.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004121.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004122.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004122.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004122.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004122.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004122.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004122.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004122.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004127.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004127.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004127.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004127.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004127.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004127.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004127.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004129.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004129.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004129.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004129.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004129.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004129.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004129.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004132.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004132.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004132.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004132.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004132.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004132.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004132.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004133.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004133.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004133.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004133.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004133.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004133.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004133.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004134.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004134.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004134.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004134.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004134.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004134.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004134.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004136.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004136.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004136.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004136.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004136.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004136.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004136.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004140.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004140.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004140.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004140.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004140.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004140.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004140.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004141.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004141.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004141.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004141.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004141.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004141.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004141.MOZ[.bluestreak.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\RECYCLER\NPROTECT\00004144.MOZ[.casalemedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\RECYCLER\NPROTECT\00004144.MOZ[.adrevolver.com/]
Spyware:Cookie/FastClick Not disinfected C:\RECYCLER\NPROTECT\00004144.MOZ[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00004144.MOZ[.realmedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\RECYCLER\NPROTECT\00004144.MOZ[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\RECYCLER\NPROTECT\00004144.MOZ[.mediaplex.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\RECYCLER\NPROTECT\00004144.MOZ[.bluestreak.com/]

Logfile of HijackThis v1.99.1
Scan saved at 3:23:50 PM, on 10/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1100968254\ee\AOLSoftware.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
c:\program files\common files\aol\1100968254\ee\services\antiSpywareApp\ver2_0_25_1\AOLSP Scheduler.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
c:\program files\common files\aol\1100968254\ee\aolsoftware.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uncw.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.joltid.com/index.php/peer...p2p_networking
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100968254\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [GoBack Install] C:\Documents and Settings\All Users\Application Data\AOL Downloads\CCU_SUITE_1.1.10.4\setup.exe /minor2
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Glad that's over with!!
Last edited by red1152; 10-27-2006 at 01:25 PM.
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-27-2006, 08:57 PM   #11 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,860
OS: WinXP and Vista


Hi red1152,

I know that online scan took forever. We'll take care of emptying your Norton Proteced Recycle bin in a few moments so future scans won't take as long.

Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

***************************************************

Download combofix from one of these locations: **Save it to your desktop**

Do not run it yet.

***************************************************

Please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Use the up arrow key to highlight Safe Mode and press Enter.
5) Login with your usual account. Make sure to close any open browsers.

-----------------------------------

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if it exists:

MyWay

-----------------------------------

Open HijackThis and click on 'Do a System Scan Only'. Check the following entry:

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE


Click 'Fix Checked' and close HijackThis.

-----------------------------------

Using My Computer, navigate to and delete the following Files and Folders if they still exist.

c:\windows\ browserxtras
c:\program files\ MyWay
c:\windows\ cdmxtras
C:\Program Files\Mozilla Firefox\plugins\ NPMyGlSh.dll
C:\Program Files\Mozilla Firefox\plugins\ NPNd2fn.dll

-----------------------------------

To empty your Norton Protected Recycle Bin, right click on your recycle bin as usual and choose “Empty Norton Protected Files

-----------------------------------

Clear Mozilla Firefox cookies:
Open the Mozilla Browser, (you do not need to be online to do this) Click Tools>Options>Privacy>Cookies>Clear

-----------------------------------

Reboot into Normal Mode.

-----------------------------------

Double click on combofix.exe & follow the prompts.
When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

-----------------------------------

I have some registry fixes to do as well, but before I go pulling out those entries, I need to see an Uninstall List:

Create an Uninstall List:
Open HijackThis
*Click on the "Configure" button on the bottom right
*Click on the tab "Misc Tools"
*Click on the Box that says "Open Uninstall Manager"
*Click on the button "Save list"
The list will automatically be saved in your HijackThis folder.

Please copy and paste the uninstall_list.txt here.

Please include the following in your next reply:

uninstall_list.txt
ComboFix.txt
New HijackThis log
Update on your system behavior
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-27-2006, 10:38 PM   #12 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


Active Security Monitor 1.0.0.315
Ad-Aware SE Personal
Adobe Download Manager 2.0 (Remove Only)
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 7.0.8
Adobe Shockwave Player
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Apple Software Update
AVG Anti-Spyware 7.5
BitTorrent 3.4.2
Bonjour
CC_ccProxyMSI
CC_ccStart
ccCommon
CCScore
CheckIt Diagnostics
CleanUp!
Compaq Connections
Compaq Instant Support
Compaq Organize
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
essvcpt
GdiplusUpgrade
Google Toolbar for Internet Explorer
HijackThis 1.99.1
HLPPDOCK
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
HP Image Zone 3.5
HP PSC & OfficeJet 3.5
HP Software Update
IntelliMover Data Transfer Demo
Internet Worm Protection
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
iPod for Windows 2006-01-10
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_03
KBD
kgcbase
Kodak EasyShare software
KSU
Laureate Learning Systems Demo
Learn2 Player (Uninstall Only)
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Memories Disc Creator 2.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Standard for Students and Teachers
Microsoft Plus! Digital Media Edition
Mozilla Firefox (1.5.0.7)
MSRedist
MSRedist
Norton AntiVirus 2005
Norton AntiVirus Parent MSI
Norton GoBack 4.0 (Symantec Corporation)
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Personal Firewall
Norton Personal Firewall (Symantec Corporation)
Norton SystemWorks
Norton SystemWorks 2005 (Symantec Corporation)
Norton Utilities
Norton WMI Update
Norton WMI Update
Notifier
NSW_DRM_COLLECTION
OfotoXMI
OTtBP
OTtBPSDK
overland
Panda ActiveScan
PC-Doctor for Windows
PS2
Pure Networks Port Magic
QuickTime
RealOne Player
RecordNow!
Rhapsody Player Engine
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
SFR
SHASTA
Sierra On-Line Games (Remove only)
Sierra Utilities
SimCoaster
SKIN0001
SKINXSDK
Sonic Update Manager
SPBBC
staticcr
Symantec Script Blocking Installer
SymNet
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
VIA Rhine-Family Fast Ethernet Adapter
VIA/S3G Display Driver
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
VPRINTOL
Watchtower Library 2004 - English Edition
Windows Defender
Windows Defender Signatures
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WIRELESS

Rachel D - 06-10-28 0:30:05.51 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Rachel D\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-09-28 to 2006-10-28 ))))))))))))))))))))))))))))))))))


2006-10-26 22:21 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-10-22 01:00 15,520,048 --a--c--- C:\IE7-WindowsXP-x86-enu.exe
2006-10-22 00:09 3,029,264 --a------ C:\ASM_AOL_1.0.0.315.exe
2006-10-17 13:33 6,049,280 --------- C:\WINDOWS\system32\ieframe.dll
2006-10-17 13:33 50,688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-10-17 13:33 458,752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-10-17 13:33 180,736 --------- C:\WINDOWS\system32\ieui.dll
2006-10-17 13:05 206,336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 13:01 13,312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-10-17 12:58 61,952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 12:58 12,288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 12:57 266,752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 12:27 380,928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-11 11:04 855,856 --a------ C:\WGAPluginInstall.exe


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-28 00:23 -------- d-------- C:\Program Files\Common Files
2006-10-28 00:20 -------- d-------- C:\Program Files\Mozilla Firefox
2006-10-27 12:59 -------- d-------- C:\Program Files\Windows Defender
2006-10-27 12:57 -------- d-------- C:\Program Files\QuickTime
2006-10-27 12:52 -------- d-------- C:\Program Files\Norton Personal Firewall
2006-10-27 12:51 -------- d-------- C:\Program Files\Messenger
2006-10-27 12:47 -------- d-------- C:\Program Files\iTunes
2006-10-27 12:45 -------- d-------- C:\Program Files\Internet Explorer
2006-10-27 12:39 -------- d-------- C:\Program Files\Google
2006-10-27 12:38 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2006-10-27 12:38 -------- d-------- C:\Program Files\Common Files\Scanner
2006-10-27 12:34 -------- d-------- C:\Program Files\Bonjour
2006-10-27 01:59 -------- d-------- C:\Program Files\Common Files\aolshare
2006-10-26 22:39 -------- d-------- C:\Program Files\CleanUp!
2006-10-26 22:21 -------- d-------- C:\Program Files\Grisoft
2006-10-26 22:15 -------- d-------- C:\Program Files\Java
2006-10-26 16:21 91528 --a------ C:\Documents and Settings\Rachel D\Application Data\GDIPFONTCACHEV1.DAT
2006-10-25 19:17 -------- d-------- C:\Documents and Settings\Rachel D\Application Data\Lavasoft
2006-10-25 19:16 -------- d-------- C:\Program Files\Lavasoft
2006-10-25 17:39 -------- d-------- C:\Program Files\Norton SystemWorks
2006-10-22 20:51 -------- d-------- C:\Program Files\iPod
2006-10-22 20:44 -------- d-------- C:\Program Files\Apple Software Update
2006-10-22 20:43 36656704 --a--c--- C:\iTunesSetup.exe
2006-10-22 00:11 -------- d-------- C:\Documents and Settings\Rachel D\Application Data\Sereniti
2006-10-22 00:10 -------- d-------- C:\Program Files\AOL
2006-10-21 15:39 -------- d-------- C:\Documents and Settings\Rachel D\Application Data\Mozilla
2006-10-17 13:33 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-10-17 13:33 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-10-17 13:33 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-10-17 13:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 13:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 13:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 13:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 13:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 13:01 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-10-17 13:01 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-10-17 13:01 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-10-17 13:01 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-10-17 13:01 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-10-17 13:00 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-10-17 13:00 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-10-17 13:00 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-10-17 12:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 12:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 12:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 12:23 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-10-11 11:14 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-11 02:47 -------- d-------- C:\Program Files\Common Files\Smith Micro Shared
2006-10-11 02:47 -------- d-------- C:\Program Files\CheckIt
2006-10-11 00:57 -------- d-------- C:\Program Files\Symantec
2006-10-01 19:02 -------- d-------- C:\Program Files\Common Files\AOL
2006-09-25 23:42 -------- d-------- C:\Program Files\America Online 9.0b
2006-09-24 17:16 1090 --a------ C:\Documents and Settings\Rachel D\Application Data\AdobeDLM.log
2006-09-24 17:16 0 --a------ C:\Documents and Settings\Rachel D\Application Data\dm.ini
2006-09-15 22:52 91904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2006-09-15 22:52 124016 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-09-13 01:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-06 17:43 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-08-30 16:35 -------- d---s---- C:\Documents and Settings\Rachel D\Application Data\Microsoft
2006-08-25 11:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 08:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 05:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-16 07:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-08-15 19:17 13130032 --a------ C:\IE7BETA3-WindowsXP-x86-enu.exe
2006-08-03 23:39 359112 --a------ C:\LimeWireWin.exe
2006-07-28 15:41 5119896 --a--c--- C:\Firefox Setup 1.5.0.5.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"RecordNow!"=""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"KBD"="C:\\HP\\KBD\\KBD.EXE"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"VTTimer"="VTTimer.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"AOLDialer"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"
"Pure Networks Port Magic"="\"C:\\PROGRA~1\\PURENE~1\\PORTMA~1\\PortAOL.exe\" -Run"
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"ViewMgr"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1100968254\\ee\\AOLSoftware.exe"
"UpdateManager"="\"c:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"IPHSend"="C:\\Program Files\\Common Files\\AOL\\IPHSend\\IPHSend.exe"
"GoBack Install"="C:\\Documents and Settings\\All Users\\Application Data\\AOL Downloads\\CCU_SUITE_1.1.10.4\\setup.exe /minor2"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"ASM"="\"C:\\Program Files\\AOL\\Active Security Monitor\\ASMonitor.exe\" HIDEMAIN"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex]
@=""

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,12,03,00,00,23,00,00,00,dc,00,00,00,d2,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoDrives"=dword:00000000
"NoViewOnDrive"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll"



~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20061028-001610-621
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
backup-20061026-225207-155
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
backup-20061026-225207-340
O3 - Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - (no file)
backup-20061026-225206-278
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
backup-20061026-225206-967
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Rachel D.job
C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
C:\WINDOWS\tasks\schedule.job
C:\WINDOWS\tasks\Symantec Drmc.job
C:\WINDOWS\tasks\WebReg 20040930014043.job

Completion time: 06-10-28 0:32:09.20
C:\ComboFix.txt ... 06-10-28 00:32

Logfile of HijackThis v1.99.1
Scan saved at 12:38:34 AM, on 10/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1100968254\ee\AOLSoftware.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
c:\program files\common files\aol\1100968254\ee\services\antiSpywareApp\ver2_0_25_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1100968254\ee\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uncw.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.joltid.com/index.php/peer...p2p_networking
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100968254\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [GoBack Install] C:\Documents and Settings\All Users\Application Data\AOL Downloads\CCU_SUITE_1.1.10.4\setup.exe /minor2
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe


The only change I have really noticed is that internet explorer seems to be running much faster than it was before. It used to run incredibly slow.
Last edited by red1152; 10-27-2006 at 10:41 PM.
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-28-2006, 05:52 PM   #13 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,860
OS: WinXP and Vista


Hi,

Download the attached red1152.zip file to your desktop.

Double click on the zip folder, then double click on the .reg file within. Click yes to allow it to merge into your registry.

Reboot your system.

Please describe your remaining issues in as much detail as possible for me.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Last edited by Ried; 12-30-2006 at 06:34 PM.
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-28-2006, 09:42 PM   #14 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


I didn't notice any changes...Here are some problems that I can think of off the top my head
  1. Computer frequently freezes when I try to restart or shut down
  2. Can't change my background because I have missing tabs under display properties
  3. Missing icons in my taskbar
  4. Can't view pictures in AOL
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-29-2006, 10:23 AM   #15 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


Also, when I am starting up my computer, I get a black screen that asks if I want Windows XP Home Edition or Windows XP Console...Another annoying thing is that an AOL folder pops up when XP starts...I never told it to do this so I dunno....
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-29-2006, 04:25 PM   #16 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


By the way, I can see pictures in AOL now I was able to fix that but the rest still I cannot fix
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-29-2006, 05:10 PM   #17 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,860
OS: WinXP and Vista


I'm still checking into all these issues..can you please clarify what you mean by the AOL folder pops up? Is there any sort of message that accompanies that?

Let's try invoking Windows File Protection.

Go to the Run box on the Start Menu and type in or copy/paste sfc /scannow (there is a space between sfc and /)

This command will immediately initiate the Windows File Protection service to scan all protected files and verify their integrity, replacing any files with which it finds a problem. If any problems are found, you will be prompted to insert the Windows XP install disc so have it handy.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-29-2006, 07:42 PM   #18 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


I ran the scan, the bar went all the way across then the screen went away. I restarted. There is no message when the AOL folder opens, it is just as if I told the computer to open the folder. Here is the location of the folder:

C:/Documents and Settings/All Users/Application Data/AOL

I don't know if that helps you or not...
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-29-2006, 10:24 PM   #19 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,860
OS: WinXP and Vista


Hiya,

This is looking more and more as if it's software/Windows issues rather than malware. I realize it's time consuming, but I'd like to try another online scanner and see if it detects anything:

Please perform an online scan with Internet Explorer at Kaspersky Online Scanner

Answer Yes, when prompted to install an ActiveX component.
  • The program will then begin downloading the latest definition files.
  • Once the files have been downloaded click on NEXT
  • Locate the Scan Settings button & configure to:
    • Scan using the following Anti-Virus database:
      • Extended
    • Scan Options:
      • Scan Archives
      • Scan Mail Bases
  • Click OK & have it scan My Computer
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  • Click the Save as Text button to save the file to your desktop so that you may post it in your next reply along with a new HijackThis log.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 10-31-2006, 04:59 PM   #20 (permalink)
Registered User
 
Join Date: Oct 2006
Location: North Carolina
Posts: 62
OS: XP SP2, Media Center 2005


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, October 31, 2006 6:57:15 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 31/10/2006
Kaspersky Anti-Virus database records: 236783
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\

Scan Statistics:
Total number of scanned objects: 110839
Number of viruses found: 8
Number of infected objects: 23 / 0
Number of suspicious objects: 0
Duration of the scan process: 02:31:49

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\ph Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\variable Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\idb\APP10289.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\idb\APP10560.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\idb\APP10575.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\idb\APP74.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\idb\PinKPolkADoT19\mydb.idx Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\idb\PinKPolkADoT19\style.lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\idb\PinKPolkADoT19\toolbar.lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\idb\SNMaster.idx Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\organize\CACHE\pinkpolkadot02 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\organize\pinkpolkadot 19.abi Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\organize\pinkpolkadot 19.aby Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\C_America Online 9.0b\organize\pinkpolkadot19 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aolstderr.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aolstdout.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aoltsmon.lock Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\cache.db Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\server.lock Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0942759d0a1436b04b7d4a2f8da28017_10a40184-b53e-482d-9dfb-195992e10b51 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c39069adf1ca52b2581bc26d31efb69b_10a40184-b53e-482d-9dfb-195992e10b51 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c4d6a066ccc842ef169f653b3933a745_10a40184-b53e-482d-9dfb-195992e10b51 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ea563f5ed0b8ea72081a19b9b561dd25_10a40184-b53e-482d-9dfb-195992e10b51 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\WDLog-10112006-111434.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-10-31_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Rachel D\Application Data\AOL\C_America Online 9.0b\IDB\Apps.Lst Object is locked skipped
C:\Documents and Settings\Rachel D\Application Data\AOL\C_America Online 9.0b\IDB\art.idx Object is locked skipped
C:\Documents and Settings\Rachel D\Application Data\AOL\C_America Online 9.0b\IDB\sap.dat Object is locked skipped
C:\Documents and Settings\Rachel D\Application Data\AOL\C_America Online 9.0b\IDB\spool.lst Object is locked skipped
C:\Documents and Settings\Rachel D\Application Data\AOL\C_America Online 9.0b\IDB\sysnews.lst Object is locked skipped
C:\Documents and Settings\Rachel D\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\AOL\DTS\Index\MainChunk\Documents.dfd Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\AOL\DTS\Index\MainChunk\Documents.did Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\AOL\DTS\Index\MainChunk\Documents.dsd Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\AOL\DTS\Index\MainChunk\Keywords.kdb Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\AOL\DTS\Index\MainChunk\Keywords.kdl Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\AOL\DTS\Index\MainChunk\Keywords.kib Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\AOL\DTS\Index\MainChunk\Keywords.kpf Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\AOL\DTS\Index\MainChunk\Keywords.ksb Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Temp\12.tmp Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Rachel D\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Rachel D\ntuser.dat Object is locked skipped
C:\Documents and Settings\Rachel D\ntuser.dat.LOG Object is locked skipped
C:\gobackio.bin Object is locked skipped
C:\hp\bin\KillWind.exe Infected: not-a-virus:RiskTool.Win32.PsKill.p skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPStop.log Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\chandir.dat Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\chandir.idx Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\chn.dat Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\chn.idx Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\inuse.txt Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\L0000005.FCS Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\main.log Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\prs.dat Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\prs.idx Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\prs_die.dat Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\prs_die.idx Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\storydb.dat Object is locked skipped
C:\Program Files\Compaq Connections\1940576\Users\Default\Data\storydb.idx Object is locked skipped
C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped
C:\Program Files\InterMute\SpySubtract\Backup\Clean Session - 1104715984.ssb/C:/Program Files/MyWay/myBar/1.bin/NPMYWAY.DLL Infected: not-a-virus:AdWare.Win32.MyWay.f skipped
C:\Program Files\InterMute\SpySubtract\Backup\Clean Session - 1104715984.ssb CAB: infected - 1 skipped
C:\Program Files\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.me Object is locked skipped
C:\Program Files\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.mm Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\BWKDLogs\BWTargetInf.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\inuse.txt Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\L0000007.FCS Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\main.log Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.dat Object is locked skipped
C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.idx Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0FBC3478.exe/stream Infected: not-a-virus:AdWare.Win32.404Search.h skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0FBC3478.exe NSIS: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0FBC3478.exe CryptFF: infected - 1 skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14742C4E.htm Infected: Trojan-Downloader.HTML.Agent.aq skipped
C:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
C:\System Volume Information\catalog.wci\0001000E.ci Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP529\A0097578.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107025.EXE/WISE0026.BIN/clientax.dll Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107025.EXE/WISE0026.BIN Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107025.EXE WiseSFX: infected - 2 skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107025.EXE WiseSFX Dropper: infected - 2 skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107033.EXE/WISE0026.BIN/clientax.dll Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107033.EXE/WISE0026.BIN Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107033.EXE WiseSFX: infected - 2 skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107033.EXE WiseSFX Dropper: infected - 2 skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107034.EXE/WISE0026.BIN/clientax.dll Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107034.EXE/WISE0026.BIN Infected: not-a-virus:AdWare.Win32.180Solutions.ao skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107034.EXE WiseSFX: infected - 2 skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP575\A0107034.EXE WiseSFX Dropper: infected - 2 skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP627\A0120977.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP627\A0120978.dll Infected: not-a-virus:AdWare.Win32.MyWebSearch.o skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP627\A0120981.DLL Infected: not-a-virus:AdWare.Win32.MyWay.g skipped
C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP629\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{176076A6-5CBF-49E5-B830-D052C503A939}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
red1152 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
 
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 01:15 PM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85