Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads
Reload this Page IE7 Search Result Link Hijack
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


Resolved HJT Threads Resolved spyware and popup issues.

 
 
LinkBack Thread Tools
Old 01-21-2007, 07:13 PM   #1 (permalink)
Registered User
 
Join Date: Jan 2007
Location: Nashville, TN
Posts: 12
OS: Vista Enterprise, XP Home


IE7 Search Result Link Hijack
First of all, a brief introduction... My name is Nathan and I would like to take a moment to thank anyone in advance for their assistance. Anytime good people volunteer their time to help others in any capacity I like to stop and acknowledge their sacrifice. So, THANK YOU!

As the thread title indicates, my IE7 has been hijacked when attempting to follow google / yahoo etc search links I am taken to seemingly random search pages (like toseeka.com) irrelevant to the link originally provided.

I have followed the 5 Step instructions in the "Please, Read This Before Posting A Hijackthis Log." Sticky (from the looks of it most people do not follow these steps but I digress..) Anyway no viri (I used the online scanners but I've had McAfee VirusScan installed and updated daily for years)... Ad-Aware SE w/ add-in and Spybot Search & Destroy both are updated and ran weekly but all they ever find are tracking cookies. Nothing unusual in my Add / Remove Programs... I've used Windows CleanUp! All to no avail.

It should be noted that I use Firefox 99% of the time for my surfing and it does not suffer at all from whatever has IE bound up.

Note 1: Core.exe is from EA Games and is used to play Battlefield 2142 which was purchased online. This was installed AFTER the symptoms started.

Note 2: Nielsen NetRatings is also something I knowingly installed (they pay me to monitor my surfing)... Again, this was installed AFTER the symptoms started.

Below is my HijackThis scan log. I will subscribe to this thread and patiently await any assistance you can provide. Thanks again!

Logfile of HijackThis v1.99.1
Scan saved at 8:16:44 PM, on 1/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Saitek\Software\Profiler.exe
C:\Program Files\Saitek\Software\SaiSmart.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Belkin\Nostromo\nost_LM.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\NielsenNetratings\bin\insight.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\CleanUp!\cleanup.exe
C:\hjt\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8010
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = setup.msn.com;memberservices.msn.com
O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Logitech Desktop Messenger] C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Nathan\NewVersion\setup-8876480.exe /NoIntervention
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Loadout Manager.lnk = C:\Program Files\Belkin\Nostromo\nost_LM.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Nielsen NetRatings.lnk = C:\Program Files\NielsenNetratings\bin\insight.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.dotphoto.com/DPImageUploader.cab
O18 - Protocol: bw+0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
__________________
Regards,

Nathan
Last edited by SwingWing; 01-21-2007 at 07:16 PM.
SwingWing is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here

Old 01-21-2007, 07:23 PM   #2 (permalink)
Registered User
 
Join Date: Jan 2007
Location: Nashville, TN
Posts: 12
OS: Vista Enterprise, XP Home


One more thing I noticed which may be unrelated. If I click on the Tools menu for IE7 I ge the following error:

McAfee AutoUpdate:UpdaterUI.exe - Entry Point Not Found

The procedure entry point GetProcessImageFileNameW could not be located in the dynamic link library PSAPI.DLL

Checking McAfee VirusScan, it's up to date as of 1/19/2007... Not sure what this error is all about, or why it would ONLY show up when I click on the tools menu.
__________________
Regards,

Nathan
SwingWing is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-23-2007, 01:41 PM   #3 (permalink)
Registered User
 
Join Date: Jan 2007
Location: Nashville, TN
Posts: 12
OS: Vista Enterprise, XP Home


Bump
BUMP

A little shy of 48 hours but nobody has viewed this thread since the night I posted it. Thanks in advance!
__________________
Regards,

Nathan
SwingWing is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-24-2007, 09:57 PM   #4 (permalink)
Registered User
 
Join Date: Jan 2007
Location: Nashville, TN
Posts: 12
OS: Vista Enterprise, XP Home


72 hours??

nevermind, fixed on my own by following the instructions given to a user who had a similar problem.

Sure is lonely in my thread, is that an echo I hear???
__________________
Regards,

Nathan
Last edited by SwingWing; 01-24-2007 at 09:59 PM.
SwingWing is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-25-2007, 07:51 AM   #5 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 27,038
OS: WinXP and Vista


Hello Nathan and welcome to TSF,

Our apologies for the delay. As you can see, we are swamped here with HijackThis logs. We do our best to try to get to as many as we can as quickly as we can, but as you must have noted in the "5-Steps' thread we volunteer our time, have jobs and families and can only do so much.

I'm pleased you found a resolution to your issue. Did you use AVG A-S? By any chance have you done an online scan to search for remnants and other files that may be lurking?

If you'd care to, please post a fresh HijackThis log and I'd be happy to continue the cleansing process with you.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-25-2007, 05:52 PM   #6 (permalink)
Registered User
 
Join Date: Jan 2007
Location: Nashville, TN
Posts: 12
OS: Vista Enterprise, XP Home


Hello Ried, thank you for the response!

I followed the advice given to another use seen here:
http://www.techsupportforum.com/secu...e-results.html

I had some nasty stuff on my computer, including a key logger!

Anyway I followed all his instructions including using the FixWareout tool. Not sure if this is what I had but the other person seemed to have the exact same symptoms.

Interesting to note - the error I spoke of in post #2 above is also gone.

I did save my logs and here they are.

AVG Scan Report:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:41:47 PM 1/24/2007

+ Scan result:



HKU\S-1-5-21-1229272821-1336601894-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5BED3930-2E9E-76D8-BACC-80DF2188D455} -> Adware.CouponBar : Cleaned with backup (quarantined).
C:\WINDOWS\cpbrkpie.ocx -> Adware.Coupons : Cleaned with backup (quarantined).
HKU\S-1-5-21-1229272821-1336601894-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} -> Adware.Generic : Cleaned with backup (quarantined).
H:\91705_desktopbackupforreload\nbpro\DOWNLOAD\alt.binaries.cd.image\Boatload_of_PhotoShop_Plug-Ins.part27.rar/Panopticum All in 1 One Pack\Panopticum Alpha Strip v1.1\Panopticum AlphaStrip V1.1 Full-Crack.exe -> Backdoor.Theef.111 : Cleaned with backup (quarantined).
H:\91705_desktopbackupforreload\nbpro\DOWNLOAD\alt.binaries.cd.image\PhotoShop Plugin Collection v1.part38.rar/PhotoShop Plugin Collection v1\Panopticum\Panopticum Alpha Strip v1.1\Panopticum AlphaStrip V1.1 Full-Crack.exe -> Backdoor.Theef.111 : Cleaned with backup (quarantined).
H:\91705_desktopbackupforreload\nbpro\DOWNLOAD\alt.binaries.cd.image\Boatload_of_PhotoShop_Plug-Ins.part11.rar/CRAWJPEG2000PBv10\-= Keygen Photoshop v7.0 =-\KeyGenPhotoShop7.exe -> Logger.Delf.ncs : Cleaned with backup (quarantined).
H:\91705_desktopbackupforreload\nbpro\DOWNLOAD\alt.binaries.cd.image\Boatload_of_PhotoShop_Plug-Ins.part24.rar/KeyGen\APv70\KeyGenPhotoShop7.exe -> Logger.Delf.ncs : Cleaned with backup (quarantined).
H:\91705_desktopbackupforreload\nbpro\DOWNLOAD\alt.binaries.cd.image\PhotoShop Plugin Collection v1.part01.rar/PhotoShop Plugin Collection v1\AlienSkin\AlienSkinImageDoctor 1.0.1\LS_Alien_Skin_Image_Doctor_v1.0.1_Demo.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
H:\91705_desktopbackupforreload\nbpro\DOWNLOAD\alt.binaries.cd.image\PhotoShop Plugin Collection v1.part01.rar/PhotoShop Plugin Collection v1\AlienSkin\AlienSkinSplat! 1.0.5\LS_Alien_Skin_Splat_v1.0.5_Demo.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
H:\91705_desktopbackupforreload\nbpro\DOWNLOAD\alt.binaries.cd.image\PhotoShop Plugin Collection v1.part02.rar/PhotoShop Plugin Collection v1\AlienSkin\AlienSkinXenofex 2.0.0\LS_Alien_Skin_Xenofex_v2.0.0_Demo .exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Cleaned with backup (quarantined).
:mozilla.10:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.11:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.12:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.13:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.14:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.15:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.16:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.17:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.18:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.19:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.20:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.21:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.31:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.32:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.33:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.34:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.379:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.564:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.6:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.8:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.9:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.309:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.310:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.515:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.347:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.348:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.349:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.350:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.351:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.215:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.216:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.258:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.259:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.261:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.262:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.263:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.531:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.532:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.122:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.123:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.124:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.126:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.127:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.128:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.129:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.130:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.131:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.132:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.133:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.134:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.135:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.136:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.137:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.138:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.139:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.65:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.66:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.67:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.68:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.69:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.70:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.71:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.72:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.73:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.74:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.75:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.76:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.77:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.78:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.79:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.80:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.81:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.82:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.83:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.84:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.85:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.86:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.87:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.88:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.89:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.90:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.125:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.6:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.249:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.282:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.337:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.836:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
H:\WorkLaptop\NHARWOOD\Cookies\nharwood@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.122:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.548:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
H:\91705_desktopbackupforreload\Nathan\Cookies\nathan@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
H:\WorkLaptop\NHARWOOD\Cookies\nharwood@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.57:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.58:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.59:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.60:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.61:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.62:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.63:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.142:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.143:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.176:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.177:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.252:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.253:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.264:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.265:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.387:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Co : Cleaned.
:mozilla.182:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.183:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.296:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.117:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.46:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.574:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.575:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.576:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.89:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.93:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.94:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.94:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.95:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.95:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.96:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.97:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.119:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.120:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.52:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.53:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.54:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.55:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.56:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.328:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.119:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.121:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.157:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.158:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.321:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.440:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.45:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.46:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.47:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.107:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.501:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Information : Cleaned.
H:\WorkLaptop\NHARWOOD\Cookies\nharwood@searchportal.information[1].txt -> TrackingCookie.Information : Cleaned.
:mozilla.302:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.303:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.326:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.327:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.328:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.459:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.460:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.461:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.785:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.786:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.787:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.788:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.789:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.790:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.791:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.792:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.325:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.113:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.91:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.794:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.795:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.796:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.797:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.150:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.451:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.254:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
H:\WorkLaptop\NHARWOOD\Cookies\nharwood@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned.
:mozilla.291:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.292:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.293:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.294:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.362:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.363:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.364:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.365:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.366:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.141:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.240:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.805:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
:mozilla.106:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.474:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.585:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.696:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.697:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.698:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.699:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.752:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.144:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.145:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.146:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.299:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.300:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
H:\WorkLaptop\NHARWOOD\Cookies\nharwood@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.703:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.280:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.281:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.282:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.283:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.284:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.285:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.286:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.287:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.288:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.289:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.509:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.266:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.267:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.268:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.269:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.270:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.23:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.24:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.25:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.26:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.49:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.50:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.51:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.12:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.304:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.306:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.718:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.7:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
H:\91705_desktopbackupforreload\Nathan\Cookies\nathan@server3.web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.298:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.464:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.142:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.143:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.144:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.338:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.339:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.340:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.341:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.342:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.343:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.344:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.345:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.346:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
H:\91705_desktopbackupforreload\Nathan\Cookies\nathan@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
H:\WorkLaptop\NHARWOOD\Cookies\nharwood@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.133:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.134:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.135:H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.147:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.148:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.149:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.150:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.151:H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


::Report end




Activescan-


Incident Status Location

Spyware:spyware/premeter Not disinfected Windows Registry
Virus:W32/Netsky.Z.worm Disinfected E:\Desktop\SimPlates2004\OtherStuff_WSS Related\backup-thewssclan.com-5-18-2004.tar.gz[E:\Desktop\SimPlates2004\OtherStuff_WSS Related\backup-thewssclan.com-5-18-2004.tar][./mail/swing/inbox][Informations.zip][Informations.txt
Virus:W32/Netsky.Z.worm Disinfected E:\Desktop\SimPlates2004\OtherStuff_WSS Related\backup-thewssclan.com-5-18-2004.tar.gz[E:\Desktop\SimPlates2004\OtherStuff_WSS Related\backup-thewssclan.com-5-18-2004.tar][./mail/swing/inbox][Bill.zip][Bill.txt
Virus:W32/Netsky.Z.worm Disinfected E:\Desktop\SimPlates2004\OtherStuff_WSS Related\backup-thewssclan.com-5-18-2004.tar.gz[E:\Desktop\SimPlates2004\OtherStuff_WSS Related\backup-thewssclan.com-5-18-2004.tar][./mail/swing/inbox][Data.zip][Data.txt
Spyware:Cookie/Go Not disinfected H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt[.go.com/]
Spyware:Cookie/Atwola Not disinfected H:\91705_desktopbackupforreload\Nathan\Application Data\Mozilla\Firefox\Profiles\tq9p7rgy.default\cookies.txt[.atwola.com/]
Spyware:Cookie/Belnk Not disinfected H:\91705_desktopbackupforreload\Nathan\Cookies\nathan@ath.belnk[1].txt
Spyware:Cookie/Atwola Not disinfected H:\91705_desktopbackupforreload\Nathan\Cookies\nathan@atwola[1].txt
Spyware:Cookie/Banner Not disinfected H:\91705_desktopbackupforreload\Nathan\Cookies\nathan@banner[1].txt
Spyware:Cookie/Belnk Not disinfected H:\91705_desktopbackupforreload\Nathan\Cookies\nathan@belnk[2].txt
Spyware:Cookie/Belnk Not disinfected H:\91705_desktopbackupforreload\Nathan\Cookies\nathan@dist.belnk[1].txt
Spyware:Cookie/OfferOptimizer Not disinfected H:\91705_desktopbackupforreload\Nathan\Cookies\nathan@offeroptimizer[1].txt
Spyware:Cookie/Target Not disinfected H:\91705_desktopbackupforreload\Nathan\Cookies\nathan@target[2].txt
Spyware:Cookie/360i Not disinfected H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt[.ct.360i.com/]
Spyware:Cookie/Seeq Not disinfected H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt[.seeq.com/]
Spyware:Cookie/Seeq Not disinfected H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt[www48.seeq.com/]
Spyware:Cookie/Maxserving Not disinfected H:\WorkLaptop\NHARWOOD\Application Data\Mozilla\Firefox\Profiles\zx0zerym.default\cookies.txt[.maxserving.com/]
Spyware:Cookie/Atwola Not disinfected H:\WorkLaptop\NHARWOOD\Cookies\nharwood@atwola[2].txt
Spyware:Cookie/Belnk Not disinfected H:\WorkLaptop\NHARWOOD\Cookies\nharwood@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected H:\WorkLaptop\NHARWOOD\Cookies\nharwood@dist.belnk[1].txt
Spyware:Cookie/Screensavers Not disinfected H:\WorkLaptop\NHARWOOD\Cookies\nharwood@i.screensavers[1].txt
Spyware:Cookie/Target Not disinfected H:\WorkLaptop\NHARWOOD\Cookies\nharwood@target[2].txt



And finally my latest HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 6:46:27 PM, on 1/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Saitek\Software\Profiler.exe
C:\Program Files\Saitek\Software\SaiSmart.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\FRAPS\FRAPS.EXE
C:\Program Files\Belkin\Nostromo\nost_LM.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\NielsenNetratings\bin\insight.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\hjt\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8010
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;setup.msn.com;memberservices.msn.com
O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Logitech Desktop Messenger] C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Nathan\NewVersion\setup-8876480.exe /NoIntervention
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Loadout Manager.lnk = C:\Program Files\Belkin\Nostromo\nost_LM.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Nielsen NetRatings.lnk = C:\Program Files\NielsenNetratings\bin\insight.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.dotphoto.com/DPImageUploader.cab
O18 - Protocol: bw+0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8B36A163-438E-459F-8577-90F500FB30A7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe



I look forward to your response!
__________________
Regards,

Nathan
Last edited by SwingWing; 01-25-2007 at 05:55 PM.
SwingWing is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-25-2007, 06:18 PM   #7 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 27,038
OS: WinXP and Vista


Well done, Nathan.

I won't know if you had the Wareout infection until I see that report.

You may want to print out or copy these instructions to Notepad and save them to your desktop for reference as you will not have any browsers open while carrying out the following:

*****************************************************

Close any open browsers.

*****************************************************

Open HijackThis and click on 'Do a System Scan Only'. 'Check' the following entries:

O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - (no file)

Fix all of those Logitech O18 entries except the very first one and the very last one. Leave those 2 entries intact.


Click 'Fix Checked' and close HijackThis.

--------------------------------------------------------------------

Clear Mozilla Firefox cookies:
Open the Mozilla Browser, (you do not need to be online to do this) Click Tools>Options>Privacy>Cookies>Clear

-----------------------------------

Clear your Internet Explorer7 cookies.

* Click on the Start button, then >Control Panel>Internet Options>General tab
* Under Browsing History, click on Delete.
* In the Delete Browsing History box that opens, click on Delete cookies

-----------------------------------

The above will clear all cookies. If you'd rather not clear all, then you can delete the cookies individually by following the paths of those reported in the Panda scan or by scanning with AVG A-S.

-----------------------------------

Please post the log that was produced by the FixWareout tool. It can be found at C:\fixwareout\report.txt
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-25-2007, 06:41 PM   #8 (permalink)
Registered User
 
Join Date: Jan 2007
Location: Nashville, TN
Posts: 12
OS: Vista Enterprise, XP Home


Done.



Fixwareout
Last edited 1/14/2006
Post this report in the forums please
...
Prerun check
»»»»» HKLM run and Winlogon System values
C:\WINDOWS\system32\kdnuo.exe will be moved to C:\WINDOWS\temp\kdnuo.ren at reboot.
»»»»» System restarted
...
Reg Entries that were deleted
...
Random Runs removed from HKLM
...

PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

»»»»» Searching by size/names...

»»»»»
Search five digit cs, dm kd and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal

Other suspects.

»»»»» Misc files.

»»»»» Checking for older varients covered by the Rem3 tool.

»»»»» Postrun check
»»»»» HKLM run
»»»»» Winlogon System value
"system"=""
»»»»»
__________________
Regards,

Nathan
SwingWing is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-25-2007, 06:45 PM   #9 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 27,038
OS: WinXP and Vista


Thanks--and yes, you chose the correct tool.

I see no leftover files in that log, so if there aren't any more problems with your system, you should be all set.

Just some final housekeeping to tend to as well as suggestions for prevention.

Your logs are clean. If there aren't any more problems, please continue with these final instructions and helpful links.

Create a new System Restore point
Click Start >> Run - type SYSDM.CPL & press Enter
* Select the System Restore Tab
* Tick on the checkbox - "Turn off System Restore on all drives"
Click Apply
* Then untick the same checkbox & click OK
This will prevent any reinfection from previous restore points.

To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:


Download SpywareBlaster 3.5.1 to help prevent spyware from installing in the first place. Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items.

Download Spyware Guard to catch and block spyware before it can execute.

Download IE-SPYAD.EXE to block access to malicious websites so you cannot be redirected to them from an infected site or email. IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impairs attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. This is a self-extracting .ZIP file, save it to your desktop. Once downloaded, double-click on it to extract the files inside (default dir is C:\IE-SPYAD)
  • Now navigate to C:\ie-spyad. Double click to open it.
  • From within the folder, double-click install.bat
  • Select Option #2 - Install the new IE-SPYAD list, by typing 2
  • Then return to the main menu.
  • Select option #4 - Add the old porn sites domain, by typing 4

Update all these programs regularly. Without regular updates you will not be protected when new malicious programs are released.

In light of your recent issue, I'm sure you'll like to avoid any future infections. Please take a look at these well written articles:

PC Safety and Security--What Do I Need?

HOW DID I GET INFECTED IN THE FIRST PLACE? by Tony Klein
THE ANTI-SPYWARE TUTORIAL
MAKING INTERNET EXPLORER SAFER
Understanding and Using Firewalls


**Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.

Follow this list and your potential for being infected again will reduce dramatically.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-25-2007, 07:07 PM   #10 (permalink)
Registered User
 
Join Date: Jan 2007
Location: Nashville, TN
Posts: 12
OS: Vista Enterprise, XP Home


Thank you very much for all your help. I have already downloaded and installed / performed your preventative suggestions.

One question, when I installed Spyware Guard it would only update to a file definition of 1/22/04. Program version 2.2.. Is it supposed to be that old?
__________________
Regards,

Nathan
SwingWing is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-25-2007, 07:22 PM   #11 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 27,038
OS: WinXP and Vista


You're welcome, Nathan.

Yes, that is the last update to SpywareGuard
Quote:
The reason for less frequent updates with SpywareGuard is that much of its detection abilities are heuristics in nature. (Basically this means it doesn't need a specific signature for every spyware it catches, simply an overall pattern or approach-used, which it can identify and then trigger off of.) So, SpywareGuard works for many of the newer versions of the same spyware installers even without adding "signatures" for them.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 01-25-2007, 07:32 PM   #12 (permalink)
Registered User
 
Join Date: Jan 2007
Location: Nashville, TN
Posts: 12
OS: Vista Enterprise, XP Home


Resolved! Thanks a bunch!
__________________
Regards,

Nathan
SwingWing is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
 

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 09:23 PM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85