Constant Pop-ups; Elitenrv; PokaPoka

Jitensha · Sep 3, 2005

Hello, I appreciate all that you do for people here. Here's my problem. I've gotten popups in the past, and most of the time, I am able to get rid of them. Lately, however, they seem to be taking over my computer. I stopped using IE ages ago, and have been exlusively using Mozilla, unless a particular site does not support it. Most of my popups are from IE, it seems, however. This evening, a box kept popping up with the title" Elitenrv32.exe, and requested that I put a disk into a drive that doesn't exist. I followed everything in the "please read before posting..." thread, and something called pokapoka seems to have showed up at some point as well. here is the result log from the hijack analyzer:

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 8/4/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 11:52:57 PM, on 9/2/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
C:\WINDOWS\etb\pokapoka65.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

http://www.sony.com/vaiopeople
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/");

(C:\Documents and Settings\Owner\Application

Data\Mozilla\Profiles\default\h74a3kml.slt\prefs.js)
O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} -

C:\WINDOWS\System32\awvvu.dll
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"

/Stationary
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail

Notifier\G001-1.0.25.0\gnotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop

Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [lsass] C:\windows\system32\elitemav32.exe
O4 - HKLM\..\Run: [System service65] C:\WINDOWS\etb\pokapoka65.exe
O4 - Global Startup: Remocon Driver.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) -

http://esupport.sony.com/EN/mdldetect/VaioInfo.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -

http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation

Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?111

5769909156
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -

http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) -

http://www.vzwpix.com/activex/VerizonWirelessUploadControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -

http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -

http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - Winlogon Notify: awvvu - C:\WINDOWS\System32\awvvu.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O23 - Service: AVG6 Service (AvgServ) - Unknown owner - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe

(file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner -

%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -

C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation -

C:\Program Files\Common Files\Sony Shared\VAIO

Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) -

Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP)

- Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe"

/Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\So
ny Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file

missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP)

- Sony Corporation - C:\Program Files\Sony\vaio media integrated

server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner

- C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe"

/Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Med
ia Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway

Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown

owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe"

/Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server
(file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown

owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe"

/Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\
VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony

Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe

End of KRC HijackThis Analyzer Log.
====================================================================

Thank you in advance for any help you can offer.

POADB · Sep 3, 2005

Your log is very difficult to read.

Kindly turn off the word wrap feature in your text editor.
With notepad, this can be done by going to Format -> untick "Word Wrap".

Jitensha · Sep 3, 2005

All Apologies:

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 8/4/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 11:52:57 PM, on 9/2/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
C:\WINDOWS\etb\pokapoka65.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\h74a3kml.slt\prefs.js)
O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\System32\awvvu.dll
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [lsass] C:\windows\system32\elitemav32.exe
O4 - HKLM\..\Run: [System service65] C:\WINDOWS\etb\pokapoka65.exe
O4 - Global Startup: Remocon Driver.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/EN/mdldetect/VaioInfo.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1115769909156
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) - http://www.vzwpix.com/activex/VerizonWirelessUploadControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - Winlogon Notify: awvvu - C:\WINDOWS\System32\awvvu.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O23 - Service: AVG6 Service (AvgServ) - Unknown owner - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\So
ny Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Med
ia Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server
(file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\
VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe

End of KRC HijackThis Analyzer Log.
====================================================================

POADB · Sep 3, 2005

Unfortunatley Eliteum/PokaPoka isn't your only problem. You have Vundo Trojan - and we'll concentrate on removing that first, before we takcle the rest.

Please print these instructions out for use in Safe Mode.

Please download VundoFix.exe to your desktop.

Double-click VundoFix.exe to extract the files.
After the files are extracted, please reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.
Once in safe mode open the VundoFix folder and doubleclick on KillVundo.bat
Please type the following file path (make sure to enter it exactly as below!):
- C:\Filepath\file.dll
Press Enter, then press the F6 key, then press Enter one more time to continue with the fix.
The fix will run then HijackThis will open.
In HiJackThis, please place a check next to the following items and click FIX CHECKED:
- enter hjt items here
After you have fixed these items, close Hijackthis and Press any key to Force a reboot of your computer.
Pressing any key will cause a "Blue Screen of Death" this is normal, do not worry!
Once your machine reboots please continue with the instructions below.

Download and install CleanUp!

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):

Empty Recycle Bins
Delete Cookies
Delete Prefetch files
Cleanup! All Users

Click OK
Press the CleanUp! button to start the program.

It may ask you to reboot at the end, click NO.

Then, please run this online virus scan: ActiveScan

Copy the results of the ActiveScan and paste them here along with a new HiJackThis log and the vundofix.txt file from the vundofix folder into this topic.

Jitensha · Sep 3, 2005

I seem to have a problem- when I boot up in safe mode, nothing shows up on my screen - it is simply black. I can't see any icons at all.

POADB · Sep 3, 2005

Are you sure you're doing it right?

REBOOT TO SAFE MODE

Restart the computer. The computer begins processing a set of instructions known as BIOS.
As soon as the BIOS has finished loading, begin tapping the F8 key on your keyboard.
Continue to do so until the 'Windows Advanced Options' menu appears.
Using the arrow keys on the keyboard, scroll to and select the menu item - Safe Mode.

Jitensha · Sep 3, 2005

Additionally, you seem to have given me no filepaths to type in, but rather a generic placeholder.

POADB · Sep 3, 2005

My fault.. editting error :grin:

Skip the references to HJT - i'll attack those after we remove Vundo.

Thanks..

Jitensha · Sep 3, 2005

:tongue:

typing this: C:\Filepath\file.dll does nothing. FYI.

:sayno:

POADB · Sep 3, 2005

So when you run KillVundo.bat - what happens?

Actually... are we in Safe Mode yet? you should be trying to work from Safe Mode :laugh:.

Jitensha · Sep 3, 2005

lol, I ran it in safe mode, and the filepath C:\Filepath\file.dll did nothing. It looks like a generic one, shouldn't I be putting in an actual filepath?

:laugh:

sUBs · Sep 3, 2005

This is the filepath you should be using - C:\WINDOWS\System32\awvvu.dll

Jitensha · Sep 3, 2005

Lots of problems. When I ran the KillVundo.bat, and inserted the filepath, it said that I had no programs that would open it. I pressed Ok a few times to no avail, and then canceled. Hijack this opened, and then my computer rebooted on its own.

I tried to download CleanUp! and it wouldn't let me - said I was not authorized.

:deveous:

Jitensha · Sep 4, 2005

OK, I found a valid link to cleanup! from another thread. Ran that, and tried to run ActiveScan 3 times, but each time something made my computer spontaneously restart.

That being said, here are my most recent hijackthis logs, as well as the vundofix.txt file:

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 8/4/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 7:25:01 PM, on 9/3/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
C:\WINDOWS\etb\pokapoka65.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\h74a3kml.slt\prefs.js)
O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\System32\awvvu.dll
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [lsass] C:\windows\system32\elitemav32.exe
O4 - HKLM\..\Run: [System service65] C:\WINDOWS\etb\pokapoka65.exe
O4 - Global Startup: Remocon Driver.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/EN/mdldetect/VaioInfo.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1115769909156
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) - http://www.vzwpix.com/activex/VerizonWirelessUploadControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - Winlogon Notify: awvvu - C:\WINDOWS\System32\awvvu.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O23 - Service: AVG6 Service (AvgServ) - Unknown owner - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\So
ny Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Med
ia Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server
(file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\
VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe

End of KRC HijackThis Analyzer Log.
====================================================================

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 [email protected]
Suspending PID 212 'smss.exe'
Threads [216][220][224]

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 [email protected]
Error, Cannot find a process with an image name of explorer.exe

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 [email protected]
Error, Cannot find a process with an image name of rundll32.exe

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 [email protected]
Killing PID 284 'winlogon.exe'
Killing PID 284 'winlogon.exe'
Error 0x5 : Access is denied.

Could not delete file.

MicroBell · Sep 4, 2005

Ok....lets try this again. Skip the tools you already have that I list below but run them when indicated in the fix.

Before attacking an adware/spyware problem with hijackthis make sure you have already run the following tools. Download and update the databases on each program before running.

Ad-Aware® SE Personal Edition
*Note* For Ad-AwareSE also install the VX2 Addon Cleaner To run this tool once Adaware is updated click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK" , then, if something is found, click "Clean" as in the directions given. Click "Close", and exit Ad-Aware.
Spybot Search & Destroy
CWShredder

Also make sure you are using the the latest version (1.99.1) of HijackThis and it's installed in it's own folder on the root drive. (C:\HJT)

Go to My Computer->Tools->Folder Options->View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing/visible.

Please make sure system restore is enabled by right clicking on My Computer and go to Properties->System Restore and check the box for Turn OFF System Restore and make sure it’s NOT checked. We want system restore ON and monitoring your current hard drive. Once your clean we will turn this off and then back on to remove the infection from the restore folder and create a clean restore point.

Download, install, and update Ewido Security Suite

Install ewido security suite
Launch ewido, there should be a big E icon on your desktop, double-click it.
The program will prompt you to update click the OK button
The program will now go to the main screen

You will need to update ewido to the latest definition files.

On the left hand side of the main screen click update
Click on Start

The update will start and a progress bar will show the updates being installed.
After the updates are installed, exit Ewido

Open add/remove programs and remove Viewpoint.

STEP 1
=============

Download LQfix.exe and place it on your desktop.

Doubleclick LQfix.exe and click install.
This will create a new folder called LQfix on your desktop.
Open the folder and doubleclick ClickThis.bat
Follow the prompts on the screen.
Your system will reboot afterwards.
Please be patient after reboot, because there is a script running in the background.

STEP 2
===============

Please print these instructions out for use in Safe Mode.

Please download VundoFix.exe to your desktop.

Double-click VundoFix.exe to extract the files.
After the files are extracted, please reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.
Once in safe mode open the VundoFix folder and doubleclick on KillVundo.bat
Please type the following file path (make sure to enter it exactly as below!):
- C:\WINDOWS\System32\awvvu.dll
Press Enter, then press the F6 key, then press Enter one more time to continue with the fix.
The fix will run then HijackThis will open.
In HiJackThis, please place a check next to the following items and click FIX CHECKED:
- O2 - BHO: MSEvents Object - {827DC836-DD9F-4A68-A602-5812EB50A834} - C:\WINDOWS\System32\awvvu.dll
  O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
  O20 - Winlogon Notify: awvvu - C:\WINDOWS\System32\awvvu.dll
After you have fixed these items, close Hijackthis and Press any key to Force a reboot of your computer.
Pressing any key will cause a "Blue Screen of Death" this is normal, do not worry!
Once your machine reboots please continue with the instructions below.

Step 3
===========

Reboot back to safe mode.

Run Ewido:

Click [Scanner]
Click [Complete System Scan] to begin scanning.
Click [OK] when prompted to clean files
With the first file it prompts to clean, select the option - "Perform action on all infections" - & choose clean and click [OK].
Once finished, click the [Save report] button
Save the report to your desktop

Close Ewido

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:

Empty Recycle Bins
Delete Cookies
Delete Prefetch files
[X]Scan local drives for temporary files (Please uncheck this option)
Cleanup! All Users

Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.

Once back to normal mode...

Then, please run this online virus scan: ActiveScan

Copy the results of the ActiveScan and paste them here along with a new HiJackThis log, the Ewido scan log, and the vundofix.txt file from the vundofix folder into this topic.

So I need...

Hijackthis log
Ewido log
Panda scan log
vundofix log

Jitensha · Sep 4, 2005

Alright, I've done everything up to LQfix. I know that you said to be patient with the reboot, but it's been about an hour now, and the only thing that has showed up on my screen is my desktop background. Sometimes my screensaver starts up, but nothing else has showed up. Is this supposed to happen, or should I restart and try running LQfix again? Or should I just be more patient? :sayno:

Thanks!

-Jit

POADB · Sep 4, 2005

Try running it again.

MicroBell · Sep 4, 2005

Do me a favor and disable your screensaver for now...and shut down anything thats running to make sure it's not being interfered with. If that fails..reboot into safe mode and run it.

Jitensha · Sep 5, 2005

Hijackthis log:

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 8/4/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 5:11:01 PM, on 9/4/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\h74a3kml.slt\prefs.js)
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Global Startup: Remocon Driver.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/EN/mdldetect/VaioInfo.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1115769909156
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) - http://www.vzwpix.com/activex/VerizonWirelessUploadControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O23 - Service: AVG6 Service (AvgServ) - Unknown owner - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\So
ny Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Med
ia Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server
(file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\
VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe

End of KRC HijackThis Analyzer Log.
====================================================================

Ewido log:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 4:14:32 PM, 9/4/2005
+ Report-Checksum: 6CB7FD30

+ Scan result:

C:\asdf.exe -> TrojanDownloader.Small.bhf : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.158:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.240:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.241:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.242:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.243:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.244:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.245:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.250:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.251:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.252:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.254:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.259:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.263:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.268:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.271:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.272:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.273:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.274:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.275:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.276:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.277:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.287:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.289:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.290:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.291:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.333:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.334:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.335:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.336:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.337:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.338:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.343:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.344:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.345:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.346:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.347:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.356:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
:mozilla.359:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.378:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.385:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.386:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.387:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.388:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.400:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.408:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.409:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.412:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.413:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.414:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.415:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.416:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.446:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.458:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.459:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.494:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.562:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.563:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.564:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.565:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.566:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.597:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.598:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.599:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.600:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.601:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.603:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.604:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.605:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.606:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.607:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.609:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.610:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.611:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.612:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.613:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.643:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.644:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.646:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.656:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.657:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.658:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.659:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.660:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.661:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.681:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
:mozilla.682:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
:mozilla.709:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.710:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.773:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.784:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.785:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.786:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.787:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.788:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.789:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.790:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.791:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.792:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.793:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.794:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.795:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.796:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.797:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.798:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.799:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.800:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.801:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.802:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.803:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.804:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.805:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.806:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.807:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.808:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.809:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.810:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.811:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.812:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.813:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.814:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.815:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.816:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.817:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.818:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.819:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.820:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.821:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.822:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.823:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.824:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.825:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.826:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.827:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.828:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.829:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.830:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.831:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.832:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.833:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.834:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.836:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.837:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.838:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.839:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.840:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.841:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.842:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.843:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.844:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.845:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.846:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.847:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.848:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.849:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.850:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.853:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.854:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.877:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.878:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.879:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.880:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.882:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.910:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.915:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.916:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.917:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.918:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.923:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.926:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.930:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.931:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.932:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.958:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\1mbdjeup.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\time.class-50c9903d-1473856f.class -> TrojanDownloader.Small.bhf : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temp\12E.tmp -> Spyware.Virtumonde : Cleaned with backup
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\OX6TI9AB\protector[1].exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\Program Files\Netscape\Netscape\Plugins\npwthost.dll -> Spyware.WildTangent : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\876O7RR2\protector[1].exe -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\876O7RR2\silent_setup[1].exe -> Spyware.EliteBar : Cleaned with backup
C:\WINDOWS\system32\ddcyx.dll -> TrojanDownloader.ConHook.i : Cleaned with backup
C:\WINDOWS\Temp\ASHeuristic\ELITEMAV32.EXE.vir -> Spyware.Hijacker.Generic : Cleaned with backup

::Report End

Panda Scan Log:

Incident Status Location

Adware:adware/savenow No disinfected C:\PROGRAM FILES\Save
Adware:adware/elitebar No disinfected C:\DOCUMENTS AND SETTINGS\OWNER\FAVORITES\Casino & Carrers
Adware:adware/cws No disinfected C:\DOCUMENTS AND SETTINGS\OWNER\FAVORITES\Living
Hacktool:Hacktool/HideItX No disinfected C:\Documents and Settings\Owner\My Documents\My Music\Adobe After Effects 6.5 crack.zip[Adobe After Effects 6.5 crack.msi][unk_0018][Win32k.exe]

vundofix log:

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 [email protected]
Suspending PID 212 'smss.exe'
Threads [216][220][224]

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 [email protected]
Error, Cannot find a process with an image name of explorer.exe

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 [email protected]
Error, Cannot find a process with an image name of rundll32.exe

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 [email protected]
Killing PID 288 'winlogon.exe'
Killing PID 288 'winlogon.exe'
Error 0x5 : Access is denied.

File Deleted sucessfully.

MicroBell · Sep 5, 2005

Much better. Reboot into safe mode...

Open add/remove programs and remove Save/SaveNow or any WhenU entrys if listed.

Now delete the following folders...

C:\PROGRAM FILES\Save

C:\DOCUMENTS AND SETTINGS\OWNER\FAVORITES\Casino & Carrers

C:\DOCUMENTS AND SETTINGS\OWNER\FAVORITES\Living

Run Cleanup again...but when asked to reboot select NO!

Run Ewido and save the log. Reboot back to normal mode and run another Panda scan. Post both the Panda scan and Ewido log.

*note* You need to use a program to control your cookies. Something like Cookiewall or CookieCruncher. Also you have an AVG6 entry in your log. AVG6 is no longer supported or updated.

Constant Pop-ups; Elitenrv; PokaPoka

Top Contributors this Month