Tech Support banner

Status
Not open for further replies.
1 - 7 of 7 Posts

·
Registered
Joined
·
36 Posts
Discussion Starter #1
my background has been totally hijacked, theres a background that says "SYSTEM STOPPED- system has been stopped due to a serious malfunction. spyware activity has been detected. it is recomended that you use spyware removal tool to prevent data loss." the message has been there for a little over a month and i cant change any desktop setting to get rid of it.

anyone know how to get rid of the wallpaper?
 

·
TSF Security Team, Emeritus
Joined
·
26,363 Posts
Download HiJackThis - this program will help us determine if there are any spyware/malware on your computer.
  1. Double-click on the file you just downloaded.
  2. Click on the "Unzip" button to install the newer version.
  3. It will by default install to the directory - C:\Program Files\HiJackThis\
  4. If it gives you an intro screen, just choose - Do a system scan and save a logfile.
  5. If you don't get the intro screen, just hit [Scan] and then click on Save log.
  6. Post the HiJackThis.log file here.
 

·
Registered
Joined
·
36 Posts
Discussion Starter #4
Log was analyzed using KRC HijackThis Analyzer - Updated on 9/28/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 11:07:58 AM, on 10/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
D:\Program Files\Microsoft Antispyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
D:\Program Files\Microsoft Antispyware\gcasDtServ.exe
C:\Program Files\Firefox CE\firefox.exe
C:\Documents and Settings\STEVE SHERIFF\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R3 - URLSearchHook: HyperSearchHook - {83B684FD-19E5-4775-AF0F-0F2A6B183F71} - [SABInprocServer32] (file missing)
O2 - BHO: CLSID Support Dll - {32978850-02C0-4F0F-A5E6-C22FB04423FC} - C:\WINDOWS\system32\clsidcore.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - HKLM\..\Run: [734f34h] nmewmi.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft Antispyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: Smart Wizard Wireless Settings.lnk = C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MT...4&04.00.09.13&unknown&unknown&http://thomasvi
lle.com/Products/product.asp?ItemID=777&Zoomview=On
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://homeivax.ivax.com/iNotes6.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.shockwave.com/content/feedingfrenzy/SproutLauncher.cab
O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} - http://ds1.downloadtech.net/cn1060/pcpowerscan.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5CBD1E9-D10F-49BB-839D-CBB913A9FB54}: NameServer = 205.152.144.23,205.152.132.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2F54F34-2BAB-49B5-BA5C-E7232A149FB3}: NameServer = 205.152.144.23,205.152.132.23
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Super Ad Blocker Service (SABSVC) - Unknown owner - D:\Program Files\SABSVC.EXE (file missing)


End of KRC HijackThis Analyzer Log.
====================================================================
 

·
TSF Security Team, Emeritus
Joined
·
26,363 Posts
Hello and Welcome to TSF!

Please subscribe to this thread to get immediate notification of fixes as soon as they are posted.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Please download these additional files/programs. Do not run them unless instructed to do so.
Unless otherwise stated, they should be stored in same directory as the HiJackThis program.

smitRem.exe - extract it to it's own folder.

CleanUp!.exe - Install

Ewido Security Suite
  • Install Ewido Security Suite
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.
  • On the left hand side of the main screen click update.
  • Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.


'UNPLUG'/DISCONNECT YOUR COMPUTER FROM THE INTERNET WHEN YOU HAVE FINISHED DOWNLOADING


This webpage would not be available when you're carrying out the fix. Please save the following instructions in Notepad. I have customed my instructions on the assumption that you are using Notepad. It may lead to some confusion should you choose to do otherwise.

If there's anything that you don't understand, kindly ask your questions before proceeding with the fixes. There should not be any opened browsers when you are carrying out the procedures below.


IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Next, reboot your computer in SafeMode :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
  • Instead of Windows loading as normal, a menu should appear
  • Select the first option, to run Windows in Safe Mode.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


From Control Panel->Add/Remove Programs, uninstall the following programs, if present, :
  • ViewPoint

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


With HiJackThis & place a check next to these items and select "Fix checked":

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
R3 - URLSearchHook: HyperSearchHook - {83B684FD-19E5-4775-AF0F-0F2A6B183F71} - [SABInprocServer32] (file missing)
O2 - BHO: CLSID Support Dll - {32978850-02C0-4F0F-A5E6-C22FB04423FC} - C:\WINDOWS\system32\clsidcore.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)
O4 - HKLM\..\Run: [734f34h] nmewmi.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MT...http://thomasvi
lle.com/Products/product.asp?ItemID=777&Zoomview=On
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab



* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


If you have not done so already, please enable the viewing of Hidden files
From Windows Explorer, go to Tools>Folder Options> View tab.
  • Tick - Show hidden files and folder
  • Untick - Hide file extensions for known types
  • Untick - Hide protected operating system files
Click Yes to confirm & then click OK

Locate and delete the following folders, if present:
  • C:\Program Files\Viewpoint\
Locate and delete the following files:
  • C:\WINDOWS\about.htm
    C:\WINDOWS\system32\clsidcore.dll
Search for & delete ... using Start> Search... the following files:
  • nmewmi.exe

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Run Cleanup! using the following configuration:

1. Click Options...
2. Set the slider to Standard CleanUp!
3. Uncheck the following:
  • Delete Newsgroup cache
    [*]Delete Newsgroup Subscriptions
    [*]Scan local drives for temporary files
4. Click OK
5. Press the CleanUp! button to start the program. Reboot/logoff when prompted.
* CleanUp! will not create any backups!!


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Run Ewido with it's updated definitions:(...it's important that all windows must be closed)
  • Click Scanner
  • Click Complete System Scan to begin scanning.
  • Click OK when prompted to clean files
With the first file it prompts to clean, select the option:
  • "Perform action on all infections"
  • .Choose clean and click OK.
Once finished, click the Save report button & save the report to your desktop

** Ewido scan would require at least an hour. I suggest that you go grab a cup of coffee & do something else while you wait for it to complete.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Next go to Control Panel click Display>Desktop>Customize Desktop>Website>Uncheck "Security Info" if present.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


REBOOT TO NORMAL MODE


Perform an online scan with Internet Explorer with Panda ActiveScan
  1. Click Scan your PC & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
  2. Click Scan Now
  3. Enter your e-mail address & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer
  • If it finds any malware, it will offer you a report.
  • Click on see report. Then click Save report
Post the contents of the report in your next reply

*You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
*Turn off the real time scanner of any existing antivirus program while performing the online scan



* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


In your next post, please include fresh copies of:
  • HiJackThis log
    [*] Online scan
    [*] Smitfiles.txt
    [*] Ewido's log
Let us know if any problems persist.
 

·
Registered
Joined
·
36 Posts
Discussion Starter #6
JHT

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 9/28/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 3:40:11 PM, on 10/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Documents and Settings\STEVE SHERIFF\Desktop\HJT\security suite\ewidoctrl.exe
D:\Program Files\Microsoft Antispyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
D:\Program Files\Microsoft Antispyware\gcasDtServ.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Firefox CE\firefox.exe
C:\Documents and Settings\STEVE SHERIFF\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - HKLM\..\Run: [734f34h] nmewmi.exe
O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft Antispyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [WinPatrol] d:\PROGRA~1\DOWNLO~1\DOWNLO~1\winpatrol.exe
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: Smart Wizard Wireless Settings.lnk = C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://homeivax.ivax.com/iNotes6.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.shockwave.com/content/feedingfrenzy/SproutLauncher.cab
O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} - http://ds1.downloadtech.net/cn1060/pcpowerscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5CBD1E9-D10F-49BB-839D-CBB913A9FB54}: NameServer = 205.152.144.23,205.152.132.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2F54F34-2BAB-49B5-BA5C-E7232A149FB3}: NameServer = 205.152.144.23,205.152.132.23
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: ewido security suite control - ewido networks - C:\Documents and Settings\STEVE SHERIFF\Desktop\HJT\security suite\ewidoctrl.exe
O23 - Service: Super Ad Blocker Service (SABSVC) - Unknown owner - D:\Program Files\SABSVC.EXE (file missing)


End of KRC HijackThis Analyzer Log.
====================================================================

The current date is: Sun 10/16/2005
The current time is: 14:40:14.96

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Install.dat


~~~ Favorites ~~~



~~~ system32 folder ~~~

wp.bmp
logfiles


~~~ Icons in System32 ~~~



~~~ Windows directory ~~~

desktop.html


~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Remaining Post-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~ Miscellaneous Files/folders ~~~




~~~ Wininet.dll ~~~

CLEAN! :)

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 2:38:42 PM, 10/16/2005
+ Report-Checksum: 872425A5

+ Scan result:

HKLM\SOFTWARE\AKSoft -> Spyware.AkSoft : Cleaned with backup
HKLM\SOFTWARE\AKSoft\X-Tractor -> Spyware.AkSoft : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3f4d4f88-0198-4921-b630-957f3eb814e0} -> Spyware.Altnet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{83B684FD-19E5-4775-AF0F-0F2A6B183F71}\{8853F881-81B6-4049-9AFF-483A20184268}\\ClassObject -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{83B684FD-19E5-4775-AF0F-0F2A6B183F71}\{8853F881-81B6-4049-9AFF-483A20184268}\\ProductID -> Spyware.HyperBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD}\ProxyStubClsid32\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{CE9B37EC-D243-47A2-83DB-3A8350175193}\ProxyStubClsid32\\ -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX\CLSID\\ -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX.1\CLSID\\ -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\PSguard.com -> Spyware.PSGuard : Cleaned with backup
HKLM\SOFTWARE\PSguard.com\PSGuard -> Spyware.PSGuard : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-90F0-F66AB581A933} -> Spyware.MyWebSearch : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFF5092F-7172-4018-827B-FA5868FB0478} -> Spyware.ZToolbar : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-90F0-F66AB581A933} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFF5092F-7172-4018-827B-FA5868FB0478} -> Spyware.ZToolbar : Cleaned with backup
:mozilla.7:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.8:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.23:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.24:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.25:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.26:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.27:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.30:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.31:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.32:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.34:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.45:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.46:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.47:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.48:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.49:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.50:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.51:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.52:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.53:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.55:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.68:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.69:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.70:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.71:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.72:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.73:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.74:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.75:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.76:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.78:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.79:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.80:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.81:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.82:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.83:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.84:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.85:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.86:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.87:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.88:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.89:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.90:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.91:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.92:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.93:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.94:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.95:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.96:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.97:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.98:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.99:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.100:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.101:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.102:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.103:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Paypopup : Cleaned with backup
:mozilla.112:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
:mozilla.113:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.114:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.115:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.116:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.117:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.118:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.119:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.120:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.131:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.132:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.133:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.134:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.135:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.136:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.137:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.138:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.139:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.140:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.141:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.142:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.143:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.144:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.145:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.146:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.147:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.148:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.149:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.150:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.151:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.152:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.153:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.154:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.155:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.156:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.157:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.158:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.159:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.160:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.161:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.162:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.163:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.164:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.165:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.166:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.167:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.168:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.171:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.172:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.173:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.174:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.175:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.176:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.177:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.178:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.179:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.180:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.181:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.183:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.187:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.188:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.189:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.192:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.193:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.194:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.196:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.202:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.203:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.204:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.205:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.214:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.215:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.217:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.218:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.219:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.220:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.221:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.222:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.223:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.224:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.225:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.227:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.228:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.229:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.230:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.231:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.232:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.233:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.234:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.242:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.246:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.247:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.248:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.249:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.276:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.286:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.287:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.288:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.289:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.290:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.291:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.292:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.293:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.294:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.295:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.298:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.300:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.301:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.304:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.305:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.311:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.312:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.313:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.327:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.328:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.329:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.330:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.331:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.332:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.333:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.334:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.337:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Adtrak : Cleaned with backup
:mozilla.338:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Adtrak : Cleaned with backup
:mozilla.339:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Popuptraffic : Cleaned with backup
:mozilla.340:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Popuptraffic : Cleaned with backup
:mozilla.341:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Popuptraffic : Cleaned with backup
:mozilla.342:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Popuptraffic : Cleaned with backup
:mozilla.346:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.359:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.360:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.361:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.365:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.366:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.367:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.369:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.378:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.380:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.381:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.382:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.383:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.390:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.391:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.392:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.393:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.411:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.413:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.420:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup
:mozilla.421:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup
:mozilla.422:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup
:mozilla.423:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Adviva : Cleaned with backup
:mozilla.424:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
:mozilla.429:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.440:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.442:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.443:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.469:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.470:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.471:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.472:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.473:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.474:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.475:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.480:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.496:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.497:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.498:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.499:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.514:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.517:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.536:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.550:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.592:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.593:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.597:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.598:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.605:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.606:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.619:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
:mozilla.622:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.645:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.646:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.647:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.648:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.659:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.707:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.733:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.742:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
:mozilla.743:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
:mozilla.744:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
:mozilla.745:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
:mozilla.746:C:\Documents and Settings\STEVE SHERIFF\Application Data\Mozilla\Firefox\Profiles\rczp7x7j.mike\cookies.txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard\Quarantine -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\HKCU -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\HKCU\RunOnce -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\HKLM -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\HKLM\RunOnce -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\StartMenuAllUsers -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard\Quarantine\Autorun\StartMenuCurrentUser -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard\Quarantine\BrowserObjects -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Application Data\PSGuard.com\PSGuard\Quarantine\Packages -> Spyware.PSGuard : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Desktop\HJT\backups\backup-20051016-132540-598.dll -> Spyware.MediaBack : Cleaned with backup
C:\Documents and Settings\STEVE SHERIFF\Desktop\HJT\backups\backup-20051016-132541-291.dll -> Not-A-Virus.PornWare.PopCap.b : Cleaned with backup
C:\WINDOWS\system32\msqdev.exe -> Spyware.Hijacker.Generic : Cleaned with backup


::Report End





Incident Status Location

Adware:adware/powerscan No disinfected C:\WINDOWS\SYSTEM32\intrigue.dll
Adware:adware/ist.istbar No disinfected C:\PROGRAM FILES\COMMON FILES\Totem Shared
Adware:adware/spywareno No disinfected Windows Registry
Dialer:dialer.bqw No disinfected HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\CONC
Spyware:spyware/altnet No disinfected Windows Registry
Adware:Adware/Startpage.AAI No disinfected C:\WINDOWS\system32\oemsup.exe
 

·
TSF Security Team, Emeritus
Joined
·
26,363 Posts
Have Hijackthis fix this entry:

O4 - HKLM\..\Run: [734f34h] nmewmi.exe


Then, locate & delete these files/folders:

C:\WINDOWS\SYSTEM32\intrigue.dll
C:\PROGRAM FILES\COMMON FILES\Totem Shared
C:\WINDOWS\system32\oemsup.exe



Reboot & post a new HJT log
Let me know if you still have issues with your computer.
 
1 - 7 of 7 Posts
Status
Not open for further replies.
Top