Tech Support Forum banner
Cancel

Please Check my log

Jump to Latest Follow
Status
Not open for further replies.
1 - 4 of 4 Posts
E

· Registered
Joined
·
2 Posts
Discussion Starter · #1 · (Edited)
please check my log so i can remove ad.yieldmanager.com malware from my computer

Logfile of HijackThis v1.99.1
Scan saved at 5:55:08 PM, on 9/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\tcpIQ\Line Speed Meter\LineSpeedMeter.exe
C:\Program Files\LogMeIn\LogMeInSystray.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\WINDOWS\system32\?ystem32\regedit.exe
C:\Program Files\trus\astr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Internet Explorer Proxy Monitor\ieprxmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.iprimus.com.au
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_AU&c=Q105&bd=presario&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.iprimus.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by iPrimus
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.tpg.com.au:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.1.254;<local>
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\PROGRA~1\Browster\Browster.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: ninemsn Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-au\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: ninemsn Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-au\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Line Speed Meter V3.0] C:\Program Files\tcpIQ\Line Speed Meter\LineSpeedMeter.exe -minimized
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\LogMeInSystray.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [Wrotx] C:\WINDOWS\system32\?ystem32\regedit.exe
O4 - HKCU\..\Run: [Tbsa] C:\Program Files\trus\astr.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Internet Explorer Proxy Monitor.lnk = C:\Program Files\Internet Explorer Proxy Monitor\ieprxmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &ninemsn Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-au\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Browster Prefetch On/Off - res://C:\PROGRA~1\Browster\Browster.dll/CustomPrefetchMenu.htm
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-au\msntabres.dll/229?935f090e6a124bf886e86b19f7dd14a
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-au\msntabres.dll/230?935f090e6a124bf886e86b19f7dd14a
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.iprimus.com.au
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
 
MicroBell

· TSF Security Team, Emeritus
Joined
·
6,969 Posts
#2 ·
Please DISABLE spybot's teatimer and LEAVE IT OFF until the fix is complete!

Hi and Welcome to TSF

Before attacking an adware/spyware problem with hijackthis make sure you have already run the following tools. Download and update the databases on each program before running.

Also make sure you are using the the latest version (1.99.1) of HijackThis and it's installed in it's own folder on the root drive. (C:\HJT)

Go to My Computer->Tools->Folder Options->View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing/visible.
Please make sure system restore is enabled by right clicking on My Computer and go to Properties->System Restore and check the box for Turn OFF System Restore and make sure it’s NOT checked. We want system restore ON and monitoring your current hard drive. Once your clean we will turn this off and then back on to remove the infection from the restore folder and create a clean restore point.

Download and install CleanUp! but do not run it yet.

*NOTE* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups.

Download, install, and update Ewido Security Suite
  • Install ewido security suite
  • Launch ewido, there should be a big E icon on your desktop, double-click it.
  • The program will prompt you to update click the OK button
  • The program will now go to the main screen
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Click on Start
The update will start and a progress bar will show the updates being installed.
After the updates are installed, exit Ewido


Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one IF they are still listed (they shouldn't be but make sure)

C:\WINDOWS\system32\?ystem32\regedit.exe
C:\Program Files\trus\astr.exe

Check and fix the following in HijackThis if they still exist (make sure you do not miss an entry)

O4 - HKCU\..\Run: [Wrotx] C:\WINDOWS\system32\?ystem32\regedit.exe
O4 - HKCU\..\Run: [Tbsa] C:\Program Files\trus\astr.exe

C:\WINDOWS\system32\?ystem32<--delete that folder

C:\Program Files\trus <--delete that folder

Run Ewido:
  • Click [Scanner]
  • Click [Complete System Scan] to begin scanning.
  • Click [OK] when prompted to clean files
  • With the first file it prompts to clean, select the option - "Perform action on all infections" - & choose clean and click [OK].
  • Once finished, click the [Save report] button
  • Save the report to your desktop
Close Ewido

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
    [X]Scan local drives for temporary files (Please uncheck this option)
  • Cleanup! All Users
Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.

Once back to normal mode...

Please run an online scan at http://www.pandasoftware.com/activescan/com/activescan_principal.htm
Once it has finished save the activescan log. Then post that log in your next post along with the Ewido log and a new hijackthis log.
 
Save Share
E

· Registered
Joined
·
2 Posts
Discussion Starter · #3 ·
panda online scan results:
Detected Disinfected
Virus 0 0
Spyware 0 0
Hacking Tools 0 0
Dialers 0 0
Security Risks 0 0
Suspicious files 0 0

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 10:55:45 AM, 9/5/2005
+ Report-Checksum: C94DE85B

+ Scan result:

HKU\S-1-5-21-2854487018-1428224438-1202348424-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} -> Spyware.BargainBuddy : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.159:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.160:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.162:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.208:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
:mozilla.383:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.388:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.389:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.390:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.404:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.412:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.413:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.414:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.415:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.429:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Spinbox : Cleaned with backup
:mozilla.433:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.434:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.436:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.437:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.438:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.439:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.440:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.448:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.449:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.450:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.451:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.453:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.454:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
:mozilla.464:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.465:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Valuead : Cleaned with backup
:mozilla.466:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.494:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.495:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.496:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.534:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.535:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.536:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.537:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.538:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.542:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Clickhype : Cleaned with backup
:mozilla.565:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.566:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.567:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.569:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.584:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.605:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.606:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.609:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.610:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.611:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.612:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.613:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.660:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.661:C:\Documents and Settings\Dennis Manalo\Application Data\Mozilla\Firefox\Profiles\18ltecqj.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.247realmedia : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Clickhype : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][2].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][2].txt -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][2].txt -> Spyware.Cookie.Paycounter : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][2].txt -> Spyware.Cookie.Spinbox : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Trafic : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Dennis Manalo\Cookies\dennis [email protected][1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\RECYCLER\S-1-5-21-2854487018-1428224438-1202348424-1006\Dc20\regedit.exe -> Spyware.PurityScan : Cleaned with backup


::Report End

Logfile of HijackThis v1.99.1
Scan saved at 11:24:13 AM, on 9/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\tcpIQ\Line Speed Meter\LineSpeedMeter.exe
C:\Program Files\LogMeIn\LogMeInSystray.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Internet Explorer Proxy Monitor\ieprxmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.iprimus.com.au
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_AU&c=Q105&bd=presario&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.iprimus.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by iPrimus
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.tpg.com.au:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.1.254;<local>
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\PROGRA~1\Browster\Browster.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: ninemsn Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-au\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: ninemsn Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-au\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Line Speed Meter V3.0] C:\Program Files\tcpIQ\Line Speed Meter\LineSpeedMeter.exe -minimized
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\LogMeInSystray.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - Startup: Internet Explorer Proxy Monitor.lnk = C:\Program Files\Internet Explorer Proxy Monitor\ieprxmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &ninemsn Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-au\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Browster Prefetch On/Off - res://C:\PROGRA~1\Browster\Browster.dll/CustomPrefetchMenu.htm
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-au\msntabres.dll/229?935f090e6a124bf886e86b19f7dd14a
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-au\msntabres.dll/230?935f090e6a124bf886e86b19f7dd14a
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.iprimus.com.au
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
 
sUBs

· TSF Security Team, Emeritus
Joined
·
26,408 Posts
#4 ·
You seemed to have to have done the Panda scan incorrectly. Please re-do it using these instructions...

Perform an online scan with Internet Explorer with Panda ActiveScan
  1. Click [Scan your PC] & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
  2. Click [Scan Now]
  3. Enter your e-mail address & click [Scan Now] ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer
  • If it finds any malware, it will offer you a report.
  • Click on see report. Then click Save report
Post the contents of the report in your next reply

*You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
*Turn off the real time scanner of any existing antivirus program while performing the online scan
 
1 - 4 of 4 Posts
Status
Not open for further replies.
About this Discussion
3 Replies
3 Participants
Last post:
sUBs
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top